Last Updated: 9/9/2024
This page is going to contain a number of jumping off points regarding security.
CIS – Center for Internet Security:
a non-profit organization that creates, validates, and promotes cyberdefense best practices.
Red Team: Link
Directory Solutions:
We need to talk about Directory solutions. This can be a blurry subject. At the heart of it though directory services are going to manage identities of objects that are secured. The blurry part starts when we integrate various policies (Governance, Password Management)
Authentication Management: / Identity Management:
• RSA – Authentication Manager
• Okta
• DUO
• Entrust
Secrets / Password Managers:
• Password Managers – Secrets – Vaults, Keys, Secrets, Certificates, TOTP
• Vault – HashiCorp
Identity Governance:
Might be blurry with Authentication Management – however this a deeper subject that also implements an integration so that onboarding assigns the appropriate groups and provisions roles/rights in Azure or other application. Typically this referred to has administrating as a Policy Based approach to handling access rights.
• Microsoft Entra ID Governance
• Okta
• Micro-Focus / OpenText
Hacking – various disciplines
• Metasploit
• John – The ripper password cracker
• NMAP
• Hak5
• Reverse Engineering Malware
Certifications:
• Security+
• CISSP
• CEH – Certified Ethical Hacker
• TIL
• AWS CCP, etc.
• Azure 900, etc.
NAC – Network Access and Control:
• Identity Security Engine (ISE) by Cisco
• PacketFence – OpenSource
• Network Policy Server (NPS) Microsoft
Audits:
Frameworks, Best Practices, Configuration Guides.
PAM – Privileged Access Management:
Network Monitoring:
• Cacti
• Orion – SolarWinds
SIEM (and logging)
• QRadar
• CloudWatch
• Azure Sentinel
• Logrythm
• Splunk
• ArcSite (currently a MicroFocus company)
• AlienVault OSSIM (aka now AT&T Cybersecurity)
• LogStash
• Wazuh
Monitoring Related:
Detecting Security Incidents Using Windows Workstation Event Logs
https://sansorg.egnyte.com/dl/2icVlgqdjR
Simple Event Correlator
http://simple-evcorr.sourceforge.net
Certificates / PKI : – Let’s talk OpenSSL and Easy-RSA
Digital Assets \ Cyber Threat Intelligence
This group deals with Darkweb (.onion) evaluating domain squatters; credential theft; mobile app (hosting); Social Media Facebook; X; Telegram.
• Fortra
• Phishlabs
• CloudSeek
• Digital Shadows SearchLight
• Flashpoint
• Proofpoint Emerging Threat (ET) Intelligence
References:
https://www.gartner.com/reviews/market/security-threat-intelligence-products-and-services/vendor/fortra/product/phishlabs-digital-risk-protection/alternatives
DNSTWIST – The name twister used to find similar styled DNS names. Helps you locate names before they are used against you. This would be in the form of a homoglyph or a diacritic. That is to say characters that you were expecting – but are subtle different because the change, and thus might render users susceptible to phishing,