Shadow IT

Quite recently, I submitted an assignment on “Shadow IT”. I want to share some of its data with the blog readers. According to Forcepoint.com [1], “Shadow IT is the use of information technology systems, devices, software, applications, and services without explicit IT department approval”. E.g. BYOD, use of cloud services like Dropbox, Google Drive, One […]

Book of Frank Stajano – “Security for Ubiquitous Computing”

Yesterday, while surfing internet and searching for people who have contributed in the area of Cyber Security, I have come to know about Cambridge University’s Professor Dr. Frank Stajano. His official university home page can be found here. Professor Frank Stajano also runs a youtube channel, where he post knowledgeable material/things. I also come to […]

Book of Rafay Baloch – “Ethical Hacking And Pentesting Book”

The instructor (Sir Bariq Wajahat) of the CEH v10 course at NIE has told me about Rafay Baloch, a young information security expert and evangelist. He has written a book with the title, “Ethical Hacking And Pentesting Book”. He has also attended Bahria University like me. I have downloaded his book and I am going […]

Elements of Information Security

As per Ethicalhackx‘s lecture notes and slides, the following are the elements of information security. Confidentiality Integrity Availability Authenticity Non-Repudiation I am not going in details of them. However, I want to briefly define them as mentioned in page 6 of lecture notes and slides. Confidentiality means “Authorized to have access“. Integrity means “Trustworthiness of […]

What is Information Security all about?

To understand what Information Security is all about, one needs to understand the following definition of Information Security. “Information Security ensures the confidentiality, integrity, and availability” [1]. Now that the reader of this blog has understood the basic definition, time to go in details what do Confidentiality, Integrity and Availability mean. Confidentiality: We want to […]

An initiative to do a course of Certified Ethical Hacking (CEH v10)

A few weeks ago, I took the initiative to dive deeply to become a Certified Ethical Hacker. However, I knew that I was not in a position to pass the exam of CEH v10 without reading and understanding the theory and practice behind it. So I decided to get enrolled in a course which teaches […]

Why I am writing about Security Engineering?

During education at the school, college and universities, my majors were in the field of Science/Computing/IT/Engineering. Specifically, at the University of Oxford, I attended a course with the title of Security Principles which was taught by Professor. Andrew Martin. For prestudy, I read the first few chapters of a book with the title of Security […]