ThreatPost
Threatpost is an independent cybersecurity news site that has been around since 2009. What sets it apart from other cybersecurity news sources is its focus on business and the bottom…
University of Tennessee HSC: Tip of the Week
Website: https://uthsc.edu/its/cybersecurity/tip-of-the-week.php Although a college health sciences center doesn’t seem like a source strongly related to cybersecurity, this site consistently updates with various tips you can reference. Use these if…
Total Defense – Security Tip of the Day
Website: https://www.totaldefense.com/security-blog/category/security-tip-of-the-day/ Total Defense offers a short tip of the day covering a variety of cybersecurity and IT related topics. Use this if you need a quick tip for the…
Blogger: Troy Hunt
Website: https://www.troyhunt.com/ Troyhunt.com is a popular website run by Troy Hunt, an Australian cybersecurity expert, author, and public speaker. The website primarily focuses on topics related to cybersecurity, privacy, and…
SANS InfoSec Glossary
A glossary of approximately 450 terms provided by SANS. It is searchable and you can suggest your own additions or edits.
CISA Incident and Vulnerability Playbooks
Website: https://www.cisa.gov/sites/default/files/publications/Federal_Government_Cybersecurity_Incident_and_Vulnerability_Response_Playbooks_508C.pdf The Federal Government Cybersecurity Incident and Vulnerability Response Playbooks document is a comprehensive guide to help federal agencies respond to and mitigate cybersecurity incidents and vulnerabilities. The playbook…
CISA KEVC: Known Exploited Vulnerabilities Catalog
The Known Exploited Vulnerabilities Catalog (KEVC) is a publicly available catalog of common vulnerabilities and exposures (CVEs) that have been actively exploited by cyber attackers. It is maintained by the…
NIST: Situational Awareness for Electric Utilities (NIST 1800-7)
Website: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.1800-7.pdf NIST 1800-7 is a special publication from the National Institute of Standards and Technology (NIST) that provides guidelines for integrating Information and Operational Technologies (IT and OT) in…
NIST RMF – Risk Management Framework (SP 800-37 Rev. 2)
Website: https://csrc.nist.gov/projects/risk-managementDirect link to RMF: https://csrc.nist.gov/publications/detail/sp/800-37/rev-2/finalControl Overlays: https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/overlay-repositoryList of all publications related to RMF: https://csrc.nist.gov/Projects/risk-management/publications NIST RMF (National Institute of Standards and Technology Risk Management Framework) is a comprehensive framework…
Tenable NIST CSF Implementation Planning Tool (NIST CSF v.1.1)
Website: https://www.tenable.com/whitepapers/nist-csf-implementation-planning-tool The NIST Cybersecurity Framework (CSF) is a comprehensive set of guidelines for managing cybersecurity risk in organizations. The NIST CSF Implementation Planning Tool, developed by Tenable, provides a…