Improve Security Posture Software Development Life Cycle (SDLC) The requirement phase is used to capture all requirements from the customer and create the proper documentation.

Vulnerability Reports This document usually contains the following information: Vulnerability Type Severity System Explanation Walkthrough Recommendation Using a Standard template Vulnerability Severity common Vulnerability Scoring System Verison 3.

Static Application Security Testing (SAST) Static Application Security Testing (SAST) is a tool used to analyze application source code or compiled code to help identify possible security vulnerabilities.

Injection Best Practice Use Parameterized Queries - This is the best method in preventing SQL Injection because all variables are limited to the data type.

Top Security Failures Exposed Services: Anonymous access to Access Server with FTP Server. Unnecessary Accounts, Excessive Permissions: Guest accounts enabled with access to company file servers.

Packet Flow via OSI Layers The sender uses an FTP client like PuTTY to enter a remote host to connect. This happens at the application level.

Firewall Best Practices Establish access based on the organization’s needs and priorities. Determine who can get access. From where they can access.

Key Questions What is the importance of knowing what assets we have in our infrastructure? What system and third-party software are running in our assets?

Understanding around locating those trails on the affected systems build a complete image of the infection along with a timeline of events.

Linux Groups Linux Users Linux being a multi-user system, it can be used to create users in order to define the access levels and permission boundaries.