Security Operations
by Mbaunguraije Tjikuzu
1. Security Orchestration and Response (SOAR)
1.1. Cortex
1.2. Patrowl
2. Risk Management
2.1. Eramba
2.2. Barnowl (Risk Log)
3. Privilege Access Management
3.1. Cyberark
3.2. Microsoft LAPS
4. MFA
4.1. Duo Security
4.2. Microsoft Azure MFA
4.3. RSA Authentication Manager
5. Monitoring
5.1. ManageEngine OpsManager
5.2. ManageEngine Application Manager
5.3. DarkTrace
5.4. FortiAnalyzer
5.5. Mimecast
6. Network Security
6.1. Portnox (Access Control)
6.2. Cisco ISE (PoC)
6.3. SDWAN (PoC)
7. Compliance, Audit and Review
7.1. Internal Audit
7.2. Penetration Test
7.3. Monthly Report Reviews
7.4. SWIFT CSP Attestation
8. Password Management
8.1. Bitwarden
9. Portals
9.1. Web Proxy (Centos Nginx)
9.1.1. MTN Public IPs
9.2. FortiGate Firewall
10. Configuration Management
10.1. Microsoft ATP
10.2. NIST STIG
10.2.1. Baseline Security: Windows and Linux
10.3. Configuration Management Database (CMDB)
10.4. Microsoft Red Forest
11. Information Security
11.1. Data Classification
11.1.1. Azure Information Protection
12. Endpoint Protection
12.1. Symantec Endpoint Protection
13. Interdepartmental Projects
13.1. SAP HANA Upgrade
13.2. Banking Supervision
13.3. Data Classification
14. Threat Intelligence
14.1. MISP
14.2. OpenCTI
14.3. AlienVault OTX
15. Log and Event Management
15.1. AlienVault
15.2. SecurityOnion
16. Incident Management
17. Vulnerability Management
17.1. Qualys
17.2. Microsoft SCCM
17.2.1. Patch Management
18. Governance
18.1. Information security Policy
18.2. IT Security Plan
18.3. Acceptable Use of IT Policy
18.4. MITTRE ATT&CK Framework
18.5. NIST CSF 800-53
18.6. COBIT 2019
19. Firewall
19.1. Fortigate
19.1.1. VPN
19.1.2. Internet Breakout
19.2. Cisco ASA
19.2.1. 3rd Party Services
20. Emails
20.1. Mimecast
20.1.1. MX= Mimecast for all emails
20.2. Office 365
20.2.1. 90-95% users
21. Malware/Intrusion Prevention
21.1. FortiSandbox
21.2. FortiGate Firewall
22. Information Sharing
22.1. BAN Cybersecurity Forum
22.2. OSSAT/OSSAC
22.3. Namibia National Cyber Security Competition
23. Encryption
23.1. Bitlocker
23.2. Public Key Infrastructure
23.3. Wildcard certificate
24. AOC
24.1. Core Network Re-Design
24.2. Advanced Cloud Security (M365 E5)
24.2.1. Microsoft ATP