Website: http://www.opensecurityarchitecture.org/cms/index.php Open Security Architecture (OSA) is a community-driven platform that provides free, open-source security architecture resources and tools. The platform was established to help security architects, solution designers, and…
Website: https://www.iso27001security.com/html/toolkit.html The free ISO27k toolkit is a comprehensive collection of resources designed to assist organizations in improving their information security management. It provides practical and cost-effective solutions for small…
Website: https://www.isecom.org/research.html The Open Source Security Testing Methodology Manual is a complete methodology for the testing, analysis and measurement of operational security towards building the best possible security defenses. The…
Website: https://www.first.org FIRST is the Forum of Incident Response and Security Teams. Their site includes frameworks for CSIRT (Computer Security Incident Response Teams) and PSIRT (Product Security). They also have…
Website: https://cybersecurityventures.com/cybersecurity-glossary/ This meta-list is a link to several other glossaries of Cybersecurity terms. Find out common abbreviations, compare definitions, and generally up your communication game.
Website: https://opensecuritytraining.info/Welcome.html Disclaimer: This site has undergone a re-design branded as “OST2” that has fewer classes and asks you to sign-in. The link referenced here takes you to the older…
Website: https://capec.mitre.org/index.html CAPEC is the way an attacker can exploit a CVE or generally target a CWE. From the site:The Common Attack Pattern Enumeration and Classification (CAPEC™) effort provides a…
Website: http://cwe.mitre.org CWE™ is a community-developed list of software and hardware weakness types. It serves as a common language, a measuring stick for security tools, and as a baseline for…
Website: https://oasis-open.github.io/cti-documentation/stix/intro Structured Threat Information Expression (STIX™) is a language and serialization format used to exchange cyber threat intelligence (CTI). This is a common, standardized way to share threat information…
Website: http:///cve.mitre.org This is the list of common vulnerabilities and exposures (CVE) that everyone knows and loves. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities…