ModSecurity is an open source, cross-platform web application firewall (WAF) module. Known as the "Swiss Army Knife" of WAFs, it enables web application defenders to gain visibility into HTTP(S) traffic and provides a power rules language and API to implement advanced protections.

The world’s most used penetration testing framework

Knowledge is power, especially when it’s shared. A collaboration between the open source community and Rapid7, Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness; it empowers and arms defenders to always stay one step (or two) ahead of the game.

Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well.
The Internet is an insecure place. Many of the protocols used in the Internet do not provide any security. Tools to "sniff" passwords off of the network are in common use by malicious hackers. Thus, applications which send an unencrypted password over the network are extremely vulnerable. Worse yet, other client/server applications rely on the client program to be "honest" about the identity of the user who is using it. Other applications rely on the client to restrict its activities to those which it is allowed to do, with no other enforcement by the server.
Some sites attempt to use firewalls to solve their network security problems. Unfortunately, firewalls assume that "the bad guys" are on the outside, which is often a very bad assumption. Most of the really damaging incidents of computer crime are carried out by insiders. Firewalls also have a significant disadvantage in that they restrict how your users can use the Internet. (After all, firewalls are simply a less extreme example of the dictum that there is nothing more secure than a computer which is not connected to the network --- and powered off!) In many places, these restrictions are simply unrealistic and unacceptable.
Kerberos was created by MIT as a solution to these network security problems. The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server (and vice versa) across an insecure network connection. After a client and server has used Kerberos to prove their identity, they can also encrypt all of their communications to assure privacy and data integrity as they go about their business.
Kerberos is freely available from MIT, under copyright permissions very similar those used for the BSD operating system and the X Window System. MIT provides Kerberos in source form so that anyone who wishes to use it may look over the code for themselves and assure themselves that the code is trustworthy. In addition, for those who prefer to rely on a professionally supported product, Kerberos is available as a product from many different vendors.
In summary, Kerberos is a solution to your network security problems. It provides the tools of authentication and strong cryptography over the network to help you secure your information systems across your entire enterprise. We hope you find Kerberos as useful as it has been to us. At MIT, Kerberos has been invaluable to our Information/Technology architecture.

JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.

JWT.IO allows you to decode, verify and generate JWT.

The thing computers can do best is storing information.
You shouldn't waste your time trying to remember and type your passwords.
KeePassXC can store your passwords safely and auto-type them into your everyday websites and applications.

Mullvad is a VPN service that helps keep your online activity, identity and location private. Only €5/month. We accept Bitcoin, cash, bank wire, credit card (PayPal), and Swish

Security in WordPress is taken very seriously, but as with any other system there are potential security issues that may arise if some basic security precautions aren't taken. This article will introduce you to basic security concepts and serve as an introductory guide to making your WordPress website more secure.

This article is not the ultimate quick fix to your security concerns.

I won a Samsung Galaxy S6 Edge, signed into it with my Google account, played around with it, wiped it, and sold it. Now the person can't get past setup because it's saying he must login with an a...

The web is (in 2015) a place where security is increasing essential, and always under threat. It is also a space which needs to be consistent, logical, and user-serving. There follow some thoughts following many recent discussions of "HTTPS Everywhere" and points west.

This page offers a better way to create a strong, yet easy to remember passphrase for use with encryption and security programs.

Le but de CAcert est par la sensibilisation et l'éducation de promouvoir la sécurité informatique au travers de la cryptographie, spécialement en mettant à disposition des certificats cryptographiques. Ces certificats peuvent être utilisés pour chiffrer des courriels et les signer électroniquement, authentifier et habiliter des utilisateurs se connectant sur des sites web ainsi que sécuriser la transmission de données sur internet. Toute application qui supporte le protocole « Secure Socket Layer » (SSL ou TLS) peut utiliser les certificats signés par CAcert, comme peut le faire toute application qui utilise des certificats X.509, par exemple pour du chiffrement, de la signature de code ou de la signature de documents.