Hi there 👋

Google Cybersecurity Professional Course Security Audit Conduct a security audit Incident Report Use the NIST Cybersecurity Framework to respond to a security incident Linux Commands Use Linux commands to manage file permissions SQL Queries Apply filters to SQL queries Vulnerability Assessment Conduct a vulnerability assessment based on NIST SP-800-30 Incident Handler’s Journal Documenting of incident responses File handling in Python Using Python to maintain a security related file (allow-list_ How-to articles Wazuh XDR and SIEM...

This post is continued from previous entry, Zero Cost Home Cybersecurity with WSL2 and Wazuh. We have installed Wazuh service on WSL2 and its agent on Windows. Now we are able to see various suggestions from the scan result. Where we are First, we want to know where we are. NIST Cybersecurity Framework defines following 5 steps to improve security posture. We want to address each steps with the activity with Wazuh....

There are many cybersecurity solutions for home usage in combination with endpoint security and network intrusion detection or prevention systems. Some of them are software packages such as McAfee and others may be provided by your ISP, such as Xfinity xFi Advanced Security which comes with ISP-specific hardware. However, it is unclear to the end users what they do, and sometimes pricy. It is also common to network enthusiasts to set up a white-box approach with plenty of hardware equipment for a home cybersecurity stack....

Back to index Project description This project describes an activity of updating a text file, based on the necessity of the business. It is designed for a process to maintain allow-list-based access control list. In order to restrict access of unauthorized users, businesses are required to review the list and remove access privileges on a need-to basis. With a given list of IP addresses, the program will remove them from the allow-list and write IP addresses back to the text file....

Back to index Entry 1: Analyzing ransomeware incident Entry 2: Analyzing phishing email Entry 3: Following up with playbook Entry 4: Review on incident final report Entry 5: Using Splunk to analyze malicious logins Entry 6: Using Chronicle to analyze phishing attempts Entry 1 Date: 07/19/2023 Description Ransomeware damaged a clinic. A small U.S. health care clinic experienced a security incident on Tuesday at 9:00 a.m. which severely disrupted their business operations....