Where web sec sits in Cyber

Let's take a ten-mile view of cybersecurity, careers, the ecosystem, and how all of this stuff fits in.

First a slightly topical flag:

Sniffer101.pcapng

These notes have NO extra words, just a ton of reminders to me about the dimensions I think are worth talking out.

Thinking like a big company:

5 9s

Many companies will talk about their ability to stay up 99.999% of the time.

If you meditate on that you'll see a lot about the mindset behind a lot of the staffing choices and the dev schedules.

CYA == Risk Mitigation

If you're running a large company with a target on your back then you've got to be actively engaged in in proactively preventing major liabilities, including the black swan events you've never heard of.

The Cyber Killchain

The MITRE ATT&CK Framework

https://attack.mitre.org/matrices/enterprise/

The NIST Cybersecurity Framework

The CVE Database

Incident Response

NIST framework

SOCs, SPLUNK, ELK, and so on

Forensics

Red Team/Blue Team/Purple Team

Pen-testing

Bug Bountys

Threat Modeling

12 Frameworks

Threat Intel

The ISACs

Attributions

Threat Hunting

Grown up CTFs

Risk Management

Supply-Chain Audits

Security Dev Flows:

Yet Another NIST guideline

Microsoft SDL