- Security as Code
- Threat Modeling
- Penetration Testing
- Vulnerability Scanning
- Security Automation
- Security Compliance
- Security Orchestration
- Secure Continuous Integration/Continuous Deployment (CI/CD)
- Role-Based Access Control (RBAC)
- Identity and Access Management (IAM)
- Endpoint Protection
- Encryption
- Intrusion Detection/Prevention System (IDS/IPS)
- Data Loss Prevention (DLP)
- Application Security
- Network Security
- Cloud Security
- Zero Trust Architecture
- Security Information and Event Management (SIEM)
- Security Operations Center (SOC)
- Security Audit
- Disaster Recovery and Business Continuity Planning (DR/BCP)
- Compliance Frameworks (e.g. PCI DSS, HIPAA, NIST)
- Security Awareness Training
- Blue Team Tools
- DevSecOps
Security as Code
a DevSecOps approach where security policies and configurations are treated as code, managed through version control, and automated in the software development process.
Threat Modeling
a proactive process of identifying, analyzing, and mitigating security risks in a software system.
Penetration Testing
a simulated cyber attack to identify vulnerabilities and weaknesses in a system or network.
Vulnerability Scanning
the automated process of identifying vulnerabilities in software and network systems.
Security Automation
the use of automation tools and processes to manage and enforce security policies and controls.
Security Compliance
the process of adhering to regulations, standards, and best practices related to security and privacy.
Security Orchestration
the coordination and automation of security processes and tasks to improve efficiency and reduce manual errors.
Secure Continuous Integration/Continuous Deployment (CI/CD)
a DevOps approach that integrates security testing and validation into the continuous delivery process.
Role-Based Access Control (RBAC)
a security model that defines and manages access to resources based on a user’s role and responsibilities.
Identity and Access Management (IAM)
the management and control of user identities, roles, and access to resources.
Endpoint Protection
security controls and measures to protect devices, such as laptops and mobile phones, that access a network.
Encryption
the process of converting data into a secret code to protect it from unauthorized access.
Firewall
a network security system that monitors and controls incoming and outgoing network traffic.
Intrusion Detection/Prevention System (IDS/IPS)
a security system that identifies and blocks unauthorized access attempts to a network or system.
Data Loss Prevention (DLP)
a security solution that detects and prevents sensitive data from being leaked or stolen.
Application Security
the practice of securing applications and systems from potential security threats.
Network Security
the practice of protecting a network from unauthorized access and security threats.
Cloud Security
the practice of protecting data and systems in cloud computing environments.
Zero Trust Architecture
a security approach that assumes that all network traffic is untrusted and requires authentication and authorization before accessing resources.
Security Information and Event Management (SIEM)
a security solution that aggregates and analyzes security events and alerts from multiple sources.
Security Operations Center (SOC)
a centralized unit responsible for managing and monitoring the security of an organization’s systems and networks.
Security Audit
the systematic examination of an organization’s security posture to identify vulnerabilities and non-compliance issues.
Disaster Recovery and Business Continuity Planning (DR/BCP)
the planning and implementation of procedures to maintain essential business functions during and after a disaster.
Compliance Frameworks (e.g. PCI DSS, HIPAA, NIST)
established guidelines and best practices for ensuring security and privacy in a particular industry or sector.
Security Awareness Training
the education and training of employees on security best practices, policies, and procedures.
Blue Team Tools
OSSEC
A host-based intrusion detection system
Snort
Network-based intrusion detection and prevention system
Suricata
Network threat detection engine
Sysmon
System monitoring tool for Windows
Tripwire
File integrity monitoring tool
AIDE
File integrity monitoring tool for Linux
Logrotate
Log management tool
Graylog
Log management and analysis platform
ELK Stack (Elasticsearch, Logstash, Kibana)
Log analysis and visualization platform
SELinux
Security-enhanced Linux
AppArmor
Linux application security manager
ClamAV
Anti-virus software for Linux
OpenSCAP
Security configuration management tool
Docker Bench for Security
Script for checking the security of Docker containers
CIS-CAT Pro Assessor
Configuration assessment tool for various systems
NetworkMiner
Network forensic analysis tool
Maltego
Threat intelligence and forensics tool
Nessus
Vulnerability scanning and assessment tool.
OpenVAS
Vulnerability scanner and management tool
Tenable.io
Vulnerability management platform
Wazuh
Open-source security information and event management (SIEM) system
HashiCorp Vault
Secrets management tool
WireGuard
Virtual private network (VPN) tool.
DevSecOps
Terraform
Infrastructure as Code (IaC) tool for provisioning and managing infrastructure.
Chef
Automation tool for configuring and managing infrastructure.
Puppet
Automation tool for configuring and managing infrastructure.
Ansible
Automation tool for configuring and managing infrastructure.
Jenkins
Continuous Integration and Continuous Deployment (CI/CD) platform.
GitLab
Web-based Git repository manager with CI/CD and security features.
CircleCI
Cloud-based CI/CD platform.
Travis CI
Continuous Integration platform for open-source projects.
Snyk
Vulnerability scanning tool for open-source components.
OWASP ZAP
Penetration testing tool for web applications.
Hashicorp Vault
Secret management tool.
ELK Stack
Log analysis and management tool.
Graylog
Log analysis and management tool.
Splunk
Log analysis and management tool.
Docker
Containerization platform.
Kubernetes
Container orchestration platform.
Prometheus
Monitoring and alerting tool.
Nagios
Monitoring and alerting tool.