- 103
- 95 126
AV CYBER ACTIVE
India
Registrace 29. 10. 2022
Hi All,
My name is Avinash and Ive been a Cyber security professional for more thean 10 years now. This channel is mean to cover below mentioned contents
Whatsapp Channel:
whatsapp.com/channel/0029Va4qB0EIN9isRDXb1B1y
1. CISSP
2. Power Animation
3. Cyber security interview Questions
4. Technology
5. Tecnnology news
6. Cyber security
7. Information security
8. Tutorials
9. SOC interview Questions
10. Security Operations
Business Enquiries and Cybersecurity Consultation
Email : xboxassdss@gmail.com
My name is Avinash and Ive been a Cyber security professional for more thean 10 years now. This channel is mean to cover below mentioned contents
Whatsapp Channel:
whatsapp.com/channel/0029Va4qB0EIN9isRDXb1B1y
1. CISSP
2. Power Animation
3. Cyber security interview Questions
4. Technology
5. Tecnnology news
6. Cyber security
7. Information security
8. Tutorials
9. SOC interview Questions
10. Security Operations
Business Enquiries and Cybersecurity Consultation
Email : xboxassdss@gmail.com
OWASP Top 10 | A09:-Security Logging and Monitoring Failures | Cyber security 2024
Welcome to AV Cyber Active channel where we discuss cyber Security related topics. Feel free to
Comment if you want more contents. In this video I discuss WHAT is OWASP Top 10 list | Cyber security 2024 Introduction . It can even casue loss to business or money if not used using propper techniques.
OWASP
The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.
owasp.org/www-project-top-ten/
Download DVWA
www.vulnhub.com/entry/damn-vulnerable-web-application-dvwa-107,43/
MITRE ATT&CK® Navigator
mitre-attack.github.io/attack-navigator/
HOW to use MITRE ATT&CK Framework in SOC Operations | Explained by a Cyber Security Professional
czcams.com/video/ULh0W08ZMDQ/video.html
DLP | Explained by a cyber security Professional
czcams.com/video/K6a4eKsLNFQ/video.html
IPSEC and Why its Important | Explained by a cyber security Professional
czcams.com/video/F_wusi8_svY/video.html
Statefull vs Stateless Firewall
czcams.com/video/AbUwV6Ai8DA/video.html
SSL and TLS Encryption
czcams.com/video/YVHth7afwPQ/video.html
Instagram :
avcyberactive
Website : avcyberactive.my.canva.site/
Contact: xboxassdss@gmail.com
Comment if you want more contents. In this video I discuss WHAT is OWASP Top 10 list | Cyber security 2024 Introduction . It can even casue loss to business or money if not used using propper techniques.
OWASP
The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.
owasp.org/www-project-top-ten/
Download DVWA
www.vulnhub.com/entry/damn-vulnerable-web-application-dvwa-107,43/
MITRE ATT&CK® Navigator
mitre-attack.github.io/attack-navigator/
HOW to use MITRE ATT&CK Framework in SOC Operations | Explained by a Cyber Security Professional
czcams.com/video/ULh0W08ZMDQ/video.html
DLP | Explained by a cyber security Professional
czcams.com/video/K6a4eKsLNFQ/video.html
IPSEC and Why its Important | Explained by a cyber security Professional
czcams.com/video/F_wusi8_svY/video.html
Statefull vs Stateless Firewall
czcams.com/video/AbUwV6Ai8DA/video.html
SSL and TLS Encryption
czcams.com/video/YVHth7afwPQ/video.html
Instagram :
avcyberactive
Website : avcyberactive.my.canva.site/
Contact: xboxassdss@gmail.com
zhlédnutí: 46
Video
OWASP Top 10 | A08:2021-Software and Data Integrity Failures | Cyber security 2024
zhlédnutí 134Před měsícem
🟠 00:00 Intro 🟠 00:44 IT Supply Chain Security 🟠 07:22 Deploying Linux Updates and Trusted Repositories 🟠 12:14 Configuring Windows Server Update Services (WSUS) 🟠 18:57 Object-Oriented Programming (OOP) 🟠 25:38 Insecure Deserialization Attacks 🟠 32:08 Mitigating Insecure Deserialization Attacks 🟠 38:04 Digitally Signing PowerShell Scripts 🟠 46:29 Hashing Files in Windows 🟠 51:52 Hashing Files ...
