Search Results for "best practice"

ScubaGear is a PowerShell-based assessment tool developed by CISA to verify that Microsoft 365 tenant configuration aligns with Secure Cloud Business Application (SCuBA) baselines. It automates scanning of M365 environments like Exchange, Defender, Teams, and SharePoint, and outputs compliance reports to help administrators align with best practice security configurations.

...We believe all users, including all developers, can benefit from using Privileges. Working as a standard user instead of an administrator adds another layer of security to your Mac and is considered a security best practice. Privileges help enable users to act as administrators of the system only when required.

...Our self-service cloud account monitoring platform, NCC Scout, is a user-friendly SaaS providing you with the ability to constantly monitor your public cloud accounts, allowing you to check they’re configured to comply with industry best practice.

Minder by Stacklok is an open source platform that helps development teams and open source communities build more secure software, and prove to others that what they’ve built is secure. Minder helps project owners proactively manage their security posture by providing a set of checks and policies to minimize risk along the software supply chain and attest their security practices to downstream consumers. Minder allows users to enroll repositories and define policies to ensure repositories...

...It’s core purpose is to perform fast, comprehensive, and consistent host and port discovery across single targets or large lists of IP addresses. N-ETHER functions as an intelligent, opinionated wrapper around the powerful nmap tool, bundling best-practice scanning techniques—including service versioning, NSE scripting, and intelligent port selection—into a single, easy-to-use utility. This significantly reduces auditor workload and potential for human error compared to manually executing multiple complex nmap commands. Read the README!!!

For over 30 years, password requirements and feedback have largely remained a product of LUDS: counts of lower- and uppercase letters, digits and symbols. LUDS remains ubiquitous despite being a conclusively burdensome and ineffective security practice. zxcvbn is an alternative password strength estimator that is small, fast, and crucially no harder than LUDS to adopt. Using leaked passwords, we compare its estimations to the best of four modern guessing attacks and show it to be accurate and conservative at low magnitudes, suitable for mitigating online attacks. We find 1.5 MB of compressed storage is sufficient to accurately estimate the best-known guessing attacks up to 105 guesses, or 104 and 103 guesses, respectively, given 245 kB and 29 kB. zxcvbn can be adopted with 4 lines of code and downloaded in seconds. ...

PrivaSphere Secure Messaging Service is a convinced user of open source. This is to give back to the community. The first contribution is a port of best practice crypto to Java.