The Rijndael Encryption Algorithm

Finjan TeamBlog, Cybersecurity

Finjan The Rijndael Encryption Algorithm

As the Data Encryption Standard (DES) began to show signs of weakness after several years of use, and in the wake of a security crisis surrounding its Triple DES (3DES) variant, the U.S. National Institute of Standards and Technology (NIST) threw a challenge to cryptographers to develop a more resilient platform for the encryption of mission-critical data. What emerged above … Read More

The Non-Interference Model

Finjan TeamBlog, Cybersecurity

Finjan The Non Interference Model

Security models of control are used as a way of formalizing a security policy. They determine in one way or another how security will be implemented across a system or network, which subjects are permitted access to the system, and which objects they are allowed access to. These security models are typically put in place by enforcing confidentiality, integrity, or … Read More

Trusted Computing Base or “TCB”

Finjan TeamBlog, Cybersecurity

Finjan Trusted Computing Base or TCB

As well as an infrastructure of components and processes, a computer system also requires a security architecture defining its capacity to resist attacks and attempts at infiltration and providing its capability to detect and respond to threats and changing conditions. With susceptibility to attack being as critical a factor to system stability as the potential failure of its component parts, … Read More

Common Criteria for Information Technology Security Evaluation

Finjan TeamBlog, Cybersecurity

Finjan Common Criteria for Information Technology Security Evaluation

The need to ensure that consumers have access to IT products which are inherently secure has raised a demand for some kind of internationally recognized standard for evaluating and certifying equipment and software. Such a standard exists in what’s collectively known as the Common Criteria or CC. Common Criteria or CC More formally known as the “Common Criteria for Information … Read More

Biba Integrity Model

Finjan TeamBlog, Cybersecurity

Finjan Biba Integrity Model

Confidentiality, integrity, and availability make up the “security triad” as it applies to data. And one of the principal security models dedicated to preserving the integrity of information is the Biba integrity model, which we’ll be looking at today. Biba Integrity Model – Some History For years, matters of data confidentiality were largely dealt with by the Bell-LaPadula model, which … Read More

TCP/IP Vulnerabilities

Finjan TeamBlog, Cybersecurity

Finjan TCP/IP Vulnerabilities

Part of the beauty of using the internet to move information around lies in the apparently seamless and user-friendly way in which transmissions are accomplished. This stems in large part from the use of a common set of transmission/reception mechanisms or protocols – but it’s the very standardization of these methods that leaves them so open to exploitation and attack. … Read More

Egress Monitoring

Finjan TeamBlog, Cybersecurity

Finjan Egress Monitoring

With so many threats looming from intruders and malicious software originating outside of systems and corporate LANs, it’s easy to overlook the fact that security lapses and vulnerabilities can equally emanate from within a connected system or private network, and make their way out to cause damage as well. So for comprehensive security coverage, it’s essential not only to have … Read More

Network DMZ Zones

Finjan TeamBlog, Cybersecurity

Finjan Network DMZ Zones

Online transactions are an unavoidable part of today’s economy. But when corporate networks expose their infrastructure and resources to the largely unsecured public internet, they throw themselves open to the possibility of attack. One way of reducing this risk is through the establishment of safe zones known as DMZ. What’s a DMZ? DMZ stands for demilitarized zone – a throwback … Read More

Security Information and Events Management (SIEM)

Finjan TeamBlog, Cybersecurity

Finjan Security Information and Events Management (SIEM)

“Knowledge is Power”, the old saying goes – and in dealing with cyber-threats, being able to call upon information from past experiences, existing or potential threats, and best practices for incident response and remediation can be a real plus in enhancing threat detection and prevention. There’s an entire technology sector dedicated to this kind of data-driven approach: Security Information and … Read More

Password Attacks – How They Occur and How to Guard Against Them

Finjan TeamBlog, Cybersecurity

Finjan Password Attacks   How They Occur and How to Guard Against Them

Passwords can be difficult to remember, especially if you follow the rules to make them “strong”. They can also be fiddly to input, especially on mobile devices and small keyboards, and inconvenient and time-consuming to use considering it’s best practice to use different ones for each account. However, if a hacker determines or gains access to your security passwords, you … Read More