OWASP Top 10 | A07-Identification and Authentication Failures | Cyber security 2024
zhlédnutí 83Před 2 měsíci
🟠 00:00 Intro 🟠 00:52 Authentication and Authorization 🟠 07:18 Broken Authentication Attacks 🟠 12:59 Hash user credentials 🟠 19:08 Encrypt user credentials 🟠 25:44 Analyze plain text credential transmissions using Wireshark 🟠 32:01 Deploy password policies to harden user authentication settings using Microsoft Group Policy 🟠 36:45 Crack web form passwords using the Hydra tool 🟠 45:50 Crack web ...
OWASP Top 10 | A05 - Security Misconfiguration | Cyber security 2024
zhlédnutí 75Před 3 měsíci
🟠 00:00 Intro 🟠 00:54 Security Misconfiguration Attack 🟠 09:47 How Application containers work 🟠 17:43 Manage Docker containers on a Linux computer 🟠 32:00 Create and populate a cloud-based container registry 🟠 39:21 Harden security settings for users and computers using Microsoft Group Policy 🟠 46:10 Configure Azure Policy to check for the security compliance of Azure resources 🟠 51:47 Managin...
OWASP Top 10 | A04 - Insecure Design | Cyber security 2024
zhlédnutí 140Před 4 měsíci
🟠 00:00 Intro 🟠 1:04 The CIA Triad 🟠 7:48 SDLC 🟠 15:54 Security Controls Listed in CLoud Control Martix 🟠 20:23 Types of software testing 🟠 26:17 Configuring Web Application deployment Slot in Azure 🟠 32:00 OWASP Enterprise API 🟠 37:32 End Summary Outro Welcome to AV Cyber Active channel where we discuss cyber Security related topics. Feel free to Comment if you want more contents. In this vide...
OWASP Top 10 | A02- Cryptography failure Introduction | Cyber security 2024
zhlédnutí 173Před 4 měsíci
✅00:00 Course Overview ✅00:43 Cryptographic Failures Attack ✅09:43 Public Key Infrastructure ( PKI ) ✅16:30 Personally Identifiable Information ( PII ) ✅21:23 Data Privacy Security Standards ✅27:22 Using Microsoft File Server Resource Manager ( FSRM ) ✅37:30 Classifying Data with Amazon Macie 6 ✅44:28 Classifying Data with Encrypting File System ( EFS ) 7 ✅50:27 Encrypting Data at rest with Mic...
OWASP Top 10 | A03 - Injection | Cyber security 2024
zhlédnutí 310Před 4 měsíci
00:00 Intro 00:56 Injection Attack 07:53 Fuzzing , Input validation and Sanitization 14:44 Testing for Injection Attack and Vulnerabilities 21:42 Executing a SQL Injection Attack 28:09 Executing a command Injection attack 35:02 Java and Java Script in web applications 41:33 XSS Attack 47:49 Running XSS through Web Forms 55:37 Compromising a web Browser Through XSS 1:04:30 Outro Welcome to AV Cy...
WHAT is OWASP Top 10 list and A01-Broken access Control Introduction | Cyber security 2024
zhlédnutí 833Před 5 měsíci
Welcome to AV Cyber Active channel where we discuss cyber Security related topics. Feel free to Comment if you want more contents. In this video I discuss WHAT is OWASP Top 10 list | Cyber security 2024 Introduction . It can even casue loss to business or money if not used using propper techniques. 00:00 Intro 09:45 A01 - Broken access Control OWASP The OWASP Top 10 is a standard awareness docu...
WHAT is the difference between Vulnerability Assessment & Penetration testing ?
zhlédnutí 284Před 6 měsíci
Welcome to AV Cyber Active channel where we discuss cyber Security related topics. Feel free to Comment if you want more contents. In this video I cover WHAT is the difference between Vulnerability Assessment & Penetration testing ? It can even casue loss to business or money if not used using propper techniques. OWASP The OWASP Top 10 is a standard awareness document for developers and web app...
