Last Updated: 5/19/2024
CIS – Center for Internet Security
a non-profit organization that creates, validates, and promotes cyberdefense best practices.
Directory Solutions
We need to Talk about Directory solutions. This can be a blurry subject. At the heart of it though directory services are going to manage identities of objects that are secured. The blurry part starts when we integrate various policies (Governance, Password Management)
Authentication Management:
RSA – Authentication Manager
Okta
DUO
Entrust
Secrets / Password Managers
* Link – Secrets – Vaults, Keys, Secrets, Certificates, TOTP
Identity Management
Identity Governance
Hacking – various disciplines
Metasploit
John
Hak5
Certifications:
Security+
CISSP
CEH – Certified Ethical Hacker
ITIL
AWS CCP, etc.
Azure 900, etc.
NAC – Network Access and Control
• Identify Security engine (ISE) by Cisco
• PacketFence – OpenSource
• Network Policy Server (NPS) Microsoft
Audits
Frameworks, Best Practices, Configuration Guides.
PAM – Privileged Access Management
Network Monitoring
SIEM (and logging)
• QRadar
• CloudWatch
• Azure Sentinel
• Logrythm
• Splunk
• ArcSite (currently a MicroFocus company)
• AlienVault OSSIM (aka now AT&T Cybersecurity)
• LogStash
• Wazuh
Certificates / PKI – Let’s talk OpenSSL and Easy-RSA