Related Research Articles
The SANS Institute is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and auditing. The information security courses are developed through a consensus process involving administrators, security managers, and information security professionals. The courses cover security fundamentals and technical aspects of information security. The institute has been recognized for its training programs and certification programs. Per 2021, SANS is the world’s largest cybersecurity research and training organization. SANS is an acronym for SysAdmin, Audit, Network, and Security.
A robot kit is a special construction kit for building robots, especially autonomous mobile robots.
Packt is a publishing company founded in 2003 and headquartered in Birmingham, UK, with offices in Mumbai, India.
In the fields of computer security and information technology, computer security incident management involves the monitoring and detection of security events on a computer or computer network, and the execution of proper responses to those events. Computer security incident management is a specialized form of incident management, the primary purpose of which is the development of a well understood and predictable response to damaging events and computer intrusions.
Natasha Rhodes is an English-born author, best known for her contemporary fantasy book series starring supernatural crime-fighter Kayla Steele. She has also written many film novelizations of popular blockbuster movies such as Blade: Trinity and the Final Destination series of movies, as well as original books based on films such as the A Nightmare on Elm Street series.
Security information and event management (SIEM) is a field within computer security that combines security information management (SIM) and security event management (SEM) to enable real-time analysis of security alerts generated by applications and network hardware. SIEM systems are central to security operations centers (SOCs), where they are employed to detect, investigate, and respond to security incidents. SIEM technology collects and aggregates data from various systems, allowing organizations to meet compliance requirements while safeguarding against threats.
Yii is an open source, object-oriented, component-based MVC PHP web application framework. Yii is pronounced as "Yee" or [ji:] and in Chinese it means "simple and evolutionary" and it can be an acronym for "Yes It Is!".
The Indian Computer Emergency Response Team is an office within the Ministry of Electronics and Information Technology of the Government of India. It is the nodal agency to deal with cyber security incidents. It strengthens security-related defence of the Indian Internet domain.
Cyber threat intelligence (CTI) is a subfield of cybersecurity that focuses on the structured collection, analysis, and dissemination of data regarding potential or existing cyber threats. It provides organizations with the insights necessary to anticipate, prevent, and respond to cyberattacks by understanding the behavior of threat actors, their tactics, and the vulnerabilities they exploit. Cyber threat intelligence sources include open source intelligence, social media intelligence, human Intelligence, technical intelligence, device log files, forensically acquired data or intelligence from the internet traffic and data derived for the deep and dark web.
Site Reliability Engineering (SRE) is a subset of web development that integrates software engineering with IT infrastructure and operations to enhance system reliability. SRE shares some similarities with DevOps, which focuses on software development and operational practices.
Cyber threat hunting is a proactive cyber defence activity. It is "the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions." This is in contrast to traditional threat management measures, such as firewalls, intrusion detection systems (IDS), malware sandbox and SIEM systems, which typically involve an investigation of evidence-based data after there has been a warning of a potential threat. Threat analyst Lesley Carhart stated that there is no consensus amongst practitioners what threat hunting actually entails.
A blue team is a group of individuals who perform an analysis of information systems to ensure security, identify security flaws, verify the effectiveness of each security measure, and make certain all security measures will continue to be effective after implementation.
Prometheus is a free software application used for event monitoring and alerting. It records metrics in a time series database built using an HTTP pull model, with flexible queries and real-time alerting. The project is written in Go and licensed under the Apache 2 License, with source code available on GitHub, and is a graduated project of the Cloud Native Computing Foundation, along with Kubernetes and Envoy.
Eraser is an open-source secure file erasure tool available for the Windows operating system. It supports both file and volume wiping.
Microsoft Power Platform is a collection of low-code development tools that allows users to build custom business applications, automate workflows, and analyze data. It also offers integration with GitHub, Microsoft Azure, Microsoft Dynamics 365, and Microsoft Teams, amongst other Microsoft and third-party applications.
Tokio is a software library for the Rust programming language. It provides a runtime and functions that enable the use of asynchronous I/O, allowing for concurrency in regards to task completion.
The Android recovery mode is a mode of Android used for installing updates and wipe data. It consists of a Linux kernel with ramdisk on a separate partition from the main Android system.
In software engineering, more specifically in distributed computing, observability is the ability to collect data about programs' execution, modules' internal states, and the communication among components. To improve observability, software engineers use a wide range of logging and tracing techniques to gather telemetry information, and tools to analyze and use it. Observability is foundational to site reliability engineering, as it is the first step in triaging a service outage. One of the goals of observability is to minimize the amount of prior knowledge needed to debug an issue.
The Industrial Input/Output Framework is a part of the Linux kernel.
ANY.RUN is a cybersecurity company that provides an interactive malware analysis sandbox and threat intelligence services for real-time analysis and investigations of malware and phishing threats. The platform is designed for use by cybersecurity professionals, researchers, and IT specialists, providing tools for interactive analysis of malicious software and behavior and threat intelligence services.
References
- ↑ Martinez, Roberto (2022). Incident Response with Threat Intelligence Practical Insights into Developing an Incident Response Capability Through Intelligence-Based Threat Hunting. Birmingham: Packt Publishing, Limited. ISBN 978-1-80107-099-7. OCLC 1321804492.
- ↑ Palacin, Valentina (2021). Practical Threat Intelligence and Data-Driven Threat Hunting : A Hands-On Guide to Threat Hunting with the ATT&CK(tm) Framework and Open Source Tools. Birmingham: Packt Publishing, Limited. ISBN 978-1-83855-163-6. OCLC 1235594404.
- ↑ SIMON., ROUTIN, DAVID. ROSSIER, SAMUEL. THOORES (2022). PURPLE TEAM STRATEGIES : enhancing global security posture through uniting red and blue teams with... adversary emulation. PACKT PUBLISHING LIMITED. ISBN 978-1-80107-429-2. OCLC 1322811650.
{{cite book}}: CS1 maint: multiple names: authors list (link)
