Please enable JavaScript.
Coggle requires JavaScript to display documents.
Main Categories and Tools - Coggle Diagram
Main Categories and Tools
Network Protocol Analyzers (Packet Sniffers)
Purpose: Captures and analyzes network data traffic.
Example: Hands-on tools for analyzing packet data in real time.
Use: Tracks data encountered within an organization's network.
Playbooks
Purpose: Manuals that outline steps for security-related tasks.
Chain of Custody Playbook
Tracks evidence possession and control during incidents.
Documents "who, what, where, and why" of evidence.
Ensures evidence safety and integrity.
Protecting and Preserving Evidence Playbook
Guides management of volatile digital evidence.
Follows Order of Volatility:
Prioritizes capturing highly volatile data first.
Emphasizes creating copies to avoid altering original evidence.
SIEM Tools (Security Information and Event Management)
Purpose: Collects and analyzes log data to monitor activities.
Dashboards for visual data organization.
Provides alerts for threats, risks, and vulnerabilities.
Hosting options:
On-premise: More control but requires expertise.
Cloud-hosted: Easier to set up and maintain.
Benefits: Reduces manual review time for analysts.
Resources for Further Exploration
Threat Horizon Report (Google Cybersecurity Action Team)
Strategic intelligence on cloud-related threats.
CISA’s Free Cybersecurity Services and Tools
List of open-source tools to expand your toolkit.