When it comes to cybersecurity, the speed at which things change is extraordinary. Because of this cybercriminals are constantly modifying their tactics while also finding new attack avenues and exploits. At the same time, the good guys are continually adapting new defensive strategies and new methodologies to counter malicious efforts. For IT professionals to stay abreast of the continuing cycle of events, threats, and solutions, they need a little help. Fortunately, there are some great resources out there to help IT professionals protect their enterprises from both present and future threats. In Part 2 of this series, we outline five more top network security resources for you to refer to.
Open Web Application Security Project (OWASP)
Can you name the current Top 10 Application Threats present today? If you manage a network containing web applications, you should. Its also known as the OWASP Top 10. OWASP is a non-for profit international foundation in the U.S. that has been proactively helping in the battle against application threats. It promotes an open community dedicated to enabling and educating anyone interested in securing their application environments. Because they are not affiliated or sponsored by anyone, they can commit to unbiassed reporting and advice. They are most famous for their OWASP Top 10 Project that is updated every four years and covers different types of cyberthreats such as injection attacks, cross-site scripting and security misconfiguration vulnerabilities. They also have an array of free education classes that anyone can tack advantage of.
If you’ve ever done some research online concerning the latest cybersecurity news and topics, there is a good chance you stumbled across The Guardian. The site traces back to the Manchester Guardian which began publishing in 1821. In 1959 it became known as simply the Guardian and is 100 percent reader-funded. While the paper covers world news at large, it has a dedicated section to data and computer cybersecurity. There you can find all of the latest stories and events concerning the industry. You can access the Guardian for free but they will ask you to donate from time to time to help keep them operational.
At some point, nearly every IT professional in their career downloads Wireshark. While it isn’t an online forum or reference site like many of the resources mentioned here, it is a go-to site for those who want to know what is going on in their network. Wireshark is a protocol analyzer, otherwise known as a sniffer. It captures traffic on your network and displays it in a digestible format to give you a peek into the unknown pipelines of your network. The captured data can then be used to evaluate and troubleshoot network security issues. It is free to download but there is a bit of a learning curve to it if you really want to use it effectively. Fortunately, there are loads of educational resources out there to improve your mastery of the application.
Microsoft Security Intelligence Update Site
The history of Microsoft Antivirus Software is similar to that of Word and its early office products. While the early versions may not have gotten much respect, Microsoft eventually leverages its expansive platform base and gets it right at some point. If you have Windows 10 or Server 2016/2019, you are most likely familiar with Windows Defender because it is included in these operating systems for free. While it may have been scoffed at early on, Microsoft’s endpoint solution today is highly recognized throughout the industry. Naturally, it is targeted by malware creators who look to render it ineffective in order for their malicious code to infect a Windows device. One of the ways is to disable automatic updates for zero-day malware strains. Fortunately, Microsoft provides a portal where you can download the latest signatures for all of their security endpoint solutions in the case you can’t download them in real time. Its one of those resources you hope you don’t have to use, but can save the day possibly if needed.
Did you know that online romance scams are the seventh most reported cybersecurity scam and the second costliest after BEC attacks? That is just one of the many tidbits of information you can get from InfoSecurity Magazine. InfoSecurity is one of the top online resources out there to stay informed about all of the latest news, trends and events concerning enterprise cybersecurity. Besides their timely articles, the site also offers free webinars, podcasts and white papers. These and other resources do require you to sign up as a member. The online magazine also promotes several conferences and events throughout the year.
We wanted to include one more resource for you, although you already know about it. It is the TitanHQ Blog that is dedicated to keeping the public informed about the latest cybersecurity threats as well as new tools and methodologies to combat them. While you are obviously familiar with our blog site (as you are reading it), we invite you to share our link with your peers, friends, and colleagues. Also, feel free to send us topic suggestions as we strive to make our own blog site a top 10 network security resource as well. Thanks for reading.