Learning & Resource Center

 

 

Immediate Assistance(800) 989-2647

Videos

Recent Posts

IP Subnet Sheet

Have you ever wondered what is a /27?  Or how many IP addresses do I get to use with a /28?  Is there a use for a /31?  CIDR Subnet Mask Total IPs Usable IPs /32 255.255.255.255 1 1 /31 255.255.255.254 2 0* /30 255.255.255.252 4 2 /29 255.255.255.248 8 6 /28...

Agile Modeling

Agile Modeling (AM) is a practice-based methodology for effective modeling and the documentation of software-based systems.  Agile Modeling (AM) is a collection of values, principles, and practices for modeling software that can be applied on a software development...

Securing Your MongoDB

Securing your MongoDB Securing MongoDB must be a top priority for system administrators right now as ransom attacks are on the rise.  If you are using MongoDB to storing data on any public facing cloud server running on Linux, then you will need to make sure you lock...

Adaptive Software Development

Adaptive Software Development is part 1 of our 12 Principles of Agile Development series. Adaptive software development (ASD) is a software development process that grew out of the rapid application development work by Jim Highsmith and Sam Bayer. ASD is centered...

12 Principles of Agile Development

Agile is a popular methodology used in the development of software applications.  There are many different flavors of agile methodologies and in this 10 part series on agile development, we will take a deeper look at the following: Adaptive software development (ASD)...

Vulnerability Feed

CVE-2018-10683 (wildfly)

** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final. In the case of a default installation without a security realm reference, an attacker can successfully access the server without authentication. NOTE: the Security Realms documentation in the product's...

CVE-2018-7248 (manageengine_servicedesk_plus)

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3 Build 9317. Unauthenticated users are able to validate domain user accounts by sending a request containing the username to an API endpoint. The endpoint will return the user's logon domain if the...

CVE-2016-5845 (sapcar)

SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905.

CVE-2016-2542 (installshield)

Untrusted search path vulnerability in Flexera InstallShield through 2015 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory of a setup-launcher executable file.

NIST News
SANS ISC Bulletins