Cyber Security Landscape






 

This website is dedicated to folks interested in learning and exploring the cyber security landscape.  The site creates a linkage and information about the various compoents that are factors in the creation of a cyber security program

Business Risk - What risks does the business (ie CEO) see/fear related to cyber
Cyber Risk - What risks does the cyber team (ie CISO) factor into their program
Attack Methods - What are common methods the attackers are using
Mitigation Methods - What are methods to mitigate the attacks & risks  
Solution Categories - What the various categories of tools/soltuions in the market
Functions - What are the various security functions that might be part of a program  

 

 

Buisness Risks
Brand Damage Intellectual Properly Loss Service Disruption  

 

Cyber Risks
Cloud Data Breach Data Breach Extortion Human Error Basic Security Hygiene Insider Threat
IOT Shadow IT Identity Compromise  

 

Attack Methods
BotNet Attack Cloud Cryptojacking Denial Of Service Attack DNS Spoofing DNS Tunneling
Drive by Download Eavesdropping Business Email Impersonation Identity Comprimise Malware Attack Man-In-The-Middle Attack
Mobile Password Phishing Attack Ransomware Attack Rootkit Attack Software Supply Chain
SQL Injection Targeted Attack Zero Day  

 

Mitigation Methods
Limit & Control Access Capture & Share Intelligence Execute Consistent Countermeasures Protect Data Defend Privileged Accounts Manage Identities & Passwords
Learn From Attacks Proactive Hunting Manage IT Security Risks Block Threats & Attacks Enable Visibility Manage Vulnerabilities
Adopt Zero Trust  

 

Solution Categories
3rd Party Risk Application Security Cloud Security Data Security DNS Security Email Security
End-Point Security Event Detection & Response Risk & Compliance Identity Mgt Insider Threat/Behavior Mgt iOT/OT Security
Logs Mgt Mobile Security Network Security Privileged Access Threat Analytics Vulnerability / Attack Surface Detection
Web Security  

 

Functions
Application Security Testing Automated Security Controls Testing Cloud Access Broker (inline) Cloud Access Broker (API/OOB) Cloud Container Security Cloud Discovery
Cloud DLP (Inline) Cloud DLP (API/OOB) Cloud Infra-as-a-Service Security Database Activity Monitoring (DAM) Data Classification & Privacy Data Encryption
Data Tokenization/Masking DDoS Protection Deception User Device Mgt - Software/Patch (End-Point) User Device Mgt - Software/Patch (Mobile) Device Mgt -Software/Patch (Server)
Disk Encryption (End Point) Enterprise DLP DMARC Security DNS Proxy (Off-Prem) DNS Proxy (On-Prem) Email Behavior Analytics
Email Security Cleanup/Automation Email Phishing Simulations Email Threat/SPAM Email User Warnings Application Control (End Point) User Device Registration (End-Point)
User Device Registration (Mobile) Detect & Respond (EDR) (End-Point) File Integrity (FIMM) (End-Point) Media Control (End Point) Next Gen AV (End-Point) End-Point Protection (End-Point)
Incident Response Services SIEM External/Digital Risk Review Network Firewall GRC Access Mgt / SSO
Active Directory Behavior Analysis Admin Server Access API Mgt Authentication/Directory Customer Identity (CIAM) Cloud Identity Monitoring
IDaaS User Identity Self Service Identity Life Cycle Mgt End-Point Local Admin Multi-Factor Auth (MFA) Session Management
IOT Device Visibility Logging Agent Log Collector Managed Hunting Services Managed Security Services (MSS) Mobile Application Reputation
Mobile Threat Network Access Control (NAC) Network Intrusion Prevention System Network Sandbox Network Security Policy Auditor Network Security Policy Orchestration
SSL Decryption Network Tap Cloud Network Threat Analytics Network Based Threat Detection ICS/OT Device Visibility Password Vault
Security Automation (SOAR) Security Awareness Training Security Ratings (Vendor & Supplier) Micro-Segmentation Threat Intelligence URL Filtering (Off-Net)
URL Filtering (On-Net) URL Filtering/Proxy (On-Net) URL Filtering/Proxy (On-Net) User & Device Behavior Analysis User Software Self Service (End-Point) User Software Self Service (Mobile)
User-Application Access /Zero-Trust VPN End-User VPN Site-to-Site VPN Vulnerability Scanning Web Application Firewall (WAF) Web Isolation  

 

Products
Cyberark Alero Okta Advanced Server Access  

 

OEMs
Cyberark Okta  

 

 

Last Updated: 03232020-08:53:24