Project Athena
  • Welcome
  • Module 00 - Mindset
    • Introduction
    • Lectures
      • Introduction to the Offensive Security Mindset
      • Curiosity, Creativity, Persistence
      • Maintaining a Healthy Mindset
  • Module 01 - Ethics and Legal
    • Introduction
    • Lectures
      • Hacker Ethics
      • Legal Framework
      • Legal Framework in Germany
  • Module 02 - Reconnaissance
    • Introduction
    • Lectures
      • Introduction to Reconnaissance
      • Information Gathering
      • Open Source Intelligence (OSINT)
      • Social Engineering
      • Search Engines for Reconnaissance
  • Module 03 - Penetration Testing
    • Introduction
  • Module 04 - Web Security
    • Introduction
    • Lectures
      • Introduction to Web
      • Security Features of the Browser
      • Client Side Vulnerabilities
      • Server Side Vulnerabilities
  • Module 05 - Hacking with Python
    • Introduction
  • Module 06 - Assembly
    • Introduction
  • Module 07 - Reverse Engineering
    • Introduction
  • Module 08 - Binary Exploitation
    • Introduction
  • Module 09 - Forensics
    • Introduction
  • Module 10 - Metasploit
    • Introduction
  • Module 11 - Linux and Server Security
    • Introduction
  • Module 12 - Windows and AD Security
    • Introduction
  • Module 13 - Blue Teaming
    • Introduction
    • Lectures
      • Overview
      • Firewalls
      • Intrusion Detection and Prevention Systems
      • Incident Response
      • Security Information and Event Management (SIEM)
  • Module 14 - Cryptography
    • Introduction
    • Lectures
      • What is Cryptography?
      • Symmetric Cryptography
      • Asymmetric Cryptography
      • Cryptographic Attacks
  • Module 15 - Password Cracking
    • Introduction
  • Module 16 - Hardware Hacking
    • Introduction
  • Module 17 - Cloud Security
    • Introduction
    • Lectures
      • Overview of Cloud Security
      • Comparison of Server Types: Cloud, Dedicated, and Shared Servers
      • User and Permission Management in Cloud Platforms
      • Containerization Overview:
      • Cloud Computing Security Concepts:
      • Secure DevOps in the Cloud
      • Exploring Key Certifications and Standards in On-Premises and Cloud Security
  • Module 18 - Mobile Security
    • Introduction
  • Module 19 - Wireless Security
    • Introduction
    • Lectures
      • The Wireless Network Architecture
      • WiFi Security Fundamentals
      • WiFi Authentication and Encryption Mechanisms
      • WiFi Attack Vectors
      • Wireless Penetration Testing Tools and Techniques
      • Best Practices for Securing Wireless Networks
  • Module 20 - RATs and Rootkits
    • Introduction
    • Lectures
      • Remote Access Trojans
      • What is a Rootkit?
  • Module 21 - AI in offensive Security
    • Introduction
  • Module 22 - Social Engineering
    • Introduction
    • Lectures
      • Introduction to Social Engineering
      • Types of Social Engineerings Attacks
      • Stages of a Social Engineering Attack
      • Psychological Principles behind Social Engineering
      • Tools and Techniques for Social Engineering
      • Prevention and Defense against Social Engineering Attacks
Powered by GitBook
On this page
  • You can achieve a good defensive security with the following points
  • Intrusion Detection Systems (IDS)
  • Intrusion Prevention Systems (IPS)
  • Security Information and Event Management (SIEM).
  • Endpoint Detection and Response (EDR)
  • Antivirus Software
  • Firewalls
  • Crucial Security Defense processes
  • Incident Response
  • Threat Intelligence
  • Vulnerability Management
  • Risk Management
  • Difference to Red Teaming
  • References
  1. Module 13 - Blue Teaming
  2. Lectures

Overview

You can achieve a good defensive security with the following points

Intrusion Detection Systems (IDS)

IDS are software or hardware systems that automate the process of tracking event occurrences within a computer system or network and analysing them for signs of security breaches. They are important in the early warning system.

Intrusion Prevention Systems (IPS)

The intrusion protection systems (IPS) are the network security devices responsible for examining network and/or system activities looking for malicious or unwanted behaviors and will instantly attempt to stop or prohibit them. These programs have the same features as intrusion detection system and are also able to prevent unauthorized access.

Security Information and Event Management (SIEM).

The technology known as SIEM analyses security alerts that are produced on an ongoing basis by network hardware and software. It gives a detailed overview of an organisation’s information security.

Endpoint Detection and Response (EDR)

EDR solutions constantly monitor and collect data about endpoint devices like desktop, laptop systems, tablets, and smartphones. EDR solutions are set up mainly to detect and eradicate suspected threats.

Antivirus Software

Anti-virus software is a program or a set of programs that are specially designed to prevent the creation or usage of virus files. It can also search for and detect these files in software. Examples of what it can find are viruses, worms, trojans, adware, spy ware etc.

Firewalls

Firewalls are network security devices which regulate traffic and ensure communication between computer networks. They act as a wall between a private network and the internet, or other networks outside the internal network. Firewalls may have physical or virtual character and they have become indispensable tool for compliance with organizational network security policies.

source: Overview [1.], Overview [2.]

Crucial Security Defense processes

Incident Response

Incident response is a systematic approach towards addressing security breaches as well as cyber threats. The primary role of this is to handle, control, and damage mitigation due to a breach.

Threat Intelligence

Threat intelligence is the type of knowledge that helps an organization gauge any threat to their surrounding environment. it gives context to threats and empowers organizes to decide with conviction.

Vulnerability Management

Vulnerability management encompasses the practice of identifying exposures as well as evaluating, remediating, and reporting vulnerabilities in systems or software.

Risk Management

Risk management entails the identification, evaluating and controlling of risks to an organization’s capital and profit. These threats or risks may come from various sources such as financial problems, legal liabilities, poor decision-making, accidents and natural calamities.

source: Overview [1.], Overview [2.]

Difference to Red Teaming

source: Overview [3.]

References

Overview

  1. https://picussecurity.com/resource/glossary/what-is-blue-teaming

  2. https://csrc.nist.gov/glossary/term/blue_team

  3. img: https://lh6.googleusercontent.com/rx-60dcB6d-PkM2PyP3WGhJHMs64U9MZqYZvURexA_uXryKYdBLsgjHpvFsXz1khxNdqXxiQsziaTQ3_-Beyb-mlsmQvelSVw6ADi8TqSB7XtWxa-N01TWGoeJjvpVUXmGsCiP5UBVitXQQ_erdNcns

PreviousLecturesNextFirewalls

Last updated 1 year ago