viernes, 20 de noviembre de 2020

Security Predictions Reports A GLOBAL RESET: CYBER SECURITY PREDICTIONS 2021

 

Security Predictions Reports

A GLOBAL RESET: CYBER SECURITY PREDICTIONS 2021

Download your free copy of “A Global Reset: Cyber Security Predictions 2021,” to learn what you can expect regarding:

  • How remote work will evolve and affect organizations operationally
  • Insights into how threat actors will take advantage of the pandemic
  • The growing need for intelligence-led security validation
  • The future state of cloud security
  • Nation-state activity and changing TTPs
  • How ransomware has pivoted from business risk to a national security risk

Security Predictions 2021 Report



miércoles, 4 de noviembre de 2020

Security along the Container-based SDLC - OSS Tool List

 Security along the Container-based SDLC - OSS Tool List
 
  • OWASP Dependency-Track - https://dependencytrack.org
    Type: SCA
    Description: Dependency-Track is an intelligent Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components.
    Dependency-Track monitors component usage across all versions of every application in its portfolio in order to proactively identify risk across an organization. The platform has an API-first design and is ideal for use in CI/CD environments.

  • OpenAM - https://github.com/OpenIdentityPlatform/OpenAM
    Type: IAM
    Description: Open Access Management (OpenAM) is an access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security.
    Cross Domain Single Sign On (CDSSO), SAML 2.0, OAuth 2.0 & OpenID Connect ensure that OpenAM integrates easily with legacy, custom and cloud applications without requiring any modifications. It's a developer-friendly, open-source control solution that allows you to own and protect your users digital identities.

  • AquaSec Kube-Bench - https://github.com/aquasecurity/kube-bench
    Type: Security Audit
    Description: Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark.
    Note that it is impossible to inspect the master nodes of managed clusters, e.g. GKE, EKS and AKS. It supports the tests for Kubernetes as defined in the CIS Benchmarks 1.3.0 to 1.5.0 respectively.

 

More...

domingo, 27 de septiembre de 2020

Libro gratuito de "Seguridad del protocolo TLS/SSL. Ataques criptoanalíticos modernos"


En el dia de hoy se actualizo el libro gratuito de "Seguridad del protocolo TLS/SSL. Ataques criptoanalíticos modernos" con los ataques más famosos publicados hasta septiembre de 2020. 


 Descarga del libro

 

 

 


Security Awareness Planning Kit


This Planning Kit enables you to quickly build and / or improve your Security Awareness Program using resources developed and proven by the SANS Security Awareness Community. These materials can be used for people new to awareness and just starting to build an awareness program, or those highly experienced looking to improve an existing awareness program

 

How to Use this Planning Kit

The planning kit consists of the following materials. Do not feel compelled to use everything, instead simply leverage the resources most useful for you. The materials are listed in the order that people would most likely use them for building a new security awareness program. For more established or mature awareness programs you most likely just want to select the specific resources you need.

  • Example Project Charter: Project Charters are the first step in planning any large-scale project or initiative. This covers the key elements of a Project Charter for a new Security Awareness Program.
  • Example Project Plan: A detailed example of what a complete Project Plan can look like for a comprehensive Security Awareness Program.
  • Presentation: Slide deck to help you gain leadership’s support for your security awareness program.
  • Metrics Matrix: This interactive matrix identifies and documents numerous ways to measure security behaviors, culture and strategic impact of your security awareness program.
  • Phishing Planning Guide: This strategic guide walks you through the key elements of planning a successful phishing program.
  • Maturity Model: The Security Awareness Maturity Model is a key part of planning and communicating your awareness program. Both the model and a detailed breakdown of each stage is provided in your planning kit.
  • Annual Program Schedule: These templates provide examples of how you can visually document your overall security awareness plan.
  • SANS Security Awareness Report: This annual data driven report enables you to benchmark your program against other organizations and prioritize your resources and initiatives.
  • Working from Home Deployment Kit: Everything you need to quickly plan and deploy a Work from Home security awareness training program. Includes a strategic planning guide, training videos and additional materials in over thirty languages.

 Security Awareness Planning Kit