Edge security, secure approch
Perimeter security: Securing access to edge compute resources via encrypted tunnels, firewall and access control
Application security:
Beyond the network layer, edge compute devices run applications that must be secured
Threat detection: As edge computing is by definition not centralized, it's critically important for providers to employ proactive threat detection technologies to identify potential issues early
Vulnerability management: There are both known and unknown vulnerabilities that need to be managed
Patching cycles: Automated patching to keep devices up to date is important for reducing the potential attack surface
What is Secure Access Service Edge (SASE)?
emerging offering combining comprehensive WAN capabilities with comprehensive network security functions, such as secure web gateways (SWG), CASB, firewalls as a service (FWaaS) and zero trust network access (ZTNA), to support the dynamic secure access needs of digital enterprises.
Even though the term SASE is new, in August 2019 Gartner forecast that by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018.
Top Edge Security Vendors:
• Akamai
• Cisco
• Cloudflare
• Fortinet
• Palo Alto Networks
• Cato Networks
• VMware
• Zscaler
Perimeter security: Securing access to edge compute resources via encrypted tunnels, firewall and access control
Application security:
Beyond the network layer, edge compute devices run applications that must be secured
Threat detection: As edge computing is by definition not centralized, it's critically important for providers to employ proactive threat detection technologies to identify potential issues early
Vulnerability management: There are both known and unknown vulnerabilities that need to be managed
Patching cycles: Automated patching to keep devices up to date is important for reducing the potential attack surface
What is Secure Access Service Edge (SASE)?
emerging offering combining comprehensive WAN capabilities with comprehensive network security functions, such as secure web gateways (SWG), CASB, firewalls as a service (FWaaS) and zero trust network access (ZTNA), to support the dynamic secure access needs of digital enterprises.
Even though the term SASE is new, in August 2019 Gartner forecast that by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018.
Top Edge Security Vendors:
• Akamai
• Cisco
• Cloudflare
• Fortinet
• Palo Alto Networks
• Cato Networks
• VMware
• Zscaler
Secure web gateways vs. firewalls:
Secure web gateways are dedicated cloud services or appliances for web and application security. They are proxies (meaning they terminate and emulate network traffic). Because of specialization, they can detect and protect against much more sophisticated and targeted attacks that use the web.
Firewalls have a different function. Firewalls are great at packet-level security, but are not as sophisticated on the application layer for security, said Gerry Grealish, head of Product Marketing for Cloud & Network Security Products at Symantec. Firewalls typically do not terminate or inspect entire objects, and many are reliant on stream-based AV scanning as a defense against malware. That's why evasive threats operating on an application level can easily bypass some firewall defenses. But the clear distinction between secure web gateways and firewalls is beginning to blur.
Some cloud-delivered secure web gateway services now offer an optional cloud firewall service to enforce controls on non-web internet traffic.
Secure web gateways are dedicated cloud services or appliances for web and application security. They are proxies (meaning they terminate and emulate network traffic). Because of specialization, they can detect and protect against much more sophisticated and targeted attacks that use the web.
Firewalls have a different function. Firewalls are great at packet-level security, but are not as sophisticated on the application layer for security, said Gerry Grealish, head of Product Marketing for Cloud & Network Security Products at Symantec. Firewalls typically do not terminate or inspect entire objects, and many are reliant on stream-based AV scanning as a defense against malware. That's why evasive threats operating on an application level can easily bypass some firewall defenses. But the clear distinction between secure web gateways and firewalls is beginning to blur.
Some cloud-delivered secure web gateway services now offer an optional cloud firewall service to enforce controls on non-web internet traffic.
Hacking + Lab ( Train ing)
https://mega.nz/folder/aPBWQCyD#78pLyTJKTqb7ftB0os07qw
https://mega.nz/folder/aPBWQCyD#78pLyTJKTqb7ftB0os07qw
mega.nz
File folder on MEGA
• Carbon Black (formerly Bit9)👌🏽
• CrowdStrike👍🏽👍🏽
• Cybereason👍🏽
• Darktrace👍🏽
• Endgame
• ExtraHop Networks
• Sqrrl (now owned by Amazon)
• Vectra
These are different from breach and attack simulation (BAS) and endpoint detection and response (EDR) solutions, which are designed for reactive security staff.
