Skip to content

Latest commit

 

History

History
142 lines (77 loc) · 3.68 KB

Links.md

File metadata and controls

142 lines (77 loc) · 3.68 KB

Information on penetration testing

http://www.pentest-standard.org/index.php/Main_Page

http://www.isecom.org

http://csrc.nist.gov/publications/nistpubs/800-115/SP800-115.pdf

https://csrc.nist.gov/files/pubs/sp/800/150/ipd/docs/sp800_150_draft.pdf

https://www.ncsc.gov.uk/guidance/penetration-testing

https://www.bsi.bund.de

https://owasp.org/www-project-web-security-testing-guide/latest/3-The_OWASP_Testing_Framework/1-Penetration_Testing_Methodologies

Code of Ethics

https://www.eccouncil.org/Support/code-of-ethics#none

https://www.isc2.org/ethics?queryID=3d0356b95fba54d55cf4acb688c58449

https://www.giac.org/about/ethics

Frameworks

https://attack.mitre.org/

https://atlas.mitre.org/matrices/ATLAS

https://www.owasp.org/index.php/Main_Page

https://www.ncsc.gov.uk/cyberessentials/overview

https://www.iso.org/standard/27001

https://www.isaca.org/resources/cobit

https://www.nist.gov/cyberframework

https://learn.microsoft.com/en-us/security/adoption/mcra

http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html

Mitigation Strategies and Techniques

Cybersecurity and Infrastructure Security Agency (CISA)
https://www.cisa.gov/resources-tools/resources/identifying-and-mitigating-living-land-techniques

https://www.cisa.gov/sites/default/files/2024-02/Joint-Guidance-Identifying-and-Mitigating-LOTL_V3508c.pdf

NSA's Top 10 Cybersecurity Mitigation Strategies
https://www.nsa.gov/portals/75/documents/what-we-do/cybersecurity/professional-resources/csi-nsas-top10-cybersecurity-mitigation-strategies.pdf

JPMorgan - 12 tips for mitigating cyberattacks
https://www.jpmorgan.com/insights/cybersecurity/ransomware/12-tips-for-mitigating-cyber-risk

Information on new threats

https://www.exploit-db.com/

http://www.heise.de/security/

http://www.security-insider.de

https://www.swisscybersecurity.net/

Information on vulnerabilities

https://nvd.nist.gov/

https://www.exploit-db.com/search/

https://www.cve.org/

https://www.cvedetails.com/

https://technet.microsoft.com/en-us/security/bulletins

Tooling

https://www.kali.org/

https://www.metasploit.com/

https://www.nessus.org/

https://www.openvas.org/

https://www.acunetix.com/

https://www.netsparker.com/

Zero Trust Architecture

NIST SP 800-207
https://csrc.nist.gov/pubs/sp/800/207/final

Azure Zero Trust security
https://learn.microsoft.com/en-us/azure/security/fundamentals/zero-trust

Google Zero Trust security
https://cloud.google.com/learn/what-is-zero-trust

NIST SP 800-63 Digital Identity Guidelines
https://pages.nist.gov/800-63-4/

Zscaler - What Is Zero Trust Architecture?
https://www.zscaler.com/resources/security-terms-glossary/what-is-zero-trust-architecture

OWASP Cheat Sheet Series
https://cheatsheetseries.owasp.org/cheatsheets/Secure_Product_Design_Cheat_Sheet.html

NSA Releases Maturity Guidance for the Zero Trust Network and Environment Pillar
https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3695223/nsa-releases-maturity-guidance-for-the-zero-trust-network-and-environment-pillar/

NSA Embracing a Zero Trust Security Model
https://media.defense.gov/2021/Feb/25/2002588479/-1/-1/0/CSI_EMBRACING_ZT_SECURITY_MODEL_UOO115131-21.PDF

The Open Group Zero Trust Architecture
https://www.opengroup.org/forum/security-forum-0/zerotrustsecurityarchitecture

Zero Trust on AWS
https://aws.amazon.com/security/zero-trust/?nc1=h_ls

Live Threat Map's

https://threatmap.checkpoint.com/

https://www.digitalattackmap.com/

https://cybermap.kaspersky.com/

https://livethreatmap.radware.com/

https://threatmap.bitdefender.com

https://threatmap.fortiguard.com/

https://attackmap.sonicwall.com/live-attack-map/