🛡️ Most asked SOC L1 Interview questions Part 4 | Explained by a Cyber Security Professional
zhlédnutí 312Před 6 měsíci
#socialmedia #cybersecurity #interview Join My Whatsapp Channel: whatsapp.com/channel/0029Va4qB0EIN9isRDXb1B1y Welcome to AV Cyber Active channel where we discuss cyber Security related topics. Feel free to Comment if you want more contents. In this video I discuss Most asked SOC L1 Interview questions. It can even casue loss to business or money if not used using propper techniques. SOC L1 int...
🛡️ Most asked SOC L1 Interview questions Part 3 | Explained by a Cyber Security Professional
zhlédnutí 537Před 7 měsíci
#socialmedia #cybersecurity #interview Join My Whatsapp Channel: whatsapp.com/channel/0029Va4qB0EIN9isRDXb1B1y Welcome to AV Cyber Active channel where we discuss cyber Security related topics. Feel free to Comment if you want more contents. In this video I discuss Most asked SOC L1 Interview questions. It can even casue loss to business or money if not used using propper techniques. SOC L1 int...
DLP in Cybersecurity and How it works ?
zhlédnutí 410Před 7 měsíci
Welcome to AV Cyber Active channel where we discuss cyber Security related topics. Feel free to Comment if you want more contents. In this video I cover DLP (Dala loss Prevention) and why its important . It can even casue loss to business or money if not used using propper techniques. OWASP The OWASP Top 10 is a standard awareness document for developers and web application security. It represe...
What is MAD20 MITRE Defender Project and how to get certified ?
zhlédnutí 379Před 7 měsíci
Welcome to AV Cyber Active channel where we discuss cyber Security related topics. Feel free to Comment if you want more contents. In this video I discuss What is MAD20 MITRE Defender Project and how to get certified ? It can even casue loss to business or money if not used using propper techniques. OWASP The OWASP Top 10 is a standard awareness document for developers and web application secur...
What is a Firewall ? | Explained with Animation 2024
zhlédnutí 525Před 7 měsíci
Welcome to AV Cyber Active channel where we discuss cyber Security related topics. Feel free to Comment if you want more contents. In this video I cover What is a Firewall | Explained with Animation. It can even casue loss to business or money if not used using propper techniques. OWASP The OWASP Top 10 is a standard awareness document for developers and web application security. It represents ...
HOW to use MITRE ATT&CK Navigator in SOC Operations with Phishing Use Case Explained
zhlédnutí 2,7KPřed 7 měsíci
Welcome to AV Cyber Active channel where we discuss cyber Security related topics. Feel free to Comment if you want more contents. In this video I discuss MITRE Attack FW and how to use it in SOC operations for red and blue teaming. It can even casue loss to business or money if not used using propper techniques. OWASP The OWASP Top 10 is a standard awareness document for developers and web app...
🛡️ WHAT is File Integrity Monitoring | How it works ??
zhlédnutí 1KPřed 8 měsíci
🛡️ WHAT is File Integrity Monitoring | How it works ??
🛡️ Upcoming Exciting Cyber Security content - 2024
zhlédnutí 48Před 8 měsíci
🛡️ Upcoming Exciting Cyber Security content - 2024
🛡️ I PASSED Certified in Cybersecurity Exam by ISC2 | Exam Experience and passing tips
zhlédnutí 148Před 8 měsíci
🛡️ I PASSED Certified in Cybersecurity Exam by ISC2 | Exam Experience and passing tips
🛡️ Certified in Cybersecurity 25 Sample test Questions | Domain 4 Network Security
zhlédnutí 128Před 8 měsíci
🛡️ Certified in Cybersecurity 25 Sample test Questions | Domain 4 Network Security
🛡️ Certified in Cybersecurity 25 Sample test Questions | Domain 1 Security Principles
zhlédnutí 144Před 9 měsíci
🛡️ Certified in Cybersecurity 25 Sample test Questions | Domain 1 Security Principles
🛡️ Certified in Cybersecurity 25 Sample test Questions | Part 2
zhlédnutí 136Před 9 měsíci
🛡️ Certified in Cybersecurity 25 Sample test Questions | Part 2
🛡️ Certified in Cybersecurity Sample 25 test Questions
zhlédnutí 147Před 9 měsíci
🛡️ Certified in Cybersecurity Sample 25 test Questions
Journey of a Cloud Security Compliance Specialist
zhlédnutí 166Před 9 měsíci
Journey of a Cloud Security Compliance Specialist
🛡️ WHEN to use Public or Private key in Cryptography? Explained !
zhlédnutí 60Před 9 měsíci
🛡️ WHEN to use Public or Private key in Cryptography? Explained !
