Calcom Blog

New Posts

The Policy Expert: Configuring Maximum Security Log Size

Policeman emoji isolated on white background, cop emoticon 3d rendering

Maximum log size should be set to any kind of event logs, as part of your security policy. This configuration’s value is highly important for detecting attacks and investigating their source.

Read Post

How to best spend your cybersecurity budget- research based model

Midsection of businessman squeezing piggybank with tape measure on wooden table

This research aims to show a possible model for a decision making approach for cybersecurity investment in Small and Medium Enterprises (SMEs). The scope of cyberattacks on organizations is endless, but

Read Post

Docker host REST API vulnerability

docker host rest api

Docker containers are becoming more and more popular in organizations IT environments because they allow virtualization at the operating system level. Currently, the most common OS for Docker hosting is Linux

Read Post

RunC vulnerability from a host’s hardening point of view

programmer profession - man writing programming code on laptop computer

In February 2019, a vulnerability was found in runC container runtime. CVE-2019-5736 affects Docker’s containers that run on default settings, and can lead the attacker to gain root level access on

Read Post

Leaving TLS 1.2 and moving to TLS 1.3

TLS transport layer security concept. Collection of different colored sticky note papers with curled corner, open palm hand hidden three notes and showing three notes.

New version of TLS was launched in 2018 – the TLS 1.3 protocol. TLS 1.3 aims to solve all of the problems facing its older version – TLS 1.2. What is

Read Post

8 Hardening Actions That Will Break Your IIS Server

Shot of a programmer looking stressed out while working on a computer code at night

Security versus functionality is always the concern when approaching server hardening. Hardening your IIS server is one of the most crucial missions when trying to achieve a secured infrastructure. There are

Read Post

Hardening TLS/SSL protocols- What Might Break

Little boy is sitting in front of a big laptop. He is not happy with what he sees on the screen and cries. Maybe the pc is malfunctioning and he is getting an error message.

  Is your organization still using old SSL/TLS protocols? June 2018 was the deadline for hardening SSL/TLS protocols and implementing a more secure encryption protocol. The PCI Security Standards Council requires

Read Post

Hardening Configurations using CIS Benchmarks

Data protection privacy concept. GDPR. EU. Cyber security network. Business man protecting his data personal information. Padlock icon and internet technology networking connection on virtual interface blue background.

The center for internet security (CIS) instructs to perform 20 different actions in order to achieve a cyber-attack resilient IT infrastructure. Among those 20 Controls, the first five found to be

Read Post

Why the hell WannaCry is still here?!

Wanna Cry ransom-ware caught by tweezers

  According to December 2018 Top 10 Malware report, WannaCry malware holds the dubious lead of malware breakdowns with 28%. WannaCry total damage is estimated by 4 billion $ But as WannaCry might

Read Post

CIS controls and how to approach them

CIS controls

CIS (Center of Internet Security) controls and how to approach them A study of the previous of the CIS Controls found that 85% of cyber incidents could be prevented by implementing

Read Post