Best Cloud SaaS Governance Practices from the CSA Cloud Security Alliance
IntroductionInfrastructure as Service security is almost always the focus when discussing cloud security. platforms as a service (PaaS) and infrastructure
Read more
Framework
Security and Privacy Capability Maturity Model (SP-CMM) by SCF, Secure and Privacy by Design Principles Framework
The S|P establishes 32 common-sense principles to guide the development and oversight of a modern security and privacy program. The
Read more
Campaigns to be Introduced to MITRE ATT&CK V12
Primary Articles Published by Matt Malona In ATT&CK 2022 roadmap, at ATT&CKCon 3.0, and most recently on the SANS Threat
Read more
DevSecOps is not just a technological shift; it is also a cultural one, according to Tenable.cs Cloud Security’s whitepaper, “7 Habits of Highly Effective DEVSECOPS Teams.”
DecSecOps, which is typically viewed as an integrated team of development, operational, and security practitioners that can securely deliver innovation
Read more
BARK: A PowerShell script was created to aid the BloodHound Enterprise team in locating and regularly validating abuse primitives.
BloodHound Attack Research Kit is referred to as BARK. It is a PowerShell script created to help the BloodHound Enterprise
Read more
The Azure Threat Research Matrix is explained
It’s typical for the assessment team to cite the MITRE ATT&CK knowledge base when conducting an offensive security assessment so
Read more
NSA Released D3FEND a framework for cybersecurity professionals to tailor defenses
Recently a Framework was Released by NSA named D3FEND which is based on and Complementary to MITRE ATT&CK Framework. It
Read more