Last Updated: 10/29/2024
Security. it turns out, is a small word that covers a large and deep set of topics. This page is going to contain a number of jumping off points centering on security concerns.
Frameworks, Standards, Policies, & Regulations – Link
CIS – Center for Internet Security:
a non-profit organization that creates, validates, and promotes cyberdefense best practices.
Red Team: Link
Directory Solutions:
We need to talk about Directory solutions. This can be a blurry subject. At the heart of it though directory services are going to manage identities of objects that are secured. The blurry part starts when we integrate various policies (Governance, Password Management)
• Okta
• OneLogin
• Auth0
• Google Cloud Identity
• Azure Active Directory / Entra
• Active Directory
• LDAP / Apache Directory Studio
Authentication Management: / Identity Management:
• RSA – Authentication Manager
• Okta
• DUO
• Entrust
Secrets / Password Managers:
• Password Managers – Secrets – Vaults, Keys, Secrets, Certificates, TOTP
• Vault – HashiCorp
Identity Governance:
Might be blurry with Authentication Management – however this a deeper subject that also implements an integration so that onboarding assigns the appropriate groups and provisions roles/rights in Azure or other application. Typically this referred to has administrating as a Policy Based approach to handling access rights.
• Microsoft Entra ID Governance
• Okta
• Micro-Focus / OpenText
Hacking – various disciplines
• Metasploit
• John – The ripper password cracker
• NMAP
• Hak5
• Reverse Engineering Malware
Certifications:
• Security+
• CISSP
• CEH – Certified Ethical Hacker
• TIL
• AWS CCP, etc.
• Azure 900, etc.
NAC – Network Access and Control:
• Identity Security Engine (ISE) by Cisco
• PacketFence – OpenSource
• Network Policy Server (NPS) Microsoft
Audits:
PAM – Privileged Access Management:
Network Monitoring:
• Cacti / MRTG
• Orion – SolarWinds
• NCM – Network Configuration Management
• Node Status
SIEM (and logging)
• QRadar
• CloudWatch
• Azure Sentinel
• Logrythm
• Splunk
• ArcSite (currently a MicroFocus company)
• AlienVault OSSIM (aka now AT&T Cybersecurity)
• LogStash
• Wazuh
Monitoring Related:
Detecting Security Incidents Using Windows Workstation Event Logs
https://sansorg.egnyte.com/dl/2icVlgqdjR
Simple Event Correlator
http://simple-evcorr.sourceforge.net
Certificates / PKI : – Let’s talk OpenSSL and Easy-RSA
Cyber Threat Intelligence
This subject encompasses Darkweb (.onion) evaluating domain squatters; credential theft; mobile app (hosting); Social Media Facebook; X; Telegram.
• Fortra
• Phishlabs
• CloudSeek
• Digital Shadows SearchLight
• Flashpoint
• Proofpoint Emerging Threat (ET) Intelligence
DNSTWIST – The name twister used to find similar styled DNS names. Helps you locate names before they are used against you. This would be in the form of a homoglyph or a diacritic. That is to say characters that you were expecting – but are subtle different because the change, and thus might render users susceptible to phishing,
References:
https://www.gartner.com/reviews/market/security-threat-intelligence-products-and-services/vendor/fortra/product/phishlabs-digital-risk-protection/alternatives
