Welcome to our humble digital abode! This site is all about cyber security and the tools needed to make it happen so if you are or want to be a cyber security analyst this is a good resource. Cyber security has different meanings depending on who you are talking too, here we will be covering it from a technical practitioner perspective and not as much from the management perspective. With that said, we will try to categorize content into the following five categories:
- Foundation – Scripting, Networking, Linux and Windows OS, etc
- Protect – anti-virus, anti-malware, patching, policy, etc.
- Detect – IDS/IPS, log review, hunting, etc.
- Respond – incident response, forensics, malware analysis, etc
- Threat Intel – How to use, contribute, and get value from it.
The categories are loosely based on the Department of Defense CNDSP program which segments job responsibilities into certain roles. A good cyber security professional should be very familiar with all of these roles. The Foundation category will cover all of the basic background information needed by new analysts, such as TCP/IP, networking, scripting in Linux and Windows, and many other topics you never really wanted to know intimately! Protect is the domain of anti-virus and other tools and policies that are in place to help protect the users and IT assets from attack. The Detect category is where the rubber meets the road! This is where cyber security analyst use tools like Snort, Bro and SiLK to detect the miscreants that are trying to gain access. The Respond category is dedicated to investigating and cleaning up after a successful attack. This covers the investigation, incident response, malware analysis, forensics and reporting of the attack. Threat Intel is all about information! It is gathered from many sources, analyst will contribute to it and use it to increase their situational awareness.
Each blog post will have an accompanying video on YouTube so no matter what your preferred learning method is we have you covered. If you find these useful please give us a thumbs up or subscribe to the channel. Also if you have any comments or questions put them in the comments section on either platform.