Get Started. It's Free
or sign up with your email address
InfoSec by Mind Map: InfoSec

1. Architecture

2. People

3. Process

3.1. Strategy

3.2. Building ROIs

3.3. Building Trust

3.4. KPIs

3.5. Standards

3.5.1. ISO 27000 27002 SO 31000:2009, Risk management – Principles and guidelines Establish the context Identify risks Assess risks Select treatments Develop overall risk assessment

3.5.2. NIST

3.5.3. SANS Critical Security Controls 1. Inventory of Authorised and Unauthorised Devices 2. Inventory of Authorised and Unauthorised Software 3. Secure configurations for Hardware and Software 4. Continuous Vulnerability Assessment and Remediation 5. Malware Defences 6. Application Software Security 7. Wireless Access Control 8. Data Recovery Capability 9: Security Skills Asessment and Appropriate Training to Fill Gaps 10. Secure Configurations for Network Devices 11. Limitation and Control of Network Ports 12. Controlled Use of Administrative Privileges 13. Boundary Defence 14. Maintenance, Monitoring and Analysis of Audit Logs 15. Controlled Access Based on the Need to Know 16. Account Monitoring and Control 17. Data Protection 18. Incident Response and Management 19. Secure Network Engineering 20. Penetration Tests and Red Team Exercises

3.6. Policies/Governance

3.7. Processes

3.8. Procedures

3.9. Security Awareness

3.10. Gap Analysis

3.11. Building out capabilities

3.12. Asset Management and Inventories

3.13. Audits

3.14. Risk Assessment

3.15. Incident Response

3.16. Breaches/Crises

3.17. Executive Presentations

3.18. Education/Training/Certifications

3.18.1. Cloud Security CSA

3.18.2. ISC2 CISSP 10 Domains in the CBK

3.18.3. ISACA CISM

3.19. Development/Application Security

4. Technology

4.1. System

4.1.1. Firewall

4.1.2. Router Cisco HP

4.1.3. Switch Cisco ESW-540-8P-K9

4.1.4. Web (HTTP) Proxy

4.1.5. Reverse Proxies

4.1.6. VPN Cisco Juniper Checkpoint Pfsense

4.1.7. 2/Multi Factor Authentication RSA

4.1.8. eDiscovery

4.1.9. DLP (Data Loss Prevention)

4.1.10. IDS/IPS Network-based Cisco Snort Sourcefire Host-based OSSEC McAfee

4.1.11. SIEM Security information and event management (SIEM) is a term for software products and services combining security information management (SIM) and security event management (SEM). SIEM technology provides real-time analysis of security alerts generated by network hardware and applications. HP ArcSight McAfee/NitroSecurity IBM Security QRadar SIEM LogRhythm Splunk

4.1.12. Asset Management

4.1.13. Vulnerability Scanner Qualysguard Vulnerability Management Asset Management PCI Compliance Web Application Scanner Malware Detection Scanner Nessus OpenVAS

4.1.14. Patch Management

4.1.15. Risk Management

4.1.16. Enterprise Device Management Good for Enterprise Airwatch

4.1.17. Log Management

4.1.18. NAC Forescout 802.1x Cisco ISE

4.1.19. AAA Cisco ACS Microsoft NPS

4.1.20. PKI Windows Linux

4.1.21. Incident Response Resilient Systems Dynamic Action Plans Intelligence Feeds Comprehensive Reporting Simulations Modules

4.2. Tools

4.2.1. Anonymity TAILS TOR

4.2.2. Digital Forensics Malware Analysis Static

4.2.3. LANSweeper

4.2.4. IT_Sec_V4.0

4.2.5. Ciscat

4.2.6. Wireshark

4.2.7. VRisk2