Shiju JohnSep 8, 20192 min readSignificance of Risk ManagementRisk is always a factor incorporated in all the factors we see around, and business is never an exception. In our day-to-day life, risks...
Shiju JohnAug 19, 20191 min readCloudtrail AuditThis is another important phase in audit, where the auditor check if there are proper monitoring systems in place. It is an important...
Shiju JohnAug 18, 20191 min readCloud-watch AuditAs an auditor we need to ensure that there are basic monitoring tools implemented for the EC2 instances. Cloud-watch is a dashboard based...
Shiju JohnAug 18, 20191 min readAuditing Networking/VPCAnother phase in the auditing process is the Network auditing which comprises of VPC network auditing in a cloud based environment. The...
Shiju JohnAug 18, 20191 min readAuditing the EC2 instancesHere in this phase of audit, the auditor would be auditing the infrastructure in the organization. The pre-requisite would be to...
Shiju JohnAug 12, 20192 min readIAM Audit in AWSThe first step in IAM audit is to ensure that the root (admin) user is having the proper and default security guidelines covered. AWS is...
Shiju JohnAug 12, 20191 min readAuditing in AWSAuditing is an important phase which helps the organization to ensure that the standards are met within the environment. In a traditional...
Shiju JohnAug 10, 20193 min readRisk management in a manufacturing company - A real case studyI have been going through different articles and forums to have a better understanding on the IT risk management, and how it is done in...
Shiju JohnAug 10, 20191 min readRisk Management and process for IT service management environmentsWhen new services are deployed in an ITSM (IT Service Management) environment, the process includes a major role in dealing with the...
Shiju JohnAug 6, 20193 min readRisks and attack vectorsRisk could be defined as the effect of uncertainty on objectives. The different types of risks that could arise are 1. Financial risk. 2....
Shiju JohnJul 5, 20191 min readAttack on Windows based machineThe below video demonstrates attack on a windows machine using an exe file and using a multi-handler.
Shiju JohnJul 5, 20191 min readHacking a wireless networkFollow the steps as in the below video to hack a WiFi network
Shiju JohnJul 5, 20191 min readIncident response - Change Management ProcessThe change management procedure should also be defined and documented with proper level of approvals. The actors in the change management...
Shiju JohnJun 15, 20191 min readWindows password cracking using Cain and Abel‘Cain and Abel’ is a renowned tool for cracking the windows login passwords. In order to use this, the attacker need to get access to the...
Shiju JohnJun 15, 20191 min readPassword crackingThis is the method which an attacker follows, in order to obtain the credentials. When attacker targets a windows machine, he/she first...
Shiju JohnJun 15, 20191 min readNetwork monitoring through WiresharkWireshark is used to monitor the network traffic. For the exercise, the monitoring is performed in my WIFI network, and the display...
Shiju JohnJun 15, 20191 min readUnderstanding ZenmapZenmap is a GUI version of Nmap. Let us perform different levels of scan through Zenmap.
Shiju JohnJun 15, 20191 min readNMAPUnderstanding the subnetwork is the first process in an attack. The whole step followed for Nmap is in the screencast video. The steps...
Shiju JohnJun 12, 20191 min readUsing COBIT 5 as a risk management framework and information security.COBIT 5 is a robust framework which could incorporate the different phases and cases of an organization's IT affairs. Being said, COBIT...
