network-security
Safeguard articles tagged "network-security" — guides, analysis, and best practices for software supply chain and application security.
32 articles
DNS attack techniques and defenses
Cache poisoning, tunneling, and NXDOMAIN floods all abuse the same trust: DNS was built to be fast and open, not authenticated.
HTTP/2 Rapid Reset: inside CVE-2023-44487
A single HTTP/2 feature let attackers hit 398 million requests per second. Here's how Rapid Reset (CVE-2023-44487) broke nearly every major web server at once.
The security cost of long-lived HTTP connections
Keep-alive and HTTP/2 multiplexing cut handshake overhead but hold server resources open per connection — Slowloris and 2023's Rapid Reset attacks both exploited exactly that tradeoff.
Open-source penetration testing tools: a comparison guide
Nine open-source pentest tools, one decision problem: Nmap finds hosts, Metasploit exploits them, but neither replaces the other. Here's when to reach for each.
AI in Network Security: Where It Actually Helps Today
AI in network security earns its keep in anomaly detection and alert triage today, not in autonomous response — here's the honest split between what's proven and what's still marketing.
Cisco Firepower CVE-2024-20418 Lessons: Network Security Devices as Attack Surface
CVE-2024-20418 was a critical command injection in Cisco Firepower Management Center. The technical details, the exploitation reality, and what it teaches about NSM security.
What is a Denial of Service (DoS) Attack
DoS attacks knock systems offline without stealing data. Learn how they work, real-world examples like Mirai and HTTP/2 Rapid Reset, and how to defend against them.
What is a DDoS Attack
A DDoS attack floods systems with botnet traffic until they collapse. See real Tbps records, the Rapid Reset CVE, and how to detect and mitigate one.
What is a Man-in-the-Middle Attack
A man-in-the-middle attack lets adversaries intercept trusted connections -- from Wi-Fi logins to CI/CD package fetches -- with real-world cases and defenses.
What is Zero Trust Security
Zero trust means never trusting a user, device, or workload by default. Here's what NIST 800-207 actually requires, why it applies to supply chains too.
Automated Network Security: What to Automate First
Automated network security works best when teams target the repetitive, high-volume tasks first, patch verification, config drift detection, alert triage, rather than trying to automate everything at once.
Lateral movement
A precise breakdown of what lateral movement is, the MITRE ATT&CK techniques and pivoting methods attackers use, and how to detect them before they spread.