Keeping Data Sanitization Policies Square With Enterprise Security


Data Point No. 1: Successful communication of data sanitization policies relies upon both the policy owner’s experience and organizational structure.

Data Point No. 2: Equipment left in storage areas is putting companies at risk of insider threats and data breaches.

Data Point No. 3: Flexible workers are most likely to compromise company data policy.

Data Point No. 4: Senior management is not taking direct responsibility for IT asset erasure.

M0B tool - Auto Detect CMS And Exploit

https://github.com/mobrine-mob/M0B-tool

OSCP PWK 2020 :

94.23.154.4/pwk.zip

have fun guys

Configuration management software is a broad category of tools and services that enable administrators to manage configuration at scale in a policy driven, repeatable and automated approach.

Configuration Management Tools - Key Features:
• Configuration: By definition, configuration management tools all enable users to configure the options needed for deployment and operations.
• Automated deployment: The ability to automatically deploy software and virtual infrastructure, in a policy driven approach with defined configuration is a key attribute.
• Policy compliance: Keeping infrastructure and software inline with policy is a valuable feature for most organizations.

How to Choose a Configuration Management Tool:
• Scope: Identify what type of software or infrastructure that needs to be managed and make sure it's supported by the tool
• Complexity: Some tools are easier than others to manage both in terms of onboarding and ongoing control. Be sure to try out a tool in limited deployment before committing.
• Cost: Is the solution something that scales to cover different use-cases while remaining cost-effective?

Top Configuration Management Solutions:
• Chef
• CFEngine
• Hashicorp Terraform
• Puppet
• Red Hat Ansible
• Saltstack

International channel for Transmission Knowledge In the field of Cyber Security with a Focus on the Content of the CISSP-ISC2 course
@cissp
+also group:
@cisspgroup

Woow Content:😺
Need to brush up on Linux? Try
https://linuxjourney.com

Want help understanding a Linux command?
https://explainshell.com

Interested to explore coding? Check out https://www.codecademy.com

Want to review the basics of different types of attacks? Here’s some lessons for you
https://www.hacksplaining.com/exercises 

How would you like to learn more about Metasploit and help out a great charity? Go here to find out
https://www.offensive-security.com/metasploit-unleashed

Need some more information on Windows Event Logs
https://www.ultimatewindowssecurity.com/securitylog/default.aspx

How about some free PowerShell video training direct from Microsoft?
https://mva.microsoft.com/en-US/training-courses/getting-started-with-microsoft-powershell-8276 
,
https://mva.microsoft.com/en-US/training-courses/whats-new-in-powershell-v5-16434 

For great sample policies and procedures, look here:
https://www.incidentresponse.com/resources/policies-plans

Looking for great video training in digital forensics?  Check out
https://www.youtube.com/13cubed 

👇🏻✌🏼
Free Digital Forensics and Incident Response Tools:
https://sumuri.com/software/paladin/
https://digital-forensics.sans.org/community/downloads
https://securityonion.net
https://docs.microsoft.com/en-us/sysinternals/downloads/
https://digital-forensics.sans.org/community/downloads 

Capture the Flag and Other Challenges
Like capture the flag and similarly challenging games? You must check these out:
https://holidayhackchallenge.com/past-challenges
https://overthewire.org/wargames
https://www.vulnhub.com
https://www.azcwr.org
http://captf.com/practice-ctf
https://kali.training

Blue team more your things? Check out these challenges to hone your skills https://www.amanhardikar.com/mindmaps/ForensicChallenges.html 

Pentesting
Want to learn more about web application pentesting? Check out https://www.owasp.org (a good overview of their projects is here https://www.owasp.org/images/0/01/Owasp_Dev_Guide.pdf) and also explore https://pentesterlab.com
https://www.hackthebox.eu

Need some good wordlists for password cracking? Try:
https://wiki.skullsecurity.org/passwords
https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm 

Other
And here’s some other sites with great information for continuing your journey into penetration testing and incident response:
https://pen-testing.sans.org/blog 
https://digital-forensics.sans.org/blog
https://cyber-defense.sans.org/blog
https://securityweekly.com
http://opensecuritytraining.info/Training.html
http://blog.commandlinekungfu.com/
http://unctad.org/en/pages/dtl/sti_and_icts/ict4d-legislation/ecom-global-legislation.aspx
https://www.unodc.org/cld/v3/cybrepo/legdb/index.html?lng=en
https://www.iana.org/domains/root/db
https://www.whois.com/whois
https://www.iana.org/whois
https://www.forwarddefense.com/en/article/references-pdf
https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=cfGBPlIyC_9404300474
https://blogs.technet.microsoft.com/ash/2016/03/02/windows-10-device-guard-and-credential-guard-demystified
https://www.slideshare.net/erikvanbuggenhout/windows-10-credentialguard-vs-mimikatz-sec599
https://www.sans.org/webcasts/purple-team-updates-sec599-107810
https://www.sans.org/webcasts/kolide-osquery-build-solid-queries-packs-incident-detection-threat-hunting-108790
https://www.youtube.com/user/davisrichardg
https://tisiphone.net/2015/08/18/giac-testing

Make your website GDPR compliant - the easy way. Use GDPR Shield to reliably block EU users from accessing your website.

