Security

Reading Time: 2 minutes

Last Updated: 11/19/2024

Security. it turns out, is a small word that covers a large and deep set of topics. This page is going to contain a number of jumping off points centering on security concerns.

Frameworks, Standards, Policies, & RegulationsLink

CIS – Center for Internet Security:

a non-profit organization that creates, validates, and promotes cyberdefense best practices.

Red Team: – Link

CrackingLink

Directory Solutions:

We need to talk about Directory solutions. This can be a blurry subject. At the heart of it though directory services are going to manage identities of objects that are secured. The blurry part starts when we integrate various policies (Governance, Password Management)
Okta
OneLogin
Auth0
Google Cloud Identity
Azure Active Directory / Entra
Active Directory
LDAP / Apache Directory Studio

Authentication Management: / Identity Management:
RSA – Authentication Manager
Okta
DUO
Entrust

Secrets / Password Managers:
Password Managers – Secrets – Vaults, Keys, Secrets, Certificates, TOTP
Vault – HashiCorp

Identity Governance:
Might be blurry with Authentication Management – however this a deeper subject that also implements an integration so that onboarding assigns the appropriate groups and provisions roles/rights in Azure or other application. Typically this referred to has administrating as a Policy Based approach to handling access rights.
Microsoft Entra ID Governance
Okta
Micro-Focus / OpenText

Hacking – various disciplines
Metasploit
John – The ripper password cracker
NMAP
Hak5
Reverse Engineering Malware

Certifications:
• Security+
• CISSP

CEH – Certified Ethical Hacker
TIL
AWS CCP, etc.
Azure 900, etc.

NAC – Network Access and Control:
• Identity Security Engine (ISE) by Cisco
PacketFence – OpenSource
Network Policy Server (NPS) Microsoft

Audits:

PAM – Privileged Access Management:

Network Monitoring:

Cacti / MRTG
Orion – SolarWinds
NCM – Network Configuration Management
• Node Status

SIEM (and logging)
• QRadar

CloudWatch
• Azure Sentinel
• Logrythm
• Splunk
• ArcSite (currently a MicroFocus company)
• AlienVault OSSIM (aka now AT&T Cybersecurity)

LogStash
Wazuh

Monitoring Related:

Detecting Security Incidents Using Windows Workstation Event Logs
https://sansorg.egnyte.com/dl/2icVlgqdjR

Simple Event Correlator
http://simple-evcorr.sourceforge.net

Certificates / PKI : – Let’s talk OpenSSL and Easy-RSA

Cyber Threat Intelligence
This subject encompasses Darkweb (.onion) evaluating domain squatters; credential theft; mobile app (hosting); Social Media Facebook; X; Telegram.

Fortra
Phishlabs
CloudSeek
Digital Shadows SearchLight
Flashpoint
Proofpoint Emerging Threat (ET) Intelligence

DNSTWIST – The name twister used to find similar styled DNS names. Helps you locate names before they are used against you. This would be in the form of a homoglyph or a diacritic. That is to say characters that you were expecting – but are subtle different because the change, and thus might render users susceptible to phishing,

References:
https://www.gartner.com/reviews/market/security-threat-intelligence-products-and-services/vendor/fortra/product/phishlabs-digital-risk-protection/alternatives