,,
CYBERSECURITY
What is CyberSecurity:
In the developing technological world, DATA has been an important thing for the common user to the topmost company. Data includes everything from the small message to confidential secrets. As technology increases the threat of the data also increases. Technology gives information about both the secrecy to preserve the data as well as to breach the data. It is very important to save the data from hackers. Cybersecurity is the field which saves the data and the tools used for it from the hackers by analyzing the previous methods that have been used to hack and taking preventive measure to stop the hack.
https://purplesec.us/resources/cyber-security-statistics/
What are the steps used in CyberSecurity:
Most of the companies follow certain methodologies to solve the threat. Here I have given some of the steps used in cybersecurity.
1. Information Gathering:
Information gathering is the first and foremost step to do, where complete details of the system or site are gathered. With this information, we can assess the system according to it.
2. Detect the Threat:
Detecting the threat is the second thing to do in preventing the data. The threat may be from any source or area so finding the exact way in which it has been induced is important. There are a number of tools present to determine the threat, It is named vulnerability assessment tools (vulnerability is the loophole present in the system to steal data). Some of the tools are freely available for everyone and some of them are paid tools example:
1.Comodo HackerProof
- OpenVAS
- Nexpose Community
- Nikto
- Tripwire IP360
- Wireshark
- Aircrack
- Nessus Professional
- Retina CS Community
- Microsoft Baseline Security Analyzer (MBSA)
Some of the free tools for vulnerability assessment:
- OpenVAS
- Nexpose Community Edition
- Qualys FreeScan
- Microsoft Baseline Security Analyzer (MBSA)
- Acunetix
- Burpsuite
- Nmap
3.Penetration testing:
Here in penetration testing the site or system is tested according to the vulnerability, Like there are some communities that give new threats details and sets standards accordingly. Some of them are OWASP(Open web application security project), PCI-DSS(Payment card industry data security standards), HIPAA(Health Insurance Portability and Accountability Act), and National security Agency. The penetration testing is doing a number of attacks given by these communities to check the security of the company site.
4.Report the assessment:
In this step, the vulnerabilities found in the assessment and penetration testing are reported to the company. Here we can understand where the threat is initiated and can solve the issue appropriately can set restrictions and rules according to it. This will also help to solve the problems that will occur in the future. At present in companies testing is carried out in every step of the Software development life cycle(SDLC) which gives an added advantage to secure the data.
CONCLUSION:
Cybersecurity has evolved a lot bigger than we think, it has been effortfully trying to prevent the threat from different areas. Tools are made and improved by the companies according to the threats. Increasing technology will give a lot more challenges to cybersecurity, but it will make its way to defend the problems.