• Spreadsheets: The simplest threat hunting tool is the humble spreadsheet, which many threat hunters use to help them when carrying out a stack counting exercise to manage the numbers and sort them.
•👉Security monitoring tools: Conventional security products such as firewalls, antivirus software, data loss prevention systems, and network intrusion detection systems are all used by threat hunters to help reveal indicators of compromise.
• Statistical analysis tools: These use mathematical patterns to spot anomalous behavior in data, which the threat hunter may then decide warrants further investigation.
• Intelligence analytics tools: These tools help threat hunters visualize data with interactive charts and graphs that make it easier to spot previously hidden correlations and connections between entities, events, or data.
• SIEM systems: Security Information and Event Management (SIEM) solutions are used by threat hunters as well as reactive security staff to make sense of the vast amounts of log data that many organizations generate and to surface suspicious activity.
• User and entity behavior analytics tools: UEBA tools can help threat hunters spot anomalous behavior.
• Threat intelligence resources: As well as tipping threat hunters off about new threats to look for and techniques that attackers are adopting, threat intelligence resources also give details of specific executables or malware hashes to look for and malicious IP addresses to be wary of.
• CrowdStrike👍🏽👍🏽
• Cybereason👍🏽
• Darktrace👍🏽
• Endgame
• ExtraHop Networks
• Sqrrl (now owned by Amazon)
• Vectra
These are different from breach and attack simulation (BAS) and endpoint detection and response (EDR) solutions, which are designed for reactive security staff.
• Spreadsheets: The simplest threat hunting tool is the humble spreadsheet, which many threat hunters use to help them when carrying out a stack counting exercise to manage the numbers and sort them.
•👉Security monitoring tools: Conventional security products such as firewalls, antivirus software, data loss prevention systems, and network intrusion detection systems are all used by threat hunters to help reveal indicators of compromise.
• Statistical analysis tools: These use mathematical patterns to spot anomalous behavior in data, which the threat hunter may then decide warrants further investigation.
• Intelligence analytics tools: These tools help threat hunters visualize data with interactive charts and graphs that make it easier to spot previously hidden correlations and connections between entities, events, or data.
• SIEM systems: Security Information and Event Management (SIEM) solutions are used by threat hunters as well as reactive security staff to make sense of the vast amounts of log data that many organizations generate and to surface suspicious activity.
• User and entity behavior analytics tools: UEBA tools can help threat hunters spot anomalous behavior.
• Threat intelligence resources: As well as tipping threat hunters off about new threats to look for and techniques that attackers are adopting, threat intelligence resources also give details of specific executables or malware hashes to look for and malicious IP addresses to be wary of.
IRM (Incident Response Methodologies):
CERT Societe Generale provides easy to use operational incident best practices. These cheat sheets are dedicated to incident handling and cover multiple fields in which a CERT team can be involved. One IRM exists for each security incident we're used to dealing with.
These cheat sheets have been written in English and Russian, and translated into Spanish by Francisco Neira from the OAS.
CERT Societe Generale would like to thank SANS and Lenny Zeltser who have been a major source of inspiration for some IRMs
https://github.com/certsocietegenerale/IRM
CERT Societe Generale provides easy to use operational incident best practices. These cheat sheets are dedicated to incident handling and cover multiple fields in which a CERT team can be involved. One IRM exists for each security incident we're used to dealing with.
These cheat sheets have been written in English and Russian, and translated into Spanish by Francisco Neira from the OAS.
CERT Societe Generale would like to thank SANS and Lenny Zeltser who have been a major source of inspiration for some IRMs
https://github.com/certsocietegenerale/IRM
GitHub
GitHub - phrancisco/IRMs-SP: Coleccion de IRM de Societe Generale traducidos por mí al Español
Coleccion de IRM de Societe Generale traducidos por mí al Español - phrancisco/IRMs-SP
Udemy - Practical Ethical Hacking -(The Complete Course)
https://mega.nz/folder/uh0EAAyC#ti9NxpJpn6WSWw0ABjh8Tw
https://mega.nz/folder/uh0EAAyC#ti9NxpJpn6WSWw0ABjh8Tw
mega.nz
File folder on MEGA
😊
Q. Accessing an IPv6 network via an IPv4 network is called what?
A. CIDR
B. NAT
C. Translation
D. Tunneling
,
https://www.pluralsight.com/offer/2020/free-april-month
Q. Accessing an IPv6 network via an IPv4 network is called what?
A. CIDR
B. NAT
C. Translation
D. Tunneling
,
https://www.pluralsight.com/offer/2020/free-april-month
Pluralsight
Courses & Training for Individuals on an Online Learning Platform | Pluralsight
Advance your tech skills with Pluralsight, an online learning platform with expert-led courses, certifications, assessments and hands-on experiences.
