darkcybe
  • 👋whoami
  • Security Operations
    • 💉Threat Mangement
      • Identify
        • Developing a Security Program
        • Governance, Risk, and Compliance (GRC)
        • Security Architecture
      • Protect
        • Vulnerability Mangement
        • Identity and Access Management (IAM)
        • Zero Trust
    • 👩‍💻Threat Detection
      • Detect
        • Continuous Monitoring & Security Operations Center (SOC)
        • Cyber Threat Intelligence (CTI)
    • 🚒Threat Response
      • Respond
        • Digital Forensics and Incident Response (DFIR)
      • Recover
  • Offensive Security Operations
    • 🎯Penetration Testing
      • Techniques
        • MITRE ATT&CK
          • Reconnaissance
          • Resource Development
            • T1608 - Stage Capabilities
              • Staging Malware and Tools on Kali Linux
          • Initial Access
          • Execution
          • Persistence
          • Privilege Escalation
          • Defense Evasion
          • Credential Access
          • Discovery
          • Lateral Movement
          • Collection
          • Command and Control
          • Exfiltration
          • Impact
        • CAPEC
          • 100 - Overflow Buffers
          • 66 - SQL Injection
          • 94 - Adversary-in-the-Middle (AiTM)
          • 252 - PHP Local File Inclusion (LFI)
          • 560 - Use of Known Domain Credentials
          • 644 - Use of Captured Hashes (Pass-the-Hash (PtH))
          • 633 - Token Impersonation
        • Technology Focused
          • Cloud
            • Amazon Web Services (AWS)
            • Google Cloud Platform (GCP)
          • Network Protocols and Services
            • Port 20/21 - FTP
            • Port 22 - SSH
            • Port 23 - Telnet
            • Port 25 - SMTP
            • Port 53 - DNS
            • Port 80 - HTTP
            • Port 110/995 - POP3
            • Port 135/593 - MSRPC
            • Port 137-139 - NetBIOS
            • Port 143/993 - IMAP
            • Port 443 - HTTPS
            • Port 445 - SMB
            • Port 3389 - RDP
            • Port 5355 - LLMNR
            • ARP
            • Databases
              • Port 1433/1434 - MSSQL
              • Port 3306 - MySQL/MariaDB
            • DHCP
          • Web
            • PHP
          • Windows
            • Active Directory
          • Wireless
          • Linux
      • Offensive Security Tools
    • 🚩Capture The Flag (CTF)
  • Guides
    • 🔍DFIR
      • Evidence Artifacts
        • Event Logs
        • Windows
          • Evidence of...
            • Account Usage
            • File Download
            • Program Execution
            • External Device Activity
            • File and Folder Interaction
            • Lateral Movement
            • Network and Browser History
      • DFIR Tools
        • Malware and File Analysis
          • Sigcheck
          • DensityScout
        • Memory Forensics
          • Volatility
        • Program Execution
          • PeCmd
          • WxTcmd
          • AmcacheParser
          • JumpListExplorer (JLE)
          • AppCompatCacheParser
          • SrumECmd
        • DFIR Toolkits
          • Registry Explorer
          • Incident Timelines
      • Theat Analysis
        • Analysis
          • iOS Popup Scam
        • Emulation
    • 🥷Ethical Hacking
      • Exploitation
      • Post-Exploitation
      • Reporting and Documentation
    • ⛳CTF Walkthroughs
      • 📦Hack The Box (HTB)
        • 🚶HTB Walkthroughs
    • 👷‍♀️Security Engineering
      • Building a Cybersecurity Home Lab
        • Step 1: Lab Design and Architecture
        • Step 2: Installing and Configuring VMware ESXi 8
        • Step 3: Installing the OPNsense Firewall
        • Step 4: Configuring OPNsense Firewall Rules
  • General Resources
    • 🐳Deep Dives
      • Public Key Infrastructure (PKI)
    • 🐍Programming
      • Python
    • 🏋️Training
      • 🗓️Study Methodology
    • 🥠Semi-Pro Tips
      • Linux
      • Windows
      • Resources
Powered by GitBook
On this page
  1. Security Operations
  2. Threat Mangement

Protect

PreviousSecurity ArchitectureNextVulnerability Mangement

Last updated 1 year ago

The Protect Function supports the ability to limit or contain the impact of a potential cybersecurity event.

💉
Page cover image
https://www.nist.gov/cyberframework/getting-started/quick-start-guide
Cover

Vulnerability Mangement

A continuous process of identifying, assessing, prioritizing and mitigating weaknesses in IT systems to prevent cyber attacks.

Cover

Identity and Access Management (IAM)

An introduction to identity and access management (IAM), its importance, how it works, NIST CSF IAM control categories, and resources for further reading.

Cover

Zero Trust

Zero Trust, its guiding principles, and how it can be implemented through a Zero Trust Architecture. It also lists various technologies that can assist in deploying Zero Trust and discusses the Zero Trust Maturity Model.