🛡️ MALWARE INCIDENT management | Based on NIST 800-61
zhlédnutí 246Před 10 měsíci
🛡️ MALWARE INCIDENT management | Based on NIST 800-61
Cyber Security Bulletin | 1Password Security Incident | VmWare Vulnerability Patched | pwn2own Event
zhlédnutí 57Před 10 měsíci
Cyber Security Bulletin | 1Password Security Incident | VmWare Vulnerability Patched | pwn2own Event
🛡️ Is this the BEST Certification for entry level Cyber Security Jobs ?
zhlédnutí 145Před 10 měsíci
🛡️ Is this the BEST Certification for entry level Cyber Security Jobs ?
🛡️ WHICH Cyber Security Certification to choose ? Security Plus or CEH
zhlédnutí 45Před 10 měsíci
🛡️ WHICH Cyber Security Certification to choose ? Security Plus or CEH
🛡️ TOP 8 SKILLS REQUIRED for Entry level Cyber Security Jobs
zhlédnutí 667Před 11 měsíci
🛡️ TOP 8 SKILLS REQUIRED for Entry level Cyber Security Jobs
How it works | Zero Trust vs VPN | Explained by a Cyber Security Professional
zhlédnutí 157Před 11 měsíci
How it works | Zero Trust vs VPN | Explained by a Cyber Security Professional
Very nice information.
good video. Mic quality is low but thats alright. Maybe try to organize information a little better, like go over devices in each layer as well as protocols and then attacks
Very well presented .. simplistic and to the point.. Thanks
Glad it was helpful!
What are the steps for me take, to use Navigator to find out what are the Data Sources for a given Technique (for example, what are the data sources for this technique "Command and Scripting Interpreter")? Thanks.
I dont think thats possible to pull DS for a given Technique. You can try "search" but the current version is very limited.
Wonderful lesson there
Glad you liked it.
Thank you! Very clearly explained....
great video
Glad you enjoyed it
Thank you for these videos and inspiring words :)
Glad you like them!
Very helpful:)
Glad it was helpful!
sounds like had weed for first time
😂
states - perspectives from alternate industry of robbers at the highest-end, there is no-others to rob bait-lure is set-up to find to trap and sort the "highest" trappings-of-life(trap.pings) = fake = real-bait at world-stage(state, stateful) inspection = use baits use targets use victims = for self-sufficiency apply client-lists of zuellich-pharma(spell.?) and vertu-phone concierge and american-express centurion concierge, ... to sort taiwan-japan, hong-kong - korea, then apply to other subsets for world-view TCO = total cost of ownership TCO bang-for buck economics attack sponsors of ww1 and ww2.?
make use of = paid = earned = attackers = ... owed dues money versus not-money tangible versus intangible opportunity-costs for missed opportunities. aggressors aggravate by attacking and asking for explanation after attacking. double are israelis. aggravated charges have no-mitigation-factors
instant firewall all sides and direct fire by redirection as initial strategy hub versus switches unmanaged versus managed pivot-points of usage application ddos no-stateful inspection.
I answered 24 from 25.
Excellent!! Looks like you are ready.All the Best!!
@@avcyberactive538 I am already Sec+ and Pentest+.😋
Very interesting but maybe you should create a playlist about OWASP as you have now several videos about it. 👍
Good idea! Didn't realize I didn't create one. Well now I do. Thanks Mate!
hey if i do all these questions will i get job for sure💯?
Glad You asked. These questions only serve as practice grounds to chek if you are ready for an interview /Job. I ll suggest pick a certification like ISC2 CC, CEH ,S+ etc and be overprepared . All the best and the great things are on your way!
great explanation!
stop eating the microphone
Thanks for the feedback. My newer vidoes have cleaner audio. Hope you like them .
Great video, thanks.
Glad you liked it!
How do you label the documents ?
