Related Research Articles
The SANS Institute is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and auditing. The information security courses are developed through a consensus process involving administrators, security managers, and information security professionals. The courses cover security fundamentals and technical aspects of information security. The institute has been recognized for its training programs and certification programs. Per 2021, SANS is the world’s largest cybersecurity research and training organization. SANS is an acronym for SysAdmin, Audit, Network, and Security.
Drupal is a free and open-source web content management system (CMS) written in PHP and distributed under the GNU General Public License. Drupal provides an open-source back-end framework for at least 14% of the top 10,000 websites worldwide and 1.2% of the top 10 million websites—ranging from personal blogs to corporate, political, and government sites. Drupal can also be used for knowledge management and for business collaboration.
Packt is a publishing company founded in 2003 and headquartered in Birmingham, UK, with offices in Mumbai, India.
In the fields of computer security and information technology, computer security incident management involves the monitoring and detection of security events on a computer or computer network, and the execution of proper responses to those events. Computer security incident management is a specialized form of incident management, the primary purpose of which is the development of a well understood and predictable response to damaging events and computer intrusions.
Natasha Rhodes is an English-born author, best known for her contemporary fantasy book series starring supernatural crime-fighter Kayla Steele. She has also written many film novelizations of popular blockbuster movies such as Blade: Trinity and the Final Destination series of movies, as well as original books based on films such as the A Nightmare on Elm Street series.
Security information and event management (SIEM) is a field within computer security that combines security information management (SIM) and security event management (SEM) to enable real-time analysis of security alerts generated by applications and network hardware. SIEM systems are central to security operations centers (SOCs), where they are employed to detect, investigate, and respond to security incidents. SIEM technology collects and aggregates data from various systems, allowing organizations to meet compliance requirements while safeguarding against threats.
In computer security, a threat is a potential negative action or event enabled by a vulnerability that results in an unwanted impact to a computer system or application.
The Indian Computer Emergency Response Team is an office within the Ministry of Electronics and Information Technology of the Government of India. It is the nodal agency to deal with cyber security incidents. It strengthens security-related defence of the Indian Internet domain.
Cyber threat intelligence (CTI) is a subfield of cybersecurity that focuses on the structured collection, analysis, and dissemination of data regarding potential or existing cyber threats. It provides organizations with the insights necessary to anticipate, prevent, and respond to cyberattacks by understanding the behavior of threat actors, their tactics, and the vulnerabilities they exploit. Cyber threat intelligence sources include open source intelligence, social media intelligence, human Intelligence, technical intelligence, device log files, forensically acquired data or intelligence from the internet traffic and data derived for the deep and dark web.
Site Reliability Engineering (SRE) is a discipline in the field of Software Engineering and IT infrastructure support that monitors and improves the availability and performance of deployed software systems, large software services, hardware failures, and cybersecurity attacks. There is typically a focus on automation and an Infrastructure as Code methodology. SRE uses elements of software engineering, IT infrastructure, web development, and operations to assist with reliability. It is similar to DevOps as they both aim to improve the reliability and availability of deployed software systems.
Cyber threat hunting is a proactive cyber defence activity. It is "the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions." This is in contrast to traditional threat management measures, such as firewalls, intrusion detection systems (IDS), malware sandbox and SIEM systems, which typically involve an investigation of evidence-based data after there has been a warning of a potential threat. Threat analyst Lesley Carhart stated that there is no consensus amongst practitioners what threat hunting actually entails.
A blue team is a group of individuals who perform an analysis of information systems to ensure security, identify security flaws, verify the effectiveness of each security measure, and make certain all security measures will continue to be effective after implementation.
Prometheus is a free software application used for event monitoring and alerting. It records metrics in a time series database built using an HTTP pull model, with flexible queries and real-time alerting. The project is written in Go and licensed under the Apache 2 License, with source code available on GitHub, and is a graduated project of the Cloud Native Computing Foundation, along with Kubernetes and Envoy.
Eraser is an open-source secure file erasure tool available for the Windows operating system. It supports both file and volume wiping.
Microsoft Power Platform is a collection of low-code development tools that allows users to build custom business applications, automate workflows, and analyze data. It also offers integration with GitHub, Microsoft Azure, Microsoft Dynamics 365, and Microsoft Teams, amongst other Microsoft and third-party applications.
Tokio is a software library for the Rust programming language. It provides a runtime and functions that enable the use of asynchronous I/O, allowing for concurrency in regards to task completion.
The Android recovery mode is a mode of Android used for installing updates and wipe data. It consists of a Linux kernel with ramdisk on a separate partition from the main Android system.
In software engineering, more specifically in distributed computing, observability is the ability to collect data about programs' execution, modules' internal states, and the communication among components. To improve observability, software engineers use a wide range of logging and tracing techniques to gather telemetry information, and tools to analyze and use it. Observability is foundational to site reliability engineering, as it is the first step in triaging a service outage. One of the goals of observability is to minimize the amount of prior knowledge needed to debug an issue.
Security orchestration, automation and response (SOAR) is a group of cybersecurity technologies that allow organizations to respond to some incidents automatically. It collects inputs monitored by the security operations team such as alerts from the SIEM system, TIP, and other security technologies and helps define, prioritize, and drive standardized incident response activities.
ANY.RUN is a cybersecurity company that provides an interactive malware analysis sandbox and threat intelligence services for real-time analysis and investigations of malware and phishing threats. The platform is designed for use by cybersecurity professionals, researchers, and IT specialists, providing tools for interactive analysis of malicious software and behavior and threat intelligence services.
References
- ↑ Martinez, Roberto (2022). Incident Response with Threat Intelligence Practical Insights into Developing an Incident Response Capability Through Intelligence-Based Threat Hunting. Birmingham: Packt Publishing, Limited. ISBN 978-1-80107-099-7. OCLC 1321804492.
- ↑ Palacin, Valentina (2021). Practical Threat Intelligence and Data-Driven Threat Hunting : A Hands-On Guide to Threat Hunting with the ATT&CK(tm) Framework and Open Source Tools. Birmingham: Packt Publishing, Limited. ISBN 978-1-83855-163-6. OCLC 1235594404.
- ↑ SIMON., ROUTIN, DAVID. ROSSIER, SAMUEL. THOORES (2022). PURPLE TEAM STRATEGIES : enhancing global security posture through uniting red and blue teams with... adversary emulation. PACKT PUBLISHING LIMITED. ISBN 978-1-80107-429-2. OCLC 1322811650.
{{cite book}}: CS1 maint: multiple names: authors list (link)
