Knowledge Base

security-2143492_640.jpg

  1. ISACA COBIT:
    a) COBIT 4.1 Polski
    b) COBIT 5 Polski
    c) COBIT 2019
    d) COBIT 2019 Design Guide and Toolkit: Designing an Information & Technology Governance Solution
    e) COBIT 2019 Design Toolkit

  2. NIST:
    a) 800-61 Rev. 2 Computer Security Incident Handling Guide
    b) 800-63B Digital Identity Guidelines: Authentication and Lifecycle Management
    c) 800-82 Rev. 2 Guide to Industrial Control Systems (ICS) Security
    d) 800-207 Zero Trust Architecture 
    e) NIST Cybersecurity Framework
    f) NICE Cybersecurity Workforce Framework
    g) NIST Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1
    h) NIST Informative References for the Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management

  3. CIS:
    a) CIS Controls® V7.1 (wymaga rejestracji / podania danych)
    b) CIS Controls® V8 (wymaga rejestracji / podania danych)
    c) https://www.cisecurity.org/cis-benchmarks/ (wymaga rejestracji / podania danych)

  4. ENISA
    a) ENISA Maturity Evaluation Methodology for CSIRTs
     
  5. Inne: 
    a) Mitre Ten Strategies of a World-Class Cybersecurity Operations Center
    b) Matrix ATT&CK Matrix for Enterprise
    c) MITRE Caldera
    d) AtomicRedTeam Framework
    e) The Cloud Security Alliance Cloud Controls Matrix (CCM)
    f) The Cloud Security Alliance - Security Guidance for Critical Areas of Focus in Cloud Computing 4.0
    g) OWASP Top 10 Application Security Risks - 2017
    h) OWASP Application Security Verification Standard Project
    i) VULDB the community-driven vulnerability database

  6. Forensic Tools: 
    a) Metapicz - online metadata and exif viewer
    b) cr0nx / awesome-linux-attack-forensics-purplelabs

  7. Pentesting
    a) Basic CMD for Pentesters
    b) Basic PowerShell for Pentesters
    c) PTES standard
     
  8. OSINT
    a) OSINT Framework