Defensible architectures are those that follow a set of specific practices oriented to avoid the shortcomings of classic security architecture. In a classical security architecture, systems are hardened during the design stage and they continue like this thorough the whole life-cycle thus assuming the threat’s modus operandi is constant unlike in a defensible architecture in…
Category: Advance Persistent Threat
Threat oriented cyber strategy with Cyber Prep
Cyber Prep is a preparedness methodology that aligns with a Multi-tier approach to Risk Management as defined in NIST SP 800-39. Cyber Prep supports the first step of this multi-tier approach which is Risk Framing. Risk framing pertains to the organizational level and from there it cascades all down to Mission / Business and Systems…
Understanding the threat for Organizational Cyber Preparedness
I have spent some time working in the threat industry and through my own experience, I started getting interested in looking at things from a different perspective. There are great professionals and researchers in this area of cyber security however, it lacks cohesion. A higher degree of cohesion within as well as in other areas,…
Network attacks and exploitation: a framework
There is no other book like this one, indeed I would say this is the only book I have read of this nature. It has been written and edited by Matthew Monte and Dave Aitel two experts in the field. The main focus of the book is Computer Network Exploitation (CNE) from a strategic point…
Free cyber intelligence courses from Augusta university
By chance, a few days ago I came across three free courses from the University of Augusta. These courses have been recognized by the NSA’s cybersecurity curriculum program. http://jagwire.augusta.edu/prestigious-nsa-recognition-for-augusta-university-cyber-security-instruction/ The courses are the following: The Global Cyber Threat Environment Cyber Conflict Strategic Cybersecurity I have not had time to go through all the courses however…
