Resources

threatmap1.gif

US Government Resources

 

NOTE: Some of these, such as NIST documents, may be listed below in topical areas.

 

 

Ethical Hacking Educational Resources

 

Following is a list of Web sites that provide learning resources for ethical hacking.

 

  • Learn How To Hack – Ethical Hacking Resources | HackerOne

https://www.hackerone.com/blog/resources-for-new-hackers

 

  • The Ultimate Guide to Ethical Hacking – InfoSec Resources

https://resources.infosecinstitute.com/category/certifications-training/ceh/ethical-hacking-overview/#gref

 

  • Ethical Hacking Resources | IEEE Innovation at Work

 

https://innovationatwork.ieee.org/ethical-hacking/

 

  • Top Resources To Learn Ethical Hacking

 

https://hackwarenews.com/top-resources-to-learn-ethical-hacking/

 

 

General Resources

 

 

Security Blogs

 

 

 

 

 

Planning for Security and Contingencies

 

·         Contingency Planning Guide for Federal Information Systems — http://csrc.nist.gov/publications/nistpubs/800-34-rev1/sp800-34-rev1_errata-Nov11-2010.pdf

·         Guide for Developing Security Plans for Federal Information Systems — http://csrc.nist.gov/publications/nistpubs/800-18-Rev1/sp800-18-Rev1-final.pdf

·         Computer Security Incidents: Assessing, Managing, And Controlling The Risks – ITL Security Bulletin — http://csrc.nist.gov/publications/nistbul/b-01-04.pdf

·         Techniques for System and Data Recovery – ITL Security Bulletin — http://csrc.nist.gov/publications/nistbul/04-02.pdf

·         System and Network Security Acronyms and Abbreviations — http://csrc.nist.gov/publications/nistir/ir7581/nistir-7581.pdf

·         Guide to Integrating Forensic Techniques into Incident Response — http://csrc.nist.gov/publications/nistpubs/800-86/SP800-86.pdf

·         Office of the President of the United States: International Strategy for Cyberspace — http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf

 

 

Information Security Policy

 

 

 

Developing the Security Program

 

 

 

Security Management Models

 

 

 

Security Management Practices

 

 

 

Risk Management: Identifying and Controlling Risk

 

 

 

 

 

 

 

 

 

 

 

 

Vulnerabilities and Threats

 

·         Guide to Malware Incident Prevention and Handling — http://csrc.nist.gov/publications/nistpubs/800-83/SP800-83.pdf

·         National Vulnerability Database: Helping Information Technology System Users And Developers Find Current Information About Cyber Security Vulnerabilities – ITL Security Bulletin — http://csrc.nist.gov/publications/nistbul/b-Oct-05.pdf

·         Creating A Program To Manage Security Patches And Vulnerabilities: NIST Recommendations For Improving System Security – ITL Security Bulletin — http://csrc.nist.gov/publications/nistbul/b-02-06.pdf

·         Norton Cybercrime Report 2011 — http://us.norton.com/content/en/us/home_homeoffice/html/cybercrimereport/

 

Protection Mechanisms

 

·         Federal Agency Use of Public Key Technology for Digital Signatures and Authentication — http://csrc.nist.gov/publications/nistpubs/800-25/sp800-25.pdf

·         Guideline for Implementing Cryptography in the Federal Government — http://csrc.nist.gov/publications/nistpubs/800-21-1/sp800-21-1_Dec2005.pdf

·         DoD Cyber Protect Network Security Game — http://iase.disa.mil/eta/cyber-protect/launchpage.htm

·         TLS – Transport Layer Security — http://en.wikipedia.org/wiki/Transport_Layer_Security

·         SSL Certificates — https://www.globalsign.com/ssl-information-center/what-is-an-ssl-certificate.html?gclid=CI3YutnD46wCFcp65Qoduzywnw

·         NIST.org Free Online Antivirus, Spyware and Firewall reviews — http://www.nist.org/news.php?extend.93

 

 

Personnel and Security

 

 

  • How to Become CISM Certified

http://www.isaca.org/Certification/CISM-Certified-Information-Security-Manager/How-to-Become-Certified/Pages/default.aspx

 

  • How to Become CISA Certified

 

http://www.isaca.org/Certification/CISA-Certified-Information-Systems-Auditor/How-to-Become-Certified/Pages/default.aspx

 

 

 

 

 

Security Law and Ethics

 

 

 

 

 

 

LIVE ATTACK MAPS

Trend Micro’s Botnet Connection Dashboard

https://botnet-cd.trendmicro.com/

Akamai real time web monitor

https://www.akamai.com/us/en/resources/visualizing-akamai/real-time-web-monitor.jsp

FireEye’s map shows attacks as they happen

https://www.fireeye.com/cyber-map/threat-map.html

Checkpoint Threat live map

https://threatmap.checkpoint.com/ThreatPortal/livemap.html

 

Industry Vendor Collaborations

 

TrendMicro

https://www.trendmicro.com/en_us/business.html

 

Oracle Academy

https://academy.oracle.com/en/oa-web-overview.html

 

Amazon AWS Educate

https://aws.amazon.com/education/awseducate/

 

IBM Skills Academy

http://www.ibm.com/services/weblectures/meap

 

Checkpoint Secure Academy

https://www.checkpoint.com/support-services/secureacademy/

 

Palo Alto Network Cybersecurity Academy

https://www.paloaltonetworks.com/services/education/academy

 

Splunk Higher Education Academic Licenses

 

https://www.splunk.com/en_us/solutions/industries/higher-education/academic-licenses.html