Shiju John
Significance of Risk Management
Risk is always a factor incorporated in all the factors we see around, and business is never an exception. In our day-to-day life, risks...
top of page
Search
Shiju John
Cloudtrail Audit
This is another important phase in audit, where the auditor check if there are proper monitoring systems in place. It is an important...
Shiju John
Cloud-watch Audit
As an auditor we need to ensure that there are basic monitoring tools implemented for the EC2 instances. Cloud-watch is a dashboard based...
Shiju John
Auditing Networking/VPC
Another phase in the auditing process is the Network auditing which comprises of VPC network auditing in a cloud based environment. The...
Shiju John
Auditing the EC2 instances
Here in this phase of audit, the auditor would be auditing the infrastructure in the organization. The pre-requisite would be to...
Shiju John
IAM Audit in AWS
The first step in IAM audit is to ensure that the root (admin) user is having the proper and default security guidelines covered. AWS is...
Shiju John
Auditing in AWS
Auditing is an important phase which helps the organization to ensure that the standards are met within the environment. In a traditional...
Shiju John
Risk management in a manufacturing company - A real case study
I have been going through different articles and forums to have a better understanding on the IT risk management, and how it is done in...
Shiju John
Risk Management and process for IT service management environments
When new services are deployed in an ITSM (IT Service Management) environment, the process includes a major role in dealing with the...
Shiju John
Risks and attack vectors
Risk could be defined as the effect of uncertainty on objectives. The different types of risks that could arise are 1. Financial risk. 2....
Shiju John
Attack on Windows based machine
The below video demonstrates attack on a windows machine using an exe file and using a multi-handler.
Shiju John
Incident response - Change Management Process
The change management procedure should also be defined and documented with proper level of approvals. The actors in the change management...
Shiju John
Windows password cracking using Cain and Abel
‘Cain and Abel’ is a renowned tool for cracking the windows login passwords. In order to use this, the attacker need to get access to the...
Shiju John
Password cracking
This is the method which an attacker follows, in order to obtain the credentials. When attacker targets a windows machine, he/she first...
Shiju John
Network monitoring through Wireshark
Wireshark is used to monitor the network traffic. For the exercise, the monitoring is performed in my WIFI network, and the display...
Shiju John
Understanding Zenmap
Zenmap is a GUI version of Nmap. Let us perform different levels of scan through Zenmap.
Shiju John
NMAP
Understanding the subnetwork is the first process in an attack. The whole step followed for Nmap is in the screencast video. The steps...
Shiju John
Using COBIT 5 as a risk management framework and information security.
COBIT 5 is a robust framework which could incorporate the different phases and cases of an organization's IT affairs. Being said, COBIT...
Blog: Blog2
bottom of page