Showing posts with label Architecture. Show all posts
Showing posts with label Architecture. Show all posts

Sunday, November 10, 2019

NIST CSF Core Notes

NIST Framework Components

The Cybersecurity Framework consists of three main components:

  • The Framework Core provides a set of desired cybersecurity activities and outcomes using common language that is easy to understand.  
  • The Framework Implementation Tiers assist organizations by providing context on how an organization views cybersecurity risk management. 
  • Framework Profiles are an organization’s unique alignment of their organizational requirements and objectives, risk appetite, and resources against the desired outcomes of the Framework Core.  

Sunday, November 3, 2019

Cyber Security Technology with NIST Cyber Security Framework

Layered Security & Defense In Depth
A layered approach to security can be implemented at any level of a complete information security strategy. Whether you are the administrator of only a single computer, accessing the Internet from home or a coffee shop, or the go-to guy for a thirty thousand user enterprise WAN, a layered approach to security tools deployment can help improve your security profile.

In short, the idea is an obvious one: that any single defense may be flawed, and the most certain way to find the flaws is to be compromised by an attack -- so a series of different defenses should each be used to cover the gaps in the others' protective capabilities. Firewalls, intrusion detection systems, malware scanners, integrity auditing procedures, and local storage encryption tools can each serve to protect your information technology resources in ways the others cannot.

Security Architecture Roadmap Examples with Timeline

Security Architecture Roadmap

Wednesday, January 30, 2019

IT Ops Knowledge Points and Skills Level

IT operations are the processes and services administered by an organization’s information technology department. As such, IT operations include administrative processes and support for hardware and software, for both internal and external clients.

IT OPS Knowledge Points:

Nosql Database Redis Mongodb
Web Servers Apache Nginx Tomcat
Network Monitoring Tools Nagios Zabbix Cacti MRTG
Proxy Servers Squid Nginx
Cache Servers Squid Varnish Redis Memcached
Log Monitoring Servers Awstats Logwatch Graphite SARG Webalizer Splunk Kafka Storm Scrible Logstach ELK
Load Balancing Servers Haproxy Lvs Nginx
Cluster Heartbeat Communication Keepalived Heartbeat
Mail Servers Sendmail Postfix
File Servers Vsftp
DNS servers Bind
Firewalls Iptables
File System DRBD ISCSI SAN NAS FastDFS Lustre Hadoop Mogilfs NFS
Rational DB Mysql Oracle
Auto Batch Installation Servers Kickstart Cobbler
Sniffing Software Wireshark Tcpdump Joy
Auto Operation management Software Puppet Ansible Chef Saltstack Func Fabric Pexpect CMDB
Virtualization / Cloud Comuting Kvm Xen Docker Openstacker
Security Failzban AIDE Portsentry IDS/IPS WAF Lynis Tripwire Nmap RKHunter Chkrootkit
Session Maintenance Screen Tmux
Pressure Testing AB Webbench Iozone Httperf Sysbench Iperf Speedtest_cli

Sunday, December 30, 2018

End Point Threat Hunting Tools & Steps to Scan and Fix System

Here are some collections from Internet about Threat Hunting tools, information and resources.

1. Kansa

Tuesday, December 4, 2018

Cyber Security Frameworks and Integrated with TOGAF

When cyber security professionals talking about related frameworks, it always comes to two which is ISO and NIST. There are lots of confusions  between them and also between Frameworks and Security architecture methodology. Here is some discussion for those topics I collected from online which I believe at certain points, it clarified some of my confusions.

A Cyber Security Framework is a risk-based compilation of guidelines designed to help organizations assess current capabilities and draft a prioritized road map toward improved cyber security practices. (From Arnab Chattopadhaya 's Enterprise Security Architecture)

Well Known Cyber Security Frameworks
• Sherwood Applied Business Security Architecture (SABSA)
• ISO/IEC 27001 & 27002 (formerly ISO 17799)
• ISO/IEC 31000
• NIST SP 800-53: Security and Privacy Controls for Federal Information Systems and Organizations
• NIST SP 800-39: Risk Management Framework
Essential security and risk concepts and their position in the TOGAF ADM (Source: TOGAF Security Guide)

From DevOps to DevSecOps

What is DevOps:
DevOps is the combination of cultural philosophies, practices, and tools that increases an organization’s ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes. This speed enables organizations to better serve their customers and compete more effectively in the market. (from AWS)

Prior to 2010,

  • Structured Development methodologies
  • Clent-server
  • Waterfall Model


  • Moved from structured development methodologies to object-oriented paradigm
  • Moved from client-server to service-oriented architecture
  • Moved from the waterfall model to agile methods

Continuous Integration and Continuous Delivery (CI/CD) relies on the automation of routine work.

Agile and DevOps

Sunday, December 2, 2018

Enterprise Security Architecture Resources

Enterprise Security Architecture (ESA) is a relatively new concept to most business & IT stakeholders. However it is gaining an increase in adoption due to the need by the CISO’s of enterprises to strategically address information security debt and meet the increasing burden of Privacy related compliance. This post is going to collect some useful online resources which started to explore a creative method to build a mature enterprise security architecture.

IT vs Information Security vs Cyber Security vs Business Continuity vs Risk Management

IT vs Information Security vs Cyber Security vs Business Continuity vs Risk Management
From: 9 steps to Cyber Security

Tuesday, October 23, 2018

Threat Modeling Resources

This post is to collect Internet resources regarding threat modeling. There are some other similar posts regarding Threat Intelligence and Threat hunting. Search my blog you will find more.

Threat Modeling Methodologies for IT Purposes
Conceptually a threat modeling practice flows from a methodology. Numerous threat modeling methodologies are available for implementation. Based on volume of published online content, the four methodologies discussed below are the most well known.

Saturday, May 26, 2018

CISO Leadership Overview

Cyber Security Mind Map Examples:
  • 网络安全绪论
  • 扫描与防御技术
  • 口令破解及防御技术
  • 拒绝服务供给与防御技术
  • Web及防御技术
  • 计算机病毒
  • 网络安全发展与未来
  • SANS Cisco Mind Map
  • 企业安全工作要点思维导图
Free Cloud Mind Map Website: Mind Mup2 -

A CISO (Chief Information Security Officer) has a complex role within a company. They have a wide array of tasks to perform, that involves many differing parts, which the average individual is not always aware of.

CISO Mind Map is an overview of responsibilities and ever expanding role of the CISO.  This Security Leadership poster made by SANS shows exactly the matters a CISO needs to mind when creating a world class IT Security team. It also highlights the essential features necessary of a Security Operations Centre (SOC).