Digital Defence

It’s Total Defence Day in Singapore today. And for the first time in thirty-five years, there has been an update to the framework. Introduce Digital Defence. This was probably much called for, considering how the theatre of warfare has transcended physical space into the digital space. The subject of digital warfare is too complicated to…

A Digression: The Offensive Security Certified Professional (OSCP) — Part 3 of 3

#offsec #pentest #training #tryharder Say “try harder”… Here I will deviate from most typical OSCP reviews and discuss a little about creating machines. If we can break machines and obtain administrator privileges, can we create them? One way to get good at a subject is to approach it from different perspectives. For instance, we peer-tutor…

A Digression: The Offensive Security Certified Professional (OSCP) — Part 2 of 3

#offsec #pentest #training #tryharder I want to try harder and earn my OSCP! What should I do? Well, this part of the review is meant for you! How Much Did the Author Know Before Taking the OSCP? Unlike most people who took the OSCP, I took it knowingly that my fundamentals were not good. After all, my background…

A Digression: The Offensive Security Certified Professional (OSCP) — Part 1 of 3

#offsec #pentest #training #tryharder (Note to all who have read Part I on my other page — yes, I’m in the midst of shifting my blog; this is a replication of Part I on my previous site, with very minor edits.) (WARNING: This review is very cheesy. If you can’t take it, try harder.) Many a…

Introduction to the Digital World — Part 5 of 5

In the previous part, we discussed the subject of “information assurance (IA)” in the physical context. The digital context is similar, and this time, I will use e-government as an example. Let us use the scenario where a citizen, Bob, wants to access a government web application to modify the dates where Bob needs to…

Introduction to the Digital World — Part 4 of 5

Once one begins to appreciate the power of data, it is important to learn how to protect it. This is the subject of information assurance. Let us use the UK’s National Security Agency definition as a guide for us. Information assurance (IA) consists of five pillars: availability, integrity, authentication, confidentiality, and non-repudiation. Let us use the…