====== Security ======
====== Core Concepts ======
  * authentication vs. authorization

====== Tools ======
  * [[https://www.nextron-systems.com/loki/|Loki]] IOC scanner
  * mimikatz, Windows password scrapper

====== Terminology ======
  * //risk = impact (of compromise/breach) x probability (of compromise/breach)//
  * //security posture//
    * Security posture refers to an organization’s overall state of cybersecurity readiness.
    * Security posture encompasses a number of related things. It includes the strength of an organization's security defenses/controls, the ability to prevent, detect and respond to intrusions. And the general maturity of an organization in terms of how it looks at and addresses security.
    * Security Posture also refers to the strength/resilience of a system in terms of being protected against attack.
  * //Indicator of Attack (IOA)//, some evidence that is related to an adversary attempting to breach an environment
  * //Indicator of Compromise (IOC)//, some evidence that an adversary has compromised an environment
====== Blogs/Zines ======
  * [[https://www.helpnetsecurity.com/]]

====== EDR ======
  * [[qnd:SentinelOne]]