You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Log4shell is a critical vulnerability in the widely-used logging tool Log4j, which is used by millions of computers worldwide running online services. A wide range of people, including organisations, governments and individuals are still vulnerable...
14
14
+++
@@ -18,7 +18,7 @@ Log4shell is a critical vulnerability in the widely-used logging tool Log4j, whi
18
18
19
19
:::{grid-item-card}
20
20
:link:https://cachewarpattack.com/#home
21
-
{octicon}`heart;1em;caption-text`**CacheWarp**
21
+
{octicon}`book;1em;caption-text`**CacheWarp**
22
22
^^^
23
23
CacheWarp is a software fault attack on AMD SEV-ES and SEV-SNP. It allows attackers to hijack control flow, break into encrypted VMs, and perform privilege escalation inside the VM.
24
24
+++
@@ -28,7 +28,7 @@ CacheWarp is a software fault attack on AMD SEV-ES and SEV-SNP. It allows attack
Downfall attacks target a critical weakness found in billions of modern processors used in personal and cloud computers. This vulnerability, identified as CVE-2022-40982, enables a user to access and steal data from other users who share the same computer.
34
34
+++
@@ -38,7 +38,7 @@ Downfall attacks target a critical weakness found in billions of modern processo
38
38
39
39
:::{grid-item-card}
40
40
:link:https://meltdownattack.com/
41
-
{octicon}`note;1em;caption-text`**Meltdown and Spectre**
41
+
{octicon}`thumbsup;1em;caption-text`**Meltdown and Spectre**
42
42
^^^
43
43
Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware vulnerabilities allow programs to steal data which is currently processed on the computer.
44
44
+++
@@ -48,7 +48,7 @@ Meltdown and Spectre exploit critical vulnerabilities in modern processors. Thes
The Marvin Attack is a return of a 25 year old vulnerability that allows performing RSA decryption and signing operations as an attacker with the ability to observe only the time of the decryption operation performed with the private key.
This module covers considerations and questions to guide the design of a responsible digital identity system as it relates to blockchain for supply chain.
Copy file name to clipboardExpand all lines: generatedfiles/foundations.md
+20-20Lines changed: 20 additions & 20 deletions
Original file line number
Diff line number
Diff line change
@@ -18,7 +18,7 @@ The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gath
18
18
19
19
:::{grid-item-card}
20
20
:link:https://www.cisecurity.org/
21
-
{octicon}`thumbsup;1em;caption-text`**Center for Internet Security (CIS)**
21
+
{octicon}`telescope;1em;caption-text`**Center for Internet Security (CIS)**
22
22
^^^
23
23
The Center for Internet Security (CIS) is a 501(c)(3) organization is dedicated to enhancing the cybersecurity readiness and response among public and private sector entities. CIS’s Mission is to: Identify, develop, validate, promote, and sustain best practices in cybersecurity; Deliver world-class security solutions to prevent and rapidly respond to cyber incidents; and Build and lead communities to enable an environment of trust in cyberspace.
24
24
+++
@@ -28,7 +28,7 @@ The Center for Internet Security (CIS) is a 501(c)(3) organization is dedicated
28
28
29
29
:::{grid-item-card}
30
30
:link:https://www.first.org/
31
-
{octicon}`file;1em;caption-text`**FIRST**
31
+
{octicon}`light-bulb;1em;caption-text`**FIRST**
32
32
^^^
33
33
FIRST is the premier organization and recognized global leader in incident response.
34
34
+++
@@ -37,7 +37,7 @@ FIRST is the premier organization and recognized global leader in incident respo
The Global Encryption Coalition promotes and defends encryption in key countries and multilateral fora where it is under threat. The foundation also provides crucial [resources](https://www.globalencryption.org/resources/) to learn more on encryption.
