Skip to content

The personal website of Phil MassynΒΆ

Automated Security Reporting

Having some form of automated security reporting platform will help organisations to have real-time visibility of the security posture across their environment. By tailoring the dashboards to different audiences (or personas), CISOs and CIOs can leverage data for decision-making, giving visibility to all levels within the organisation.

Vulnerability Management

Vulnerability management is a continuous, proactive, and often automated process that keeps your computer systems, networks, and enterprise applications safe from cyber-attacks and data breaches by ensuring any weaknesses in the underlying software are updated.

Multi Router Traffic Grapher

MRTG - an age-old graphing tool used by network administrators all over the world. But it's not just for networking systems. I've used it to monitor various things. In this how-to, I'll walk you through how you can create a simple MRTG system to track pretty much anything.

Strange password policies

We all have passwords, and the volume of passwords we need to manage is not slowing down. Most of the sites we interact with have some sort of a password policy that forces you to go through a process of trying to create them. I have written about this before.

Threat Modeling

Threat modeling is a process used by developers and engineers to understand the threats that exist that may exploit a weakness or vulnerability in a software application or platform.

Security in a Development environment

As a security professional, you would most often be dealing with teams that are directly responsible for the security of a system. In many cases, developers will have the ability to make or break the security of their particular solutions, and in many situations, too much frustration for the security team. I have observed firsthand how adversarial the relationship between security and developers can be. It doesn't have to be that way.