Latest Posts

My Own Cloud Tools and Readings

Here are some of tools I created or found online. They are just for my own usage.
  • My Reading
  • My Online Tools

My Readings

  1. Top Six Communicating Skills - Listening, Coaching (Learning&Sharing), Teaching, Guiding, Advising, Motivating
  2. Operation - (运维 )
    • Agile - (Documentation -> Process -> Technology -> Monitor -> Backup) - Jira / Confluence / Wiki
    • CMDB - Device42? 
    • Some posts in this forum
  3. Architecture 
    • Multi-layered Security -  Vertical - Cloud - Perimeter - network - endpoint - Application - data
    • Multi-Zones Security - Lateral (Horizontal) - 产品区域、生产区域、内网区域、合作区域
    • Zero Trusted Network / Security - identify verification for every person and device. - IAM & PAM (Least Privilege Access), 0 Day Attack, MicroSegmentation, MFA , CASB (Identity verification, Access Control, DLP, URL Filtering, Packet Inspection, Sandboxing, Browser Isolation, Anti-Malware), 
  4. CISO Skills
  5. NIST 
    • CSF - 50% used at US organizations at 2020
    • Other Publications
      • Special Publication 800-53: provides a catalog of security and privacy controls for all U.S
      • Special Publication 800-40: Creating a Patch and Vulnerability Management Program 
      • Special Publication 800-30: Risk Management Guide for Information Technology Systems
    • Roadmap - CSF
      • Tiers - (1. Partial, 2. Risk Informed, 3. Repeatable, 4. Adaptive) vs Maturity level
      • Categories with Core Functions - Identify , Protect, Detect, Respond, Recover - 23 Categories, 108 Subcategory, mapping to CSC, ISA, ISO, COBIT, NIST SP 800-53
      • Profiles - For each subcategory, set up Priority, Gaps, Budget, Short/Intermediate/Long Term activities
    • Vulnerability Management
      • 800-30 & 800-40
    • TRA
      • Qualitative vs Quantitative
  6. ISO27001


My Online Tools

  1. Portainer -//portainer.51sec.org/
  2. Docker - //docker.51sec.org/
  3. Log - https://51sec.loggly.com/
  4. Email - https://51sec.org/mail
  5. Google Drive Indexer- http://gd.51sec.workers.dev/  no-password  https://gd2.51sec.workers.dev/
  6. Wiki - https://sec.myxwiki.org/
  7. Zabbix - //zabbix.51sec.org/zabbix
  8. Proxy - https://proxy.51sec.org/
  9. Nodequery - VPS Monitoring (10 VPS, API supported) - NodeInfo - https://51sec.org/monitor
  10. Online Calendar Booking - https://calendly.com/51sec/
  11. Bookmarks - https://sites.51sec.org
  12. Download - https://download.51sec.workers.dev
  13. Aria2 + AriaNG - //download.51sec.org/ui
  14. FileBrowser + Aria2 + AriaNG +Rclone - //download.51sec.org
  15. OneDrive List - FODI - https://51sec.github.io/FODI/front-end/
  16. Github - https://github.com/51sec
  17. KMS - 132.145.98.41  - key : https://docs.microsoft.com/zh-cn/windows-server/get-started/kmsclientkeys
  18. Jira / Confluence / Trello - https://51sec.atlassian.net/
  19. WebSSH - //webssh.51sec.org
  20. OneManager - https://od.51sec.org
  21. IFTTT - Connets all of your different apps and devices together with a chains of simple conditional statements. I am using Blogger-2-Weebly and Blogger-2-Wordpress two applets to help me updating multiple sites. 




    Other Online Tools

    1. Short-tem exchange of pasted information between parties: https://paste.ubuntu.com/
    2. Free Kubernetes cluster to play : https://www.katacoda.com/courses/kubernetes/playground 
    3. Free Docker Playground:https://labs.play-with-docker.com/
    4. Free deploy app into Kubernetes: https://kubesail.com/
    5. Heroku is a platform as a service (PaaS) that enables developers to build, run, and operate applications entirely in the cloud: https://www.heroku.com/
    6. Azure Sandbox: Once activated sandbox from Azure Exercise, you can sign into  Azure portal for sandbox to explore at most 10 sandboxes for a day. Each sandbox lasts 4 hours. 


    No comments