Share:
Notifications
Clear all

Cyber Defense Contractors Forum

Cybersecurity & Privacy
Posts
Topics

General Cybersecurity & Privacy

General Information for This Category that Does Not Have a Forum

1
1

 

IdM

Identity and Access Management

0
0

Self Encrypting Drives

Hardware Based Encryption

0
0

Encryption

Cryptography and Message Encoding

0
0

Legislature

Cybersecurity & Privacy Law

0
0

Threat Modeling

Vulnerability Identification, Enumeration, and Mitigation

0
0

Breach and Attack Simulation

Continuous and Automated Penetration Testing

0
0

File Integrity Monitoring

Validating the Integrity of Operating System and Application Software Files

0
0

Security Information and Event Management

Real-Time Analysis of Security Alerts

0
0

Indicators of Compromise (IoC)

An Artifact Observed on a Network or Operating System that Indicates a Computer Intrusion

0
0

Tactics, Techniques, and Procedures (TTP)

An Approach of Analyzing an APT's Operation or Can Be Used as Means of Profiling a Certain Threat Actor

0
0

Storage Sanitation & Destruction

Data Wiping and Destruction

0
0

Cyber Threat Intelligence (CTI)

Information About Threats and Threat Actors that Helps Mitigate Harmful Events in Cyberspace

0
0

Data Execution Prevention (DEP)

Preventing an Application or Service from Executing Code from a Non-executable Memory Region

0
0

Data Loss Prevention (DLP)

Detect and Prevent Potential Data Breaches/Data Ex-filtration Transmissions

0
0

De-Indentification

The Process Used to Prevent Someone's Personal Identity from Being Revealed

0
0

IT Compliance Management

Governance, Risk Management, and Compliance

0
0

Enterprise Governance of Information and Technology (EGIT)

Defining and Embedding Processes and Structures Throughout the Organizations that Enable Both Business and IT People

0
0

Behavior Analysis

Behavioral Analysis to Assist in Investigations

0
0

Predictive Analysis

An Area of Statistics that Deals with Extracting Information from Data and Using it to Predict Trends and Behavior Patterns

0
0

Adversarial Machine Learning

A Technique Employed in the Field of Machine Learning Which Attempts to Fool Models Through Malicious Input

0
0

Incident Management (IcM)

Activities to Identify, Analyze, and Correct Hazards to Prevent a Future Re-occurrence

0
0

Incident Response

Monitoring and Detection of Security Events on a Network, and the Execution of Proper Responses to Those Events

0
0

Endpoint Detection and Response (EDR)

Endpoint Security Solution that Combines Real-time Monitoring and Collection of Endpoint Data

0
0

Digital Forensics

A Branch of Forensic Science Encompassing the Recovery and Investigation of Material Found in Digital Devices

0
0

Network Intrusion Detection System (NIDS)

A System that Monitors and Analyzes Incoming Network Traffic

0
0

Network Intrusion Protection System (NIPS)

A System Used to Monitor a Network as Well as Protect the Confidentiality, Integrity, and Availability of a Network

0
0

Host Intrusion Detection System (HIDS)

A System That Monitors Important Operating System Files

0
0

Post-compromise Intrusion Detection

Post Incident Capabilities for Network Defenders as Adversaries Continue to Evolve Methods for Compromising systems

0
0

Advanced Persistent Threats (APT)

A stealthy Threat Actor Which Gains Unauthorized Access to a Computer Network and Remains Undetected for an Extended Period

0
0

HTTP Public Key Pinning (HPKP)

An HTTP Header which allows HTTPS websites to resist Impersonation by Attackers using Misissued or Fraudulent Certificates

0
0

Domain Name System Security Extensions (DNSSEC)

A Suite of Specifications for Securing Certain Kinds of Information Provided by the Domain Name System

0
0

DNS-based Authentication of Named Entities (DANE)

A Protocol to Allow X.509 Digital Certificates to Be Bound to Domain Names Using Domain Name System Security Extensions

0
0

DNS Certification Authority Authorization (CAA)

Policy Mechanism Which Allows Domain Name Holders to Indicate to Certificate Authorities Whether They are Authorized to Issue a Digital Certificate

0
0

DNS over HTTPS (DoH)

A Protocol for Performing Remote Domain Name System Resolution via the HTTPS Protocol

0
0

DNS over TLS (DoT)

A Protocol for Encrypting Domain Name System (DNS) Queries and Answers via the Transport Layer Security (TLS) Protocol

0
0

DNSCrypt

A Protocol that Authenticates Communications between a DNS Client and a DNS Resolver

0
0

Encrypted Server Name Indication (SNI)

An Extension to TLS by Which a Client Indicates which Hostname it Is Attempting to Connect to at the Start of the Handshaking Process

0
0

Expect-CT

The Expect-CT Header Allows Sites to Opt in to Reporting and/or Enforcement of Certificate Transparency Requirements

0
0

Online Certificate Status Protocol (OCSP)

An Internet Protocol Used for Obtaining the Revocation Status of an X.509 Digital Certificate

0
0

Trusted Platform Module (TPM)

A Standard for a Secure Cryptoprocessor, A Dedicated Microcontroller Designed to Secure Hardware through Cryptographic Keys

0
0

Manufacturer Usage Description (MUD)

A Reference So That the Network Behavior of a Device in Any Operating Environment can be Locked Down and Verified Rigorously

