When it comes to digital certificates, the Subject Alternative Name (SAN) extension plays a crucial role in how modern systems authenticate and communicate securely. Although the Common Name (CN) field traditionally carried the hostname of a server, today it’s the SAN extension that browsers and applications actually pay attention to. In fact, industry standards have…
Category: cyber security
LLMs – what’s all the fuss about?
Large Language Models (LLMs) have become a cornerstone of modern AI, enabling sophisticated natural language understanding and generation at scale. These models underpin a growing ecosystem of intelligent applications — from DevOps automation to secure enterprise knowledge retrieval. Notable examples include GPT-5, Claude 3, and Gemini. The rise of Large Language Models (LLMs) is reshaping…
IAM vs PAM vs IGA – what is the difference?
Identity security is now a cornerstone of enterprise cyber defence, particularly in the UK where regulatory pressure and threat levels continue to rise. Security teams often hear three related but distinct terms: IAM (Identity and Access Management), PAM (Privileged Access Management), and IGA (Identity Governance and Administration). While they overlap, each addresses different layers of…
IP Spoofing
IP spoofing is a cyberattack technique in which an attacker manipulates the source IP address in network packets to appear as though they are coming from a trusted source. This deceptive practice allows attackers to bypass security measures, launch denial-of-service (DoS) attacks, and intercept sensitive communications. The objective of IP spoofing is often to initiate…
ECDHE
ECDHE (Elliptic Curve Diffie-Hellman Ephemeral) is a cryptographic algorithm used for secure key exchange in network protocols like TLS (Transport Layer Security). Its main function is to enable two parties (e.g., client and server) to agree on a shared secret over an insecure network, without transmitting the secret itself. This fact almost alone has ensured…
Transport Layer Security (TLS)
Transport Layer Security (TLS) is a cryptographic protocol that protects data when it is transferred between devices over a network. It is commonly used to secure web-based applications over the internet. Given the explosion in cloud services, mobile computing and IoT devices, the underlying technology to secure the data in transit has become of critical…
The rush towards public DNS
One result of the rush towards using large-scale public Domain Name Service (DNS) resolvers, such as Google and Cloudflare, is that critical and sensitive DNS queries are often handled by servers in different countries or even continents. This trend is introducing unexpected security, resilience, legal and data protection issues for policy makers and governments. With…
Software-Defined Perimeter Networks
Software-defined perimeter (SDP) networks are an advanced iteration of a zero-trust network (ZTN) strategy for access to enterprise resources. As organizations migrate more and more services to the cloud, regardless of deployment model or location, the potential attack surface is dramatically changed. Securing the data (not just the network) has therefore become an existential concern….
NCSC to update Cyber Essentials
The National Cyber Security Centre (NCSC) is planning to update the technical controls of its Cyber Essentials scheme in the new year. It has indicated that it will introduce an updated set of requirements on 24 January in the biggest overhaul since the scheme was first launched in 2014. The review comes in response to…
What is TPRM?
Imagine a world where people demand data on any device, from any location, 24/7. To deliver this level of service, businesses are deploying cloud architecture for almost everything. But shadowing these decisions is the largest annual increase in successful cyber-attacks within the last six years, and when seen alongside a global shortage of IT security experts…
MIC Solutions 