Forwarded from Get Public Link Bot
Got File,
💾 Hackin9-courses.18.2.part01.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
@GetPublicLinkBot
💾 Hackin9-courses.18.2.part01.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
Use Instant Download Links for Small Files! @GetPublicLinkBot
⚠️ Instant Links May be having issues! Use Resumable links to download FAQ LinkForwarded from Get Public Link Bot
Got File,
💾 Hackin9-courses.18.2.part02.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
@GetPublicLinkBot
💾 Hackin9-courses.18.2.part02.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
Use Instant Download Links for Small Files! @GetPublicLinkBot
⚠️ Instant Links May be having issues! Use Resumable links to download FAQ LinkForwarded from Get Public Link Bot
Got File,
💾 Hackin9-courses.18.2.part03.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
@GetPublicLinkBot
💾 Hackin9-courses.18.2.part03.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
Use Instant Download Links for Small Files! @GetPublicLinkBot
⚠️ Instant Links May be having issues! Use Resumable links to download FAQ LinkForwarded from Get Public Link Bot
Got File,
💾 Hackin9-courses.18.2.part04.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
@GetPublicLinkBot
💾 Hackin9-courses.18.2.part04.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
Use Instant Download Links for Small Files! @GetPublicLinkBot
⚠️ Instant Links May be having issues! Use Resumable links to download FAQ LinkForwarded from Get Public Link Bot
Got File,
💾 Hackin9-courses.18.2.part05.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
@GetPublicLinkBot
💾 Hackin9-courses.18.2.part05.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
Use Instant Download Links for Small Files! @GetPublicLinkBot
⚠️ Instant Links May be having issues! Use Resumable links to download FAQ LinkForwarded from Get Public Link Bot
Got File,
💾 Hackin9-courses.18.2.part06.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
@GetPublicLinkBot
💾 Hackin9-courses.18.2.part06.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
Use Instant Download Links for Small Files! @GetPublicLinkBot
⚠️ Instant Links May be having issues! Use Resumable links to download FAQ LinkForwarded from Get Public Link Bot
Got File,
💾 Hackin9-courses.18.2.part07.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
@GetPublicLinkBot
💾 Hackin9-courses.18.2.part07.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
Use Instant Download Links for Small Files! @GetPublicLinkBot
⚠️ Instant Links May be having issues! Use Resumable links to download FAQ LinkForwarded from Get Public Link Bot
Got File,
💾 Hackin9-courses.18.2.part08.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
@GetPublicLinkBot
💾 Hackin9-courses.18.2.part08.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
Use Instant Download Links for Small Files! @GetPublicLinkBot
⚠️ Instant Links May be having issues! Use Resumable links to download FAQ LinkForwarded from Get Public Link Bot
Got File,
💾 Hackin9-courses.18.2.part09.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
@GetPublicLinkBot
💾 Hackin9-courses.18.2.part09.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
Use Instant Download Links for Small Files! @GetPublicLinkBot
⚠️ Instant Links May be having issues! Use Resumable links to download FAQ LinkForwarded from Get Public Link Bot
Got File,
💾 Hackin9-courses.18.2.part10.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
@GetPublicLinkBot
💾 Hackin9-courses.18.2.part10.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
Use Instant Download Links for Small Files! @GetPublicLinkBot
⚠️ Instant Links May be having issues! Use Resumable links to download FAQ LinkForwarded from Get Public Link Bot
Got File,
💾 Hackin9-courses.18.2.part11.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
@GetPublicLinkBot
💾 Hackin9-courses.18.2.part11.rar
📥 1 GB
🚀 Generate Resumable Link
ℹ️
Use Instant Download Links for Small Files! @GetPublicLinkBot
⚠️ Instant Links May be having issues! Use Resumable links to download FAQ Link