Security
Core Concepts
- authentication vs. authorization
Tools
- Loki IOC scanner
- mimikatz, Windows password scrapper
Terminology
- risk = impact (of compromise/breach) x probability (of compromise/breach)
- security posture
- Security posture refers to an organization’s overall state of cybersecurity readiness.
- Security posture encompasses a number of related things. It includes the strength of an organization's security defenses/controls, the ability to prevent, detect and respond to intrusions. And the general maturity of an organization in terms of how it looks at and addresses security.
- Security Posture also refers to the strength/resilience of a system in terms of being protected against attack.
- Indicator of Attack (IOA), some evidence that is related to an adversary attempting to breach an environment
- Indicator of Compromise (IOC), some evidence that an adversary has compromised an environment