Nov 4, 2018
Posted in blog, Information Security, Reviews
SEC 542 SANS Course Review
So I wanted to post a blog post on my experience related to the SEC 542 course. This way I can share my experience out there with others, and hopefully give others insight to see if the course is a right fit for them too.
Now because I took the vLive course, my course was not a 4-6 day course. This course was actually completed over 6+ weeks with 2 class sessions per a week. This was an excellent course, very well designed and presented out to students. There were things I already knew and had experienced. But, there were a lot of tools that were introduced in the course, which I had not used or heard of before. And, these tools definitely help save some time especially when it comes down to recon.
I’ll briefly list some of the things you learn during each week, but for the full list you’ll have to take the course for yourself. Trust me, it’s an awesome course! Read The Full Post
Aug 26, 2018
Posted in blog, Featured, Information Security, pen testing, Reviews
Passing The GWAPT Exam
So, I finally went for it and attempted the GIAC GWAPT exam and passed it! I’ve been conducting some pen tests prior to taking the SANS SEC 542 course and the GWAPT exam. The course taught me many new things, and gave me a new perspective, and insight when it comes to web application pen testing. This blog post is to share my experience on how to best prepare for taking the GWAPT exam.
Should I take this exam or challenge the GWAPT ?
Many people will ask themselves this very same question. The best answer really depends on what your career goals are for your future. If you plan on being a pen tester, then this is a must at least if you are new or an intermediate to web pen testing. These days the Internet is filled with web applications, and now with more data and applications placed in the cloud. WebApp pen testing is a skill in demand and will be needed to test anything open to the public via the cloud.
Studying
Read The Full Post
Apr 5, 2017
Posted in Featured, Information Security, portfolio, Reviews
Passing the CISA exam – Certified Information Systems Auditor
So I though it would be interesting to post up a blog post about my experience challenging the the CISA exam last year in 2016.
I had started this blog a bit afterwards, and never really thought about posting my experience. But, many others have always asked about my experience taking the CISA exam ,and if there were any tips I could give them to better their chances of passing the exam. My hope is this post helps those that end up reading this and gives them a better insight on the adventure of obtaining the ISACA CISA certificate.
Preparing for the CISA exam
(more…)
Jan 12, 2017
Posted in Encryption, Quick Tips, Reviews, Tools
SSL Scanning Websites
So today, I came across a website that does a quick SSL test on your website.
Anyone with a website should really be running this tool. I actually did find a few minor issues and was able to gather some info about it.
Our Results
Here is what we got for our results:
whynopadlock
It’s looking good for us and especially since we have forced all our internal links to make use of HTTPS
I also wanted to list a bad result as shown below.
(more…)
My name is Harry Taheem
I am a Cyber Security Engineer.
My aim is to post things I learn or find interesting and allow others to hopefully gain some more insight. I also plan on posting general IT related issues, as I’d like 