Glad You asked . This is handled at the DLP application level via Policy Editor . Most DLP vendor will have option to apply drive encryption , Sensitivity lables to Drives , file location, device type etc. After the policy is pushed and applied It starts monitoring traffic and alerts/action can also be setup .
UDP is not faster, its a myth, watch practical networking video where he deep dives in each
Useful video sir
Glad you liked.
great video
Glad you enjoyed it
Amazing material
Thank you for the wonderful video
This is the best cybersecurity channel
How can we contact you for the info related to cyber security
Contact email in description. Feel free to mail your requirement. Glad to assist.
Can the AV completely be replaced by EDR or do we use AV & EDR in combination?
EDR can completely replace AV , Infact vendor's nowadays sell EDR, MDR and XDR as an add-on product on top of AV. However it comes down to organization how much they care about security and willing to Invest .
Thanks for this. I’m new to learning Cyber Threat Intelligence and I would like to connect with you.
Am glad you are liking the Videos. Please drop me an email linked at the description. Hapy Learning!
I have been learning lot through your videos .Thanks a lot for making wonderful videos. For your kind attention, Session layer is the 5 th layer of OSI MODEL. just a small error.
Glad to hear that and thanks for pointing out the error.
Promo*SM 😠
Wow...! Very well explained.. you deserve more subs and likes..❤❤ keep up the good work.! My request please do a full series on Next Generation firewall.. thanks in advance.😊
Thank you so much 😀. I sure will put it in my list of to do . Happy learning!
Richard's private key? as it can only be accessed by richard public key and Richards public key can be used by sue to decrypt but not sure how the confidentiality will happen this case as it can be modify by anyone with richard public key... not sure correct me if i am wrong
Good information
Thanks! Glad you liked it.
Maybe I will get this someday...
I understand its abit complex. Feel free to refer other sources or rewatch the vdo to get a clear understanding. Cheers!
Good explanations
Glad you liked it!
Wrong spelling intrusion
Thanks for pointing it out. I ll to correct it.
@@avcyberactive538don’t get me wrong, i like your videos. Sorry for pointing it out. 🫰 🫰
i was about to comment the same lol
Good one 👍👍
Thank you! Cheers!
Thanks
👍
Well explained 👏
Glad you liked it.All the very best!
No, I dont like this video. If you are saying attacks on SAML, then you should explain all the attacks. You don't even explain XML Assertions Attacks. Expire Based Attacks. etc. which are very common.
Thanks for the feedback . I ll try to cover the attacks you mentioned on an upcoming video.
You didn't even scratch the surface of SAML attacks.
Hi there, Do you have a PDF copy of this Q&A that can be downloaded?
Hi ,Thanks for writing. Unfortunately I don’t but one is on the works. Meanwhile you can refer to may website that my help you. Its got more Q and A's you can refer. Happy learning! instagram.com/avcyberactive/
Is owasp and mitre linked each other . I mean can we find the web application attack techniques in mitre?
Yes in a way. For EX OWASP top 10 "Broken Access Control" has about 34 CWE's mapped to how they can be exploited and one of them is CWE-248 ie Impropper access control . But in MITRE you will dind it under various Tactic, Technique and Sub Technique. Its not a 1-1 comparison but more of CWE of a particular application RISK can be found in detail under various Subtechnique in MITRE . OWASP: Identification of RISK MITRE: Implimention of Control to Mitigate the RISK.
The video is so perfect and beneficial, but a little edit if u can make the tone voice more standard it goes high once then low once so it will be more productive video and thanks for info ❤❤
Noted and thanks for the Honest feedback. Ive tried improving the audio Quality on my recent videos .Hope you like them. Fell free to suggest more content. Happy Learning!
@@avcyberactive538 ❤️❤️
Would it be right to say that Horizontal scanning can be used in case of a DDOS Attack and Vertical Scanning for a DOS Attack?
It would be in a way. Hoizontal is when attacker tries to move laterally and Vertical is abusing or escalating Privileges.
I found it ,thanks alot
Thanks for sharing ,where are remaining 3 parts
Thanks for watching the Vdo. I've now linked the rest 3 parts of this series in the description. Hope you like it.
Very good explanation
Glad it helped.
Good 👍 one