Microsoft Azure Security covers the latest security features provided by Microsoft to identify different threats and protect your Azure cloud using innovative techniques. Cloud computing brings new security challenges, but you can overcome these with Microsoft Azure’s shared responsibility model. Azure cloud uses innovative techniques. This guide takes you through the built-in security controls and the multi-layered security features offered by Azure to protect cloud workloads across apps and networks. You’ll get to grips with using Azure Security Center for unified security management, building secure application gateways on Azure, protecting the cloud from DDoS attacks, safeguarding with Azure Key Vault, and much more.

Skills Covered
• Manage identity and access (30-35%)
• Implement platform protection (15-20%)
• Manage security operations (25-30%)
• Secure data and applications (20-25%)

Certification Name & Exam Code
Microsoft Certified: Azure Security Engineer Associate
Microsoft Azure Security AZ-500

Click to download

List of Awesome macOS Red Teaming Resources.

As more and more companies begin to adopt macOS as a daily office solution, we often encounter macOS operating system during our Pentest/Red Teaming process. How to hacking macOS, how to achieve Persistence under macOS, and using this as a starting point Lateral Movement to DC is a topic worth research.

This list is for anyone who wants to learn about Red Teaming for macOS but has no starting point.

You can help by sending Pull Requests to add more information.

Click to download

I.T. security professionals in recent years have looked at various Microsoft Azure services and components (like Log Analytics, Azure Security Center, and Azure Monitor) and asked: ‘Does Microsoft have a SIEM, because it seems like all those pieces add up to one?’ The answer has been that Microsoft cloud monitoring products were designed to provide input to customer SIEMs. This made sense because every large enterprise has a SIEM or SIEM-equivalent with often a high investment in a particular SIEM vendor or open source technology.

Limitless cloud speed and scale

Invest in security, not infrastructure setup and maintenance, with the first cloud-native SIEM from a major cloud provider. Never let a storage limit or a query limit prevent you from protecting your enterprise. Start using Microsoft Sentinel immediately, automatically scale to meet your organisational needs and pay for only the resources you need. As a cloud-native SIEM, Microsoft Sentinel is 48 percent less expensive and 67 percent faster to deploy than legacy on-premises SIEMs.

Click to download

NIST continues to coordinate a National Cybersecurity Awareness and Education Program that includes activities such as the widespread dissemination of cybersecurity technical standards and best practices; efforts to make cybersecurity best practices usable by a variety of individuals and stakeholders; increasing public awareness of cybersecurity, cyber safety, and cyber ethics; increasing the understanding of the benefits of ensuring effective risk management of information technology and the methods to mitigate and to remediate vulnerabilities; supporting formal cybersecurity education programs at all levels to prepare and improve a skilled cybersecurity workforce; and promoting initiatives to evaluate and forecast future cybersecurity workforce needs of the Federal Government and develop strategies for recruitment, training, and retention.

National Initiative for Cybersecurity Education

The National Initiative for Cybersecurity Education (NICE) is a partnership among government, academia, and the private sector. NICE is focused on cybersecurity education, training, and workforce development. NIST’s leadership of the program helps position it to support the country’s ability to address current and future cybersecurity challenges through standards and best practices.

NICE’s mission is to energize and promote a robust network and ecosystem of cybersecurity education, training, and workforce development. This mission supports the vision of helping to secure the nation by increasing the number of skilled cybersecurity professionals.

Click to download

To help you investigate the vast expanses of the open, deep, and dark web, Authentic8 engineers used Silo for Research (Toolbox) to build a list of 21 useful tools that could make your research work easier and more productive. OSINT Framework indexes a multitude of connections to different URLs, recommending where to look next when conducting an investigation.

It also provides suggestions on what services can help analysts find specific data that might aid in their research. Few tools offers to perform reverse name, address and phone number look up and returns high-level information on any individual or business.

Click to download