Cyber attacks are becoming serious concerns now a days and organizations is spending time & budget to secure their systems from attacks.

Cyber security or IT security, defines the best policy & practices to protect the computer systems from the theft and damage to their hardware, software or information.

Cyber security includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection. In today’s world, an organization putting lot of efforts to make sure the below elements are covered in their security policies: -

    Network security -  consists of policies & practices to prevent unwanted access to their resources.

    Application security – Implementation of hardware, software to protect applications from external threats.

    Endpoint security -  policies to protect corporate network accessed through remote devices

    Data security – secure digital data (files, drive) through IDM management & Encryption.

    Database security – encrypting the database, firewall configuration.

    Cloud security – AWS provides WAF & Shields to protect cloud resources.


One of the most problematic elements of cybersecurity is the quickly and constantly evolving nature of security risks. 

    Many cyber security threats are largely avoidable. There are some standards key steps mentioned below to follow: -
    Use Strong, cryptic passwords that can’t be easily guessed and keep your passwords secret
    Make sure your computer, devices and applications (apps) are current and up to date and is protected with up-to-date anti-          virus software.
    Don’t click on unknown or unsolicited links or attachments, and don’t download unknown files or programs onto your computer     or other devices.


Security should be implemented at all the below 5 levels for a web application: -

    1) Load Balancer

    2) Web Server 

    3) Application Server

    4) Web Application

    5) Database Security


I will post the articles for each of the element mentioned above along with their security best practice.