buenas prácticas

Contenido buenas prácticas

Blog posted on 01/08/2019

The open and most-widely-used framework for communication and vulnerability scoring, the CVSS (Common Vulnerability Scoring System), has been updated, incorporating improvements in its new version 3.1 with respect to the previous one. This standard assesses the severity of computer systems vulnerabilities and assigns them a score of 0 to 10.

Blog posted on 02/08/2018

The concept of defence in industrial environments is changing. Just as the attacks are increasingly more sophisticated, the protection systems tend to be more flexible and more evolved. Being able to strengthen the upper levels, such as active defence and intelligence, is essential, whilst always maintaining a solid base of the lower levels (passive defence and secure architecture).

Blog posted on 19/07/2018

Given that availability is always a critical point to take into account for within industrial environments, it is necessary to prevent the attacks that denial of services cause and that affect these environments. The means of giving way to a denial of service can be diverse, much like the means of mitigating these problems. This article will review all of these points, as well as the way in which the risks derived from these attacks can be reduced.

Blog posted on 03/07/2018

The wireless protocols used in industrial environments for communication between devices are numerous are extensive, therefore ensuring these communications is vital for industrial process to function correctly. In this article, we'll look at the advantages of wireless communication audits and the disadvantages of not performing them.

Blog posted on 23/11/2017

The protection of critical and strategic infrastructures in our country is a task that must be tackled by all the agents involved in a public-private cooperation framework.

Blog posted on 09/11/2017

The IDS, IPS and SIEM are equipment originally designed for IT environments but whose adaptation to TO environments has been forced in recent years due to a proliferation of attacks on industrial environments.

Blog posted on 03/11/2017

After having analysed the "why" behind the cybersecurity capacities evaluation model in the first entry dedicated to the C4V model and after having explained how to carry out an appropriate management of risks in the value chain in the second edition, this third edition is dedicated to explaining how to carry out an evaluation of ourselves.

Blog posted on 18/10/2017

The industry is increasingly calling for experts in security, and the business world is not capable of meeting that demand due to the lack of trained professionals. This is not a problem that solely affects Spain; it also affects the whole of Europe and the U.S.A. But, what is it that is asked of industrial security experts?

Blog posted on 28/09/2017

Wireless technologies are becoming more and more prominent everywhere, and also in industrial environments, driven by all other environments where the use of wireless communication technologies is widespread.

Blog posted on 14/09/2017

The Simple Network Management Protocol or SNMP, used in most industrial devices, went from an information exchange protocol related to device configuration to an actual configuration control protocol. Manufacturers add far too many functionalities for SNMP in their devices. These functionalities are often unknown by operators so they do not pay much attention to the hardening of this protocol.