The conﬁguration, operation and maintenance of secure systems including the detection of and response to security incidents and the collection and use of threat intelligence.
The AWS Well-Architected Framework describes key concepts, design principles, and architectural best practices for designing and running workloads in the cloud. Security is one element of the Well-Architected Framework. Amazon provide practical labs covering the different pillars within the Well-Architected Framework. These allow you to learn by doing, with code and documentation to help you.
enso.security's AppSec Map provides a quick overview of different elements of an AppSec programme and some of the offerings which can help an organisation provide each element of the programme.
FLARE VM is a fully customizable, Windows-based security distribution for malware analysis, incident response, penetration testing, etc.
Published weekly, the Risky Business podcast features news and in-depth commentary from security industry luminaries. Hosted by award-winning journalist Patrick Gray, Risky Business has become a must-listen digest for information security professionals.
Many different executable packers exist. They may compress, encrypt or obfuscate the underlying binary. Malware authors may use either off-the-shelf packers or custom packers to avoid detection. One example packer is UPX, a free, portable, extendable, high-performance executable packer for several executable formats. If you've got more time, try analysing or debugging the binary.
The UK's National Cyber Security Centre (NCSC) publish guidance and reports across a wide range of topics. Reading one of these guides will give you insight into the challenges faced in the real world.
The Cyber Security Body Of Knowledge is a comprehensive Body of Knowledge to inform and underpin education and professional training for the cyber security sector. The CyBOK project aims to bring cyber security into line with the more established sciences by distilling knowledge from major internationally-recognised experts to form a Cyber Security Body of Knowledge that will provide much-needed foundations for this emerging topic. The project, funded by the National Cyber Security Programme, is led by the University of Bristol's Professor Awais Rashid, along with other leading cyber security experts - including Professor Andrew Martin, Professor Steve Schneider, Dr Yulia Cherdantseva, Dr Rod Chapman and Dr Marina Krotofil.
Tetragon is a runtime security enforcement and observability tool. Tetragon applies policy and filtering directly in eBPF in the kernel.
PiRogue tool suite (PTS) is an open-source tool suite that provides a comprehensive mobile forensic and network traffic analysis platform targeting mobile devices both Android and iOS, internet of things devices (devices that are connected to the user mobile apps), and in general any device using wi-fi to connect to the Internet.