Security&Governance

Foreword: Apache’s mod_expries module automatically generates Express tags and Cache-Control tags in the header information of the page. The client browser determines according to the tag that the next visit is to fetch the page in the cache of the local machine, and does not need to make a request to the server again, thereby […]

Foreword: As the most commonly used web server, Apache uses the default configuration after deployment. Today, for different production environments, we need to make different optimization solutions, not only considering the stability of Apache, but also its security.

Still Under Writing… A Threat and Risk Assessment analyzes a software or hardware system for vulnerabilities, examines potential threats associated with those vulnerabilities, and evaluates the resulting security risks. A vulnerability is any “flaw or weakness in system security procedures, design, implementation, or internal controls that could be exercised (accidentally triggered or intentionally exploited) and

NIST Framework Components The Cybersecurity Framework consists of three main components: The Framework Core provides a set of desired cybersecurity activities and outcomes using common language that is easy to understand.   The Framework Implementation Tiers assist organizations by providing context on how an organization views cybersecurity risk management.  Framework Profiles are an organization’s unique alignment

Layered Security & Defense In Depth A layered approach to security can be implemented at any level of a complete information security strategy. Whether you are the administrator of only a single computer, accessing the Internet from home or a coffee shop, or the go-to guy for a thirty thousand user enterprise WAN, a layered

Security Architecture Roadmap

One of the most recent and wide-ranging laws impacting the security profession globally is the European Union’s General Data Protection Regulation, or GDPR. As of May 25, 2018, the GDPR is a legal and enforceable act of the European Union. In this post, we will detail the key findings as a security professional how to