Secrets management has a considerable impact on the security posture of organizations. With the advent of DevOps, the amount of sensitive information in use in software...
Author: Constanza Rodriguez
Smart Cities & Critical Infrastructure Framework
The Internet of Things Security Institute is a Not for Profit academic and industry body dedicated to providing security frameworks and supporting educational services within an...
Sample Penetration Test Report
Offensive Security was contracted by MegaCorp One to conduct a penetration test in order to determine its exposure to a targeted attack. All activities were conducted...
Safeguarding Brain Data: Assessing the Privacy Practices of Consumer Neurotechnology Companies
For decades, scientists and healthcare professionals have employed neurotechnologies to understand the complexities of the human brain and pioneer cutting edge medical treatments. Neurotechnologies, which are...
Routing in FortiGate
After completing this document, you will be able to achieve these objectives: Configure networking interfaces Views: 1
Risk and Privacy FREE BOOK
The importance of businesses being ‘operationally resilient’ is becoming increasingly important, and a driving force behind whether an organization can ensure that its valuable business operations...
Risk Framework Body Related Data (PD) Immersive Tech
Organizations are increasingly incorporating immersive technologies into their products and services, creating both novel applications and increased risks. This shift typically relies on the collection and...
CYBERSECURITY Improvements Needed in Addressing Risks to Operational Technology
The National Institute of Standards and Technology (NIST) describes OT as a broad range of programmable systems and devices that interact with the physical environment (or...
Remote ID Proofing Good Practices
Durante la última década, se está observando una transformación digital cada vez más acelerada, que ha aportado numerosos beneficios a la sociedad y la economía europeas...
RedTeam Tips Orchestrating Chaos Evading Defense Culture
Red Teaming involves simulating cyberattacks to test an organization’s defenses. Red Teams adopt the mindset of adversaries, aiming to uncover vulnerabilities and assess the effectiveness of...
Why Red TeamsPlay a Central Rolein Helping OrganizationsSecure AI Systems
At Google, we recognize that the potential of artificial intelligence (AI), especially generative AI, is immense. However, in the pursuit of progress within these new frontiers...
Red Report 2024 – The Top 10 Most Prevalent MITRE ATT&CK® Techniques The Rise of Hunter-Killer Malware
Marking its fourth year of publication, the Red Report 2024™ provides a critical dive into the evolving threat landscape, presenting a detailed analysis of adversaries’ most...
Threat Detection Report 2024
The Threat Detection Report synthesizes the critical information we communicate to customers whenever we detect a threat, the research and detection engineering that underlies those detections,...
Recommended Skills for a Cyber Security Career
Year after year, the cyber talent gap is increasing — currently estimated to have 3,5 million open positions worldwide — presenting all sorts of headaches for...
Ransomware Cartography (2014-2024)
Ransomware is a type of malicious software designed to block access to a computer system or data until a ransom is paid. Over the past decade,...
Pwning the Domain Persistence
In the ever-evolving landscape of cybersecurity, the battle for domain supremacy rages on. The “Pwning the Domain” series emerges as a beacon, illuminating the shadowy tactics...
Purple Concepts Bridging the Gap
Whether your focus area is Red Team, Blue Team, Cyber Threat Intelligence, Detection and Response, or any other facet of security, organizations need trained professionals who...
PROTECTIVE SECURITYPOLICY FRAMEWORKSecuring government business:Protective security guidance for executive
Applicability of the Protective Security Policy Framework The Protective Security Policy Framework (PSPF) pplies to non-corporate Commonwealth entities subject to the Public Governance, Performance and Accountability...
Política Nacional de Ciberseguridad 2023-2028
Las tecnologías de información y comunicaciones (TIC) juegan un papel fundamental en las actividades diarias y en el bienestar de las personas, en lageneración de riqueza...
Phishing Attack Pentesting Guide
Phishing is probably one of the biggest issues for most organizations today, with network and endpoint defensive technology getting better and better, the bad guys aren’t...
Perspectiveson Securityfor the Board
One year ago, Google Cloud embarked on a mission to empower boards of directors to take a more active role in overseeing their organization’s cyber risk....
OSINT Method for Map Investigations
1. Introduction to OSINT and Map Investigations: 2. Types of Data Sources: 3. Key Techniques and Tools: 4. Practical Applications: 5. Ethical and Legal Considerations: 6....
Practical Examples ofSecurity Risk Assessmentfor Industrial Control Systems
“Security Risk Assessment Guide for Industrial Control Systems (ICS)” (hereinafter, the “Guide”) focuses primarily on developing a correct understanding of security risk analysis, and explaining methodologies,...
Office 365 Secure Confirmation Framework
The National Cyber Security Centre (NCSC), in coordination with Microsoft and Ekco, have developed this Secure Configuration Framework for Office 365 a component of the Microsoft...
Observatorio Riesgos Ciberseguridad 2024
Aunque los inicios de la ciberseguridad se remontan a más de cincuenta años atrás, la proliferación de ataques con repercusión mediática la han situado, en la...
Bloking Malware Through Antivirus Security Profile in FortiGate
After completing this document, you will be able to achieve theseobjectives: Malware & Antivirus Risk of Malware: Keeping malware out of your network is key to...
Generative AI for Organizational Use:Internal Policy Checklist
As the use of generative AI increases, organizations are revisiting their internal policies and procedures to ensure responsible, legal, and ethical employee use of these novel...
Best Practices for Cyber Crisis Management
Prevention phase Preparedness phase Response phase Recovery phase Views: 3
A Guide to Defining Reasonable Cybersecurity
In the United States, there is no national, statutory, cross-sector minimum standard for information security. No national law defineswhat would be considered reasonable security in matters...
AWS Cloud Security Checklist
This summary highlights key security measures recommended for AWS environments. Views: 4