0
0

Passive DNS Sensor Network

Passive DNS Monitoring that Sends DNS Information for Analysis to Improve Threat Intelligence and Threat Prevention Capabilities

0
0

Protected Health Information (PHI)

Any Information About Health Status, Provision of Health Care, or Payment for Health Care That is Created or Collected and Can Be Linked to a Specific Individual

0
0

Blue Teaming

Network Engineers with a Proactive Defensive Security Posture

0
0

Red Teaming

Network Engineers with an Offensive Security Posture (Includes Penetration Testing)

0
0

Purple Teaming

Engineers who Operate with Knowledge of Blue and Red Team Actions

0
0

Cybersecurity Frameworks
Posts
Topics

General Cybersecurity Frameworks

General Information for This Category that Does Not Have a Forum

0
0

NIST

National Institute of Standards and Technology

0
0

COBIT

Control Objectives for Information and Related Technologies

0
0

ISO 27001

International Standard Organization 27001

0
0

ISO 27002

International Standards Organization 27002

0
0

CIS Critical Security Controls

Center for Internet Security

0
0

PCI DSS

Payment Card Industry Data Security Standard

0
0

GDPR

European General Data Protection Regulation

0
0

NERC

North American Electric Reliability Corporation

0
0

COSO

Committee of Sponsoring Organizations of the Treadway Commission

0
0

HITRUST CSF

Health Information Trust Alliance

0
0

TY CYBER

Technical Committee on CyberSecurity

0
0

Cybersecurity Tools
Posts
Topics

General Cybersecurity Tools

General Information for This Category that Does Not Have a Forum

0
0

MISP Framework

Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing

0
0

Cortex Threat Analysis

Analyze Observables Collected, at Scale, by Querying a Single Tool

0
0

The Hive

Security Incident Response for the Masses

0
0

CASCADE by MITRE

CASCADE is a Project Which Seeks to Automate Much of the Investigative Work a “blue-team” Team Would Perform to Determine the Scope and Maliciousness of Suspicious Behavior on a Network Using Host Data

0
0

CALDERA by MITRE

CALDERA Offers an Intelligent, Automated Red Team System that can Reduce Resources Needed by Security Teams

0
0

CRITS

Collaborative Research Into Threats, CRITs is an Open Source Malware and Threat Repository for Analysts and Security Experts Engaged in Threat Defense

0
0

Security Onion

Security Onion is a Free and Open Source Linux Distribution For Intrusion Detection, Enterprise Security Monitoring, and Log Management

0
0

Wazuh

A Free, Open-source Host-based Intrusion Detection System

0
0

SIEMonster

Security Incident and Event Management (SIEM)

0
0

AlienVault by AT&T

Commercial and Open Source Solution to Manage Cyber Attacks

0
0

Apache Metron

Apache Metron Provides a Scalable Advanced Security Analytics Framework Built with Hadoop

0
0

Metasploit

Provides Information about Security Vulnerabilities and Aids in Penetration Testing and IDS Signature Development

0
0

HTTPS Everywhere

Makes Websites use a More Secure HTTPS Connection Instead of HTTP, If They Support It

0
0

Splunk

Software for Searching, Monitoring, and Analyzing Machine-generated Big Data

0
0

PacketFence

An Open-source Network Access Control System

0
0

NMAP

Free and Open Source Utility for Network Discovery and Security Auditing

0
0

ModSecurity

An Open-Source Web Application Firewall (WAF)

0
0

OpenVPN

Open-source Software that Implements Virtual Private Network Techniques to Create Secure Point-to-Point or Site-to-Site Connection

0
0

Nessus

Vulnerability Scanner

0
0

OpenVAS

Open-source Vulnerability Scanner

0
0

Wireshark

Packet Capture Application

0
0

Infection Monkey

Breach and Attack Simulation by Guardicore

0
0

GRR

GRR Rapid Response is an Incident Response Framework Focused on Remote Live Forensics

0
0

Cybersecurity Operating Systems
Posts
Topics

General Cybersecurity Operating System

General Information for This Category that Does Not Have a Forum

0
0

TAILS

A Live Operating System That Aims to Preserve Your Privacy and Anonymity

0
0

Qubes

Qubes OS Leverages Xen-based Virtualization to Allow for the Creation and Management of Isolated Virtual Machines Called Qubes

0
0

Whonix

Operating System Software That Can Anonymize Everything You Do Online

0
0

Kali

An Advanced Linux Distribution Used for Penetration Testing, Ethical Hacking and Network Security Assessments

0
0

Vulnerabilities & Threats
Posts
Topics

General Vulnerabilities & Threats

General Information for This Category that Does Not Have a Forum

0
0

2020-03-18 :: Cisco SD-WAN Vulnerabilities

CVE-2020-3266 (CVSS of 7.8), CVE-2020-3264 (CVSS of 7.1), CVE-2020-3265 (CVSS of 7.0)

0
0

Attacks & Breaches
Posts
Topics

General Attacks & Breaches

General Information for This Category that Does Not Have a Forum

0
0

2020-03-06 :: Oregon Department of Human Services :: Phishing

An email was opened by an employee on March 6, possibly exposing their credentials to an outside entity

0
0

2019-09-08 :: Capital One Breach :: 106 Million Accounts and Credit Cards

Capital One has announced that nearly 106 million customer accounts and credit card applications have been compromised.

0
0

Share:
  • Sign up
Lost your password? Please enter your username or email address. You will receive a link to create a new password via email.
X