1. Enter your website's URL
Get started by signing up with your website's URL

2. Insert the JavaScript snippet
We provide you with a JavaScript snippet that you'll paste into your site's existing HTML code

3. We block EU users
We'll check every user that visits your site and block access to users from the EU. This happens in the background and doesn't affect your site's speed for non-EU users

https://gdpr-shield.io/

Most Customizable Distro: Arch Linux

Best-Looking Distro: elementary OS

Best Newcomer: Solus

Best Cloud OS: Chrome OS

Best Laptop OS: Ubuntu MATE

Best Distro for Old Hardware: Lubuntu

Best Distro for IoT: Snappy Ubuntu Core

Best Distro for Desktops: Linux Mint Cinnamon

Best Distro for Games: Steam OS

Best Distro for Privacy: Tails

Best Distro for Multimedia Production: Ubuntu Studio

Best Enterprise Distro: SLE/RHEL

Best Server OS: Debian/CentOS

Best Mobile OS: Plasma Mobile

ARM:
Best Distro for ARM Devices: Arch Linux ARM

Linux 5.6 Debuts with Wireguard Secure VPN for Remote Networking

http://www.enterprisenetworkingplanet.com/netsecur/linux-5.6-debuts-with-wireguard-secure-vpn-for-remote-networking.html

Edge security, secure approch

Perimeter security: Securing access to edge compute resources via encrypted tunnels, firewall and access control

Application security:
Beyond the network layer, edge compute devices run applications that must be secured

Threat detection: As edge computing is by definition not centralized, it's critically important for providers to employ proactive threat detection technologies to identify potential issues early

Vulnerability management: There are both known and unknown vulnerabilities that need to be managed

Patching cycles: Automated patching to keep devices up to date is important for reducing the potential attack surface

What is Secure Access Service Edge (SASE)?
emerging offering combining comprehensive WAN capabilities with comprehensive network security functions, such as secure web gateways (SWG), CASB, firewalls as a service (FWaaS) and zero trust network access (ZTNA), to support the dynamic secure access needs of digital enterprises.

Even though the term SASE is new, in August 2019 Gartner forecast that by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018.

Top Edge Security Vendors:
• Akamai
• Cisco
• Cloudflare
• Fortinet
• Palo Alto Networks
• Cato Networks
• VMware
• Zscaler

Secure web gateways vs. firewalls:
Secure web gateways are dedicated cloud services or appliances for web and application security. They are proxies (meaning they terminate and emulate network traffic). Because of specialization, they can detect and protect against much more sophisticated and targeted attacks that use the web.
Firewalls have a different function. Firewalls are great at packet-level security, but are not as sophisticated on the application layer for security, said Gerry Grealish, head of Product Marketing for Cloud & Network Security Products at Symantec. Firewalls typically do not terminate or inspect entire objects, and many are reliant on stream-based AV scanning as a defense against malware. That's why evasive threats operating on an application level can easily bypass some firewall defenses. But the clear distinction between secure web gateways and firewalls is beginning to blur.
Some cloud-delivered secure web gateway services now offer an optional cloud firewall service to enforce controls on non-web internet traffic.

Hacking + Lab ( Train ing)
https://mega.nz/folder/aPBWQCyD#78pLyTJKTqb7ftB0os07qw

• Carbon Black (formerly Bit9)👌🏽
• CrowdStrike👍🏽👍🏽
• Cybereason👍🏽
• Darktrace👍🏽
• Endgame
• ExtraHop Networks
• Sqrrl (now owned by Amazon)
• Vectra

These are different from breach and attack simulation (BAS) and endpoint detection and response (EDR) solutions, which are designed for reactive security staff.

• Spreadsheets: The simplest threat hunting tool is the humble spreadsheet, which many threat hunters use to help them when carrying out a stack counting exercise to manage the numbers and sort them.

•👉Security monitoring tools: Conventional security products such as firewalls, antivirus software, data loss prevention systems, and network intrusion detection systems are all used by threat hunters to help reveal indicators of compromise.

• Statistical analysis tools: These use mathematical patterns to spot anomalous behavior in data, which the threat hunter may then decide warrants further investigation.

• Intelligence analytics tools: These tools help threat hunters visualize data with interactive charts and graphs that make it easier to spot previously hidden correlations and connections between entities, events, or data.

• SIEM systems: Security Information and Event Management (SIEM) solutions are used by threat hunters as well as reactive security staff to make sense of the vast amounts of log data that many organizations generate and to surface suspicious activity.

• User and entity behavior analytics tools: UEBA tools can help threat hunters spot anomalous behavior.

• Threat intelligence resources: As well as tipping threat hunters off about new threats to look for and techniques that attackers are adopting, threat intelligence resources also give details of specific executables or malware hashes to look for and malicious IP addresses to be wary of.

IRM (Incident Response Methodologies):

CERT Societe Generale provides easy to use operational incident best practices. These cheat sheets are dedicated to incident handling and cover multiple fields in which a CERT team can be involved. One IRM exists for each security incident we're used to dealing with.
These cheat sheets have been written in English and Russian, and translated into Spanish by Francisco Neira from the OAS.
CERT Societe Generale would like to thank SANS and Lenny Zeltser who have been a major source of inspiration for some IRMs

https://github.com/certsocietegenerale/IRM