security items relate

CSR

Common Name, Organization, Organization unit, locality, state, country, email

Please Don’t Cut Ever

Preparation, detection, analysis, containment, eradication, recovery, lessons learned

Intelligent Investigators Preserve Collected proof, Review and Produce Presentations

Information, identification, preservation, collection, processing, review, analysis, production, presentation

MFA

Something you have, something you are, something you know, somewhere you are

Threat Intelligence

Confirmed, probable, possible, doubtful, improbable, discredited

23BRAIDS

Twofish, 3Des, Blowfish, Rivest Ciphers, AES, IDEA, DES, Skipjack

DEREK

Diffle-hellman, El Gamal, RSA, Elliptic Curve, Knapsack

MRS.H

MD5, RIPEMD, SHA, HVAL

Real developers ideas take efforts

Requirements, Design, Implement, Test, Evolve

Please can superman implode all millionaires

Prepare, Categorize, Select, Implement, Asses, Authorize, Monitor

Alien Pizza doesn’t ingest organically

Ad hoc, Preliminary, Defined, Integrated, Optimized

AV value

Physical 0.2, local 0.55, adjacent 0.62, network 0.85

CIA value

None 0, Low 0.22, High 0.56

CVSS Value

None 0, Low 0.1-3.9, Medium 4-6.9, high 7-8.9, critical 9-10

Threat Intelligence value

Confirmed 90, probable 70, possible 50, doubtful 30, improbable 2, discredited 1

AC value

high 0.44, low 0.77

CVSS formula

impact score + exploit-ability

Impact score formula

1 - [ (1-C) (1-I) (1-A)]

Exploit formula

8.22 x AV x AC x PR x UI

PR Value

high 0.27/0.5, low 0.62/0.68, none 0.85

UI Value

none 0.85, required 0.62

NIST 800-103 acronym

Please can superman implode all millionaires

Risk Maturity acronym

Alien pizza doesn’t ingest organically

Response framework acronym

DRMRRL

symmetric acronym

23BRAIDS

Asymmetric acronym

DEREK

hashes acronym

Mrs.H

SDLC Acronym

Real developers ideas take efforts

DRMRRL

Detect, respond, mitigate, report, recover, remediate, lessons

MAC

System Rules

DAC

Owner decides

DKIM

Checks domain signature

SPF

Checks sending server

S/MIME

Encrypt & Sign email

DMARC

Tells what to do on failed emails

EES

enterprise Email secret

IPSEC VPN

Site to Site Tunnel

SSL VPN

Remote/User Access

PPTP VPN

Insecure obsolete

MPLS VPN

Large WAN VPN

EAP-TLS

Client certificate

EAP-TTLS

Tunneled authentication

CHAP

Challenge no encryption

PEAP

Protected EAP

XSS

Inserted into website

CSRF

Stored in website

Stateless

Forget everything

Stateful

Remembers everything

Federated

Central Info

Disinformation

Faked deliberate info

Misinformation

Unintentional fake info

Ephemeral

Temporary

IR Process

Please Don’t Cut Every Red Line

EDRM

Intelligent Investigators Preserve Collected Proof, Review and Produce Presentations

ISO/NIST Standards

111 Locks Storage, 103 Handles passwords, 01 builds security, 02 shows control, 31 manages risk, 277 Protects privacy

policy

intent

Standard

Must

Procedure

Steps general

Rulebook

Rules

Playbook

Plan descriptive

runbook

execution

template

Structure

Orchestration

Automation

Policy Engine

Decides

Policy Administrator

implements decision

Policy Enforcement Point

Enforces/acts on decision

guideline

suggest

data owner

owns

Data Controller

Controls

Data Steward

Shapes (Quality)

Data Custodian

Cares (Security)

Data processor

Processes