https://www.tavnets.com/security/Recent content in Security Focused Blogs on HomeHugo -- gohugo.ioenTavnets Security, LLC 2021Fri, 31 Mar 2023 15:55:53 -0400https://www.tavnets.com/security/api/Fri, 31 Mar 2023 15:55:53 -0400https://www.tavnets.com/security/api/API Security Checklist download Previous Next     Page: /https://www.tavnets.com/security/prisma_sase/Thu, 10 Nov 2022 19:51:23 -0500https://www.tavnets.com/security/prisma_sase/updated: 2023-02-23 Introduction Working on developing an SDK to leverage our orchestration internaly that will assist with auto security policy and deployment with the Palo Alto Prisma SASE project. Python Package GitHub Project - Prisma-Access-SASE python -m pip install prisma-access-saseSee Python Package Index for README.md docs and usage of package. See Test Python Package Index for current beta/alpha releases.https://www.tavnets.com/security/waf/Sun, 11 Sep 2022 19:55:58 -0400https://www.tavnets.com/security/waf/Overview What is a Web Application Firewall? A web application firewall (WAF) is a specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service. By inspecting HTTP traffic, it can prevent attacks exploiting a web application’s known vulnerabilities, such as SQL injection, cross-site scripting (XSS), file inclusion, and improper system configuration. 1 Many basic security measures are applied in a WAF are supported by the Open Web Application Security Project (OWASP) owasp.https://www.tavnets.com/security/cyber_mapping/Sun, 11 Sep 2022 14:27:13 -0400https://www.tavnets.com/security/cyber_mapping/updated: 2024-04-17 Description I came across this and find it very useful in a breakdown of all the different ways to reference security standards and where/how they are applied. I find this a lot easier to comprehend and digest than going through the CISSP in some circumstances. I’ll be uploading pieces of it as I find the best way to display the inforomation. Sections Include: Overview Risk Managment Network Security Access Management Application Security Data Security Operational Security BCDR Department of Defense Risk Mangement Framework Cloud Frameworks Container Security Application Container Security Guide See Also: RestAPI NOTE: Working on a cloud section.https://www.tavnets.com/security/dnsfirewall/Sat, 01 May 2021 13:06:43 -0400https://www.tavnets.com/security/dnsfirewall/Description: Set up a personal DNS Firewall. Overview: In working with Infoblox DNS BloxOne Deployment I got to thinking why not deploy this on my own network to get an inexpensive way to control DNS requests. Here I ended up deploying a Primary and Secondary DNS Bind9 Server running on physical and virtual Ubuntu Servers. I leverage ioc2rpz to sync community available RPZ’s then we leverage DNSCrypt-Proxy project configuring a local listener that will send Recursive DNS lookups using DNSoverHTTPS.