Layer 8 – OSI Model – Entity

Layer 8 – OSI Model – User / Entity

As with all things in Technology, there is a evolution, but the old frameworks sucks as OSI model needs to be updated as well for security.

Yara and RegEx

 

• https://www.brighttalk.com/webcast/15591/388802?utm_source=securelist&utm_medium=blog&utm_campaign=gl_webinar-yara-2020_sl0099&utm_content=link&utm_term=gl_securelist__sl0099_link_blog_webinar-yara-2020

Using Mitre ATT&CK for Cyber Threat Intelligence Training

https://attack.mitre.org/resources/training/cti/

Module 1: Introducing training and understanding ATT&CK

• Module 1 Video 
• Module 1 Slides

Module 2 with Exercise 2: Mapping to ATT&CK from finished reporting

• Module 2 Video 
• Module 2 Slides

Exercise 2: Mapping from finished reporting

Cybereason Cobalt Kitty Report: we walk through this exercise in the video and slides.

• Cybereason Cobalt Kitty Report: Highlights Only
  Identifies the highlighted behaviors you should map to tactics and techniques – choose this for a more challenging exercise.
• Cybereason Cobalt Kitty Report: Tactic Hints
  Identifies the tactics for the highlighted behaviors so you just fill in the technique – choose this for a less challenging exercise.
• Cybereason Cobalt Kitty Report: Answers
  Provides one set of answers for the exercise.
• Cybereason Cobalt Kitty Report: Original Report
  For reference only if you would like to see the report in totality.

FireEye APT39 Report: we do not walk through this exercise in the video and slides, but if you would like more practice mapping finished reporting to ATT&CK, we recommend you do this exercise on your own.

• FireEye APT39 Report: Highlights Only
  Identifies the highlighted behaviors you should map to tactics and techniques.
• FireEye APT39 Report: Answers
  Provides one set of answers for the exercise.
• FireEye APT39 Report: Original Report
  For reference only if you would like to see the report in totality.

Module 3 with Exercise 3: Mapping to ATT&CK from raw data

• Module 3 Video 
• Module 3 Slides

Exercise 3: Working with raw data

Ticket 473822: we walk through this exercise in the video and slides

• Ticket 473822 Rich Text File
  Provides raw data from a simulated incident for you to use to annotate applicable ATT&CK tactics and techniques.
• Ticket 473822 Answers
  Provides one set of answers for the exercise.

Ticket 4473845: we walk through this exercise in the video and slides

• Ticket 4473845 Rich Text File
  Provides raw data from a simulated incident for you to use to annotate applicable ATT&CK tactics and techniques.
• Ticket 4473845 Answers
  Provides one set of answers for the exercise.

Module 4 with Exercise 4: Storing and analyzing ATT&CK-mapped intel

• Module 4 Video 
• Module 4 Slides

Exercise 4: Comparing layers in ATT&CK Navigator

• Comparing Layers in Navigator
  Provides detailed instructions for using Navigator to compare techniques used by APT39 and Cobalt Kitty (OceanLotus). You may find it useful to print this document (in color if possible) to have it as a reference as you work through the exercise on your screen.
• APT39 and Cobalt Kitty techniques
  A list of the techniques used by APT39 and Cobalt Kitty (OceanLotus) extracted from the reports in Exercise 2. If you are already familiar with Navigator, you could use these techniques to try to create and compare layers yourself.

Module 5 with Exercise 5: Making ATT&CK-mapped data actionable with defensive recommendations

• Module 5 Video 
• Module 5 Slides

Exercise 5: Making defensive recommendations

Guided Exercise: we walk through this exercise in the video and slides.

• • Making Defensive Recommendations Guided Exercise Rich Text Document

Guides you though steps for making defensive recommendations from ATT&CK techniques with specific questions and assumptions provided for each step.Unguided Exercise: we do not walk through this exercise in the video and slides, but if you would like more practice making defensive recommendations directly related to your own organization, we recommend you do this exercise on your own.

• • Making Defensive Recommendations Unguided Exercise

Provides steps for making defensive recommendations from ATT&CK techniques.

 

AWS SLA Calculation [Draft]

https://cloudonaut.io/aws-sla-are-you-able-to-keep-your-availability-promise/

Federal Government Digital Transformation Services – eProcurement, Tendering and Cloud Market Place.

Federal Government Digital Transformation Services

• https://www.vendorpanel.com.au/MarketPlace.aspx?emcc=205BDE2675B6
• https://marketplace.service.gov.au/
• https://www.dta.gov.au/news/new-cloud-marketplace-approach-market-deferred
• https://www.tenders.nsw.gov.au/dfs/?event=public.rftproposed.list
• https://www.tenders.gov.au/
• IaaS
• Secure Internet Gateway
• Secure Email Gateway
• Secure Email Server
• UCaaS
• Secure File Drop Box
• https://dfsinsw.service-now.com/marketplace?id=about
• https://arp.nsw.gov.au/dfsi-2018-02-data-centre-reform
• https://www.digital.nsw.gov.au/article/govdc-marketplace-now-part-buynsw
• https://cloudscene.com/marketplace/buy/1913/1-gbps-ethernet-circuit-from-montreal-to-miaminew-york

STATE OF CYBER SECURITY

STATE OF CYBER SECURITY

Linux networking tools

A Profitable Hybrid Desktop as a Service Solution

A Profitable Hybrid Desktop as a Service Solution

Empowering CIO Cyber Security

 

cio-executive-council-cyber-security-handbook

ANZ Cloud Adoption Index

Red_Hat_ANZ_Cloud_Adoption_Index_FINAL