Security - Evan Harmon

# Security | ![img \|150](https://upload.wikimedia.org/wikipedia/commons/thumb/e/e1/Operating_system_placement.svg/320px-Operating_system_placement.svg.png) | **Computer Security**, cybersecurity, digital security or information technology security is the protection of computer systems and networks from attacks by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide. | | ---- | ---- | | | wikipedia:: [Computer security](https://en.wikipedia.org/wiki/Computer_security) | | | **Internet Security** is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms. | | | wikipedia:: [Internet security](https://en.wikipedia.org/wiki/Internet_security) | | | wikipedia:: [Information security - Wikipedia](https://en.wikipedia.org/wiki/Information_security) | | | wikipedia:: [Mobile Security](https://en.wikipedia.org/wiki/Mobile_security) | | | wikipedia:: [Network Security](https://en.wikipedia.org/wiki/Network_security) | | | wikipedia:: [Browser Security](https://en.wikipedia.org/wiki/Browser_security) | [[My Security & Privacy]] ## Areas ### [[Identity, Authentication, & Authorization]] ### [[Networking & Internet]] ### [[DevSecOps]] ### [[Security Testing]] ### [[Cryptography]] ### [[Hacking]] ### [[Privacy]], [[Privacy (tech)]], & Anonymity ## Concepts & Principles ### [[AntiVirus]] ### [[Malware]] ### [[Application Security]] #### [[Static Code Analysis (SCA) or Static Program Analysis]] #### [[Dynamic Application Security Testing (DAST)]] ### [[Vulnerability Scanner]] ### [[SIEM]] ### [[Common Weakness Enumeration (CWE)]] ### [[OWASP]] ### [[EDR]] ### [[Perimeter-based Security]] ### [[Security Vulnerability]] ### UTM (Unified Threat Management) - Devices that can do firewall and more e.g. malware scanning, intrusion detecting, email scanning, etc. at the premisis/perimeter level. ### [[Secure Coding]] ### [[Secure by Default]] ### [[Secure by Design]] ### [[Application Hardening]] ### [[Server Hardening]] ## Tools - [[CrowdStrike]] - [[Lacework]] - [[Dynatrace]] - [[Little Snitch]] - [[Micro Snitch]] - [[OpenSnitch]] - [[HaveIBeenPwned]] - [[Privacy Badger]] - [[Wazuh]] - [[Snyk]] - [[Semgrep]] ### [[AntiVirus]] ### [[Malware]] ## [[BSides]] ## [[Electronic Frontier Foundation|EFF]] ## Inbox - Ipsec - openscap project - center for internet security (cis) - nist national checklist program (ncp) - csa cloud controls matrix (ccm) and caiq - fips (federal information processing standards helps with cryptogrpahic strength insights - cve and cvss - nist nvd