Cybersecurity

This section includes notes on threat intel, detection, labs, and tools.

Areas of Cybersecurity

1. Network Security

Protects the integrity, confidentiality, and availability of data as it is transmitted across or accessed through networked systems.

2. Application Security

Focuses on keeping software and devices free of threats by identifying and fixing vulnerabilities in applications.

3. Information Security

Safeguards the confidentiality, integrity, and availability of data, both in storage and in transit.

4. Operational Security (OpSec)

Involves processes and decisions for handling and protecting data assets, including permissions and user access.

5. Endpoint Security

Secures end-user devices such as computers, mobile devices, and tablets from malicious activity.

6. Identity and Access Management (IAM)

Ensures that only authorized individuals have access to resources by managing user identities and permissions.

7. Cloud Security

Protects data, applications, and services in cloud environments from threats and vulnerabilities.

8. Disaster Recovery and Business Continuity

Plans and processes to restore operations and data access after a security incident or breach.

9. Security Operations

Continuous monitoring, detection, and response to security threats and incidents.

10. Threat Intelligence

Collects and analyzes information about current and emerging threats to inform defense strategies.