Azure Security Pillar – Cloud Framework
The Azure Well-Architected Framework provides a set of best practices for building and running secure, scalable, and efficient cloud infrastructure on Azure. The framework is divided into five pillars, one…
Reference
AWS Security Reference Architecture
AWS Security Reference Architecture is a collection of security best practices, architectural patterns, and recommended designs for securing cloud-based workloads. It is an extensive guide that provides organizations with a…
NIST Privacy Framework
NIST Privacy Framework is a comprehensive set of guidelines that can help organizations manage privacy risks, protect personal information, and comply with privacy laws and regulations.
NIST 800-53 Revision 5
NIST 800-53 is a security control framework created by the National Institute of Standards and Technology (NIST) in the United States. The framework provides a set of security controls and…
SANS White Papers Repository
Website: https://www.sans.org/white-papers/ The SANS White Papers (formerly the SANS Institute Reading Room) is a free online library of whitepapers, case studies, and research articles focused on cybersecurity. The resources cover…
DOE Energy Sector Cybersecurity Framework Implementation Guidance (2015)
Website: http://energy.gov/oe/downloads/energy-sector-cybersecurity-framework-implementation-guidance The Energy Sector Cybersecurity Framework Implementation Guidance is a resource developed by the U.S. Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER) to assist…
Tenable NIST CSF Implementation Planning Tool (NIST CSF v.1.1)
Website: https://www.tenable.com/whitepapers/nist-csf-implementation-planning-tool The NIST Cybersecurity Framework (CSF) is a comprehensive set of guidelines for managing cybersecurity risk in organizations. The NIST CSF Implementation Planning Tool, developed by Tenable, provides a…
NIST RMF – Risk Management Framework (SP 800-37 Rev. 2)
Website: https://csrc.nist.gov/projects/risk-managementDirect link to RMF: https://csrc.nist.gov/publications/detail/sp/800-37/rev-2/finalControl Overlays: https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/overlay-repositoryList of all publications related to RMF: https://csrc.nist.gov/Projects/risk-management/publications NIST RMF (National Institute of Standards and Technology Risk Management Framework) is a comprehensive framework…
NIST: Situational Awareness for Electric Utilities (NIST 1800-7)
Website: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.1800-7.pdf NIST 1800-7 is a special publication from the National Institute of Standards and Technology (NIST) that provides guidelines for integrating Information and Operational Technologies (IT and OT) in…
CISA KEVC: Known Exploited Vulnerabilities Catalog
The Known Exploited Vulnerabilities Catalog (KEVC) is a publicly available catalog of common vulnerabilities and exposures (CVEs) that have been actively exploited by cyber attackers. It is maintained by the…