search
top

Review of SEC545 Cloud Security Architecture and Operations

SEC545: Cloud Security Architecture and Operations

Just recently I went to attend a local SANS Community class in my city. For those that are not aware, SANS Community classes are usually smaller classes with 5-10+ students. It’s a small venue with more of a small class size, but the material would be the same that SANS would teach on vLive, OnDemand, or at a SANS conference.

I can say that the SEC545: Cloud Security Architecture and Operations class is VERY popular. There were many students there that were not hardcore SANS enthusiasts such as myself. Many people were there on the basis that companies are all now starting to move to the cloud. And, many companies are worried about the security implications of moving, and with larger concerns on if the architecture is not setup and configured correctly.

The class was very much AWS focused, which was great for me in terms of learning AWS. However, Read The Full Post

SMTP Authentication

Hello everyone.

I am back with some more email security!

Today I’d like to talk about SMTP Authentication.
Some people may never have heard of this concept or may have simply ignored it as it seemingly may not feel that important.

However, in certain situations one may need to make use of SMTP Auth for email.

SMTP Authentication

SMTP Authentication - Outgoing Emails

SMTP Authentication – Outgoing Emails

 

As shown above in the diagram.

SMTP Auth is fairly simply to use for all incoming or outgoing emails.

Essentially, a machine has to authenticate with the central mail server.

The authentication can be done in various ways.

You can normally query LDAP, Active Directory, or some other identity management system as well as store the credentials on the mail server (not recommended).

How Does It Work?

(more…)

top