Please enable JavaScript.
Coggle requires JavaScript to display documents.
Protecting the Organization - Coggle Diagram
Protecting the Organization
Cybersecurity Devices and Technologies
Security Appliances
Router
Firewall
Private Virtual
Network
Other Security
Devices
Intrusion prevent
system
Antimalware or
Antivirus
Port scanning
Port scanning is a process of probing a computer, server or other network host for open ports
IDS
&
IPS
Intrusion Detection System
can be a dedicated network
or one of several tools
Intrusion Prevention System
can block or deny traffic
based on a positive rule
Firewalls
:fire:🧱
Proxy server
Reverse proxy server
Context aware layer firewall
NAT firewall
Network Address Translation
Application layer firewall
Host-based firewall
Transport layer firewall
Network layer firewall
Real Time Detection
Detecting attacks in real time requires actively scanning for attacks using firewall
Security Best Practies
Educate Users
Encrypt Data
Implement Network
Security Devices
Perform and Test
Beckups
Maintain Security
Patches and Update
Protecting Against Malware
Zero-day attack
&
APT(advance persistent threats)
the way to protect this is to use an enterprise-level advanced malware detection solution
Cybersecurity
Behavior-Based Security
is a form of threat detection that capturing and analyzing the flow of communication between a user on the local network and a local or remote destination
Honeypots🍯
lures the attachers to their predicter pattern of malicius behavior
NetFlow
This tecnology is used to gather information about data flowing through a network
Switches, routers and firewalls equipped with NetFlow can report information about data entering, leaving and traveling through the network
Penetration Testing
A pen test seeks to breach systems, people, processes and code to uncover vulnerabilities.
This information is then used to improve the system’s defenses to ensure that it is better able
5 Steps
Planning
Scanning
Gaining Access
Maintainig Access
Analysis and Reporting
Impact Reduction
Provide the details
Find the cause
Be sincere and accountable
Apply lesson learned
Communicate the issue
Check and check again
Educate
Risk Management
Assess the risk
determine the severity
that each threat poses
Respond to the risk
develop a action plan to
reduce the risk
frame the risk
identify the threats
of the risk
Monitor the risk
Continuously review
any risk
Tools for Incident Detection and Prevention
DLP
(Data loss Prevention)
prevents sensitive data from being stolen or leaving a network
SIEM
(Security Information and Event Management)
collects and analizing security allert
to facilitate early detection of cyber attacks
Security Playbook
One of the best ways to prepare for a security breach is to prevent it
A security playbook is a collection of repeatable queries or reports that outline a standardized process for incident detection and response