Work From Home Resources

Telework Security Basics – Use these tips from NIST to improve your telework security, whether you’re using your organizations’ laptop or smartphone, or your own personal desktop or tablet. Protecting Portable Devices: Data Security – In addition to taking precautions to protect your portable devices, it is important to add another layer of security by […]

Courses and Training

Destination Certification – Achieving CISSP & CCSP Certification is an important career and corporate decision, and the right preparation can make all the difference for the individual and the organization. These videos are a great part of the preparation. Cybersecurity Awareness training – Help others learn to identify cybersecurity risks, like phishing and social engineering, […]

Certifications

CEH – Certified Ethical Hacker – A Certified Ethical Hacker is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). […]

Books

Holistic Info-Sec for Web Developers – Broad and deep coverage of what Web Developers and DevOps Engineers need to know in order to create robust, reliable, maintainable and secure software, networks and other, that are delivered continuously, on time, with no nasty surprises Docker Security – Quick Reference: For DevOps Engineers – A book on […]

Online resources

Security related Operating Systems @ Rawsec – Complete list of security related operating systems Best Linux Penetration Testing Distributions @ CyberPunk – Description of main penetration testing distributions Security @ Distrowatch – Website dedicated to talking about, reviewing and keeping up to date with open source operating systems Hardening Windows 10 – Guide for hardening […]

Privacy & Security

Qubes OS – Qubes OS is a free and open-source security-oriented operating system meant for single-user desktop computing. Whonix – Operating System designed for anonymity. Tails OS – Tails is a portable operating system that protects against surveillance and censorship.

Big Data

hadoop-pcap – Hadoop library to read packet capture (PCAP) files. Workbench – A scalable python framework for security research and development teams. OpenSOC – OpenSOC integrates a variety of open source big data technologies in order to offer a centralized tool for security monitoring and analysis. Apache Spot (incubating) – Apache Spot is open source […]

DevOps

Securing DevOps – A book on Security techniques for DevOps that reviews state of the art practices used in securing web applications and their infrastructure. ansible-os-hardening – Ansible role for OS hardening bunkerized-nginx – nginx Docker image secure by default Trivy – A simple and comprehensive vulnerability scanner for containers and other artifacts, suitable for […]

Scanning / Pentesting

sqlmap – sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching […]

Organization

OWASP – The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Portswigger – PortSwigger offers tools for web application security, testing & scanning. Choose from a wide range of security tools & identify the very latest vulnerabilities. Let’s Encrypt – Let’s Encrypt is a […]