43
43
+++
@@ -47,7 +47,7 @@ The Global Encryption Coalition promotes and defends encryption in key countries
47
47
48
48
:::{grid-item-card}
49
49
:link:https://bok.idpro.org/
50
-
{octicon}`check-circle;1em;caption-text`**IDPro Body of Knowledge**
50
+
{octicon}`telescope;1em;caption-text`**IDPro Body of Knowledge**
51
51
^^^
52
52
The IDPro Body of Knowledge is a compilation of IAM crucial up-to-date knowledge. This content is created and reviewed by the IAM professionals. All articles are peer reviewed. Within this resource you can find an 'IAM Reference Architecture', articles on 'Authentication and Authorization' and more content regarding IAM (Identity and Access Management).
53
53
+++
@@ -57,7 +57,7 @@ The IDPro Body of Knowledge is a compilation of IAM crucial up-to-date knowledge
57
57
58
58
:::{grid-item-card}
59
59
:link:https://www.abetterinternet.org/
60
-
{octicon}`checklist;1em;caption-text`**Internet Security Research Group**
60
+
{octicon}`zap;1em;caption-text`**Internet Security Research Group**
61
61
^^^
62
62
Our mission is to protect Internet users by lowering monetary, technological, and informational barriers to a more secure and privacy-respecting Internet.
63
63
+++
@@ -67,7 +67,7 @@ Our mission is to protect Internet users by lowering monetary, technological, an
MISP is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threats about cyber security incidents analysis and malware analysis.
73
73
+++
@@ -77,7 +77,7 @@ MISP is an open source software solution for collecting, storing, distributing a
Foundation focusses on free, open-source macOS security tools. And is known for organising the macOS security conference, "Objective by the Sea" (#OBTS).
93
93
+++
@@ -97,7 +97,7 @@ Foundation focusses on free, open-source macOS security tools. And is known for
97
97
98
98
:::{grid-item-card}
99
99
:link:https://somap.org/default.html
100
-
{octicon}`bookmark;1em;caption-text`**Open Source IT Risk Management**
100
+
{octicon}`tools;1em;caption-text`**Open Source IT Risk Management**
101
101
^^^
102
102
Focuses on the Security Officers and on helping them in doing their daily business as comfortable as possible. The main goals of SOMAP.org are to develop and maintain: - Guides and Handbooks explaining and describing Risk Management. - an open and free 'best practice' Risk Model Repository with security objectives, threats and other risk related meta-data.
103
103
+++
@@ -107,7 +107,7 @@ Focuses on the Security Officers and on helping them in doing their daily busine
The Open Source Technology Improvement Fund is a corporate non-profit dedicated to securing open source apps that we all depend on. Securing software isn’t easy, and we know what it takes to succeed. By facilitating security audits and reviews, OSTIF makes it easy for projects to significantly improve security.
123
123
+++
@@ -126,7 +126,7 @@ The Open Source Technology Improvement Fund is a corporate non-profit dedicated
Linux Foundation project. The OpenChain Project is focused on commercial and non-commercial open source process management in the supply chain. Maintains [OpenChain ISO/IEC 5230](https://www.openchainproject.org/license-compliance) and [OpenChain ISO/IEC DIS 18974](https://www.openchainproject.org/security-assurance) These ISO/IEC standards are at no cost available using this link.
132
132
+++
@@ -136,7 +136,7 @@ Linux Foundation project. The OpenChain Project is focused on commercial and non
The OpenSCAP project provides tools to improve security of your infrastructure using open source tools. This project is founded by RedHat and the tools are NIST certified. Use of the tools is encouraged if your systems or infrastructure needs to meet NIST (or other US) security standards.
142
142
+++
@@ -156,7 +156,7 @@ The mission of SIE Europe is to make the European digital economy safer by offer
{octicon}`file;1em;caption-text`**Security Research Legal Defense Fund**
159
+
{octicon}`report;1em;caption-text`**Security Research Legal Defense Fund**
160
160
^^^
161
161
We aim to help fund legal representation for persons who face legal issues due to good faith security research and vulnerability disclosure in cases that would advance cybersecurity for the public interest.
162
162
+++
@@ -165,7 +165,7 @@ We aim to help fund legal representation for persons who face legal issues due t
Spamhaus Project is the authority on IP and domain reputation. Also https://urlhaus.abuse.ch/ is a tool of this foundation.
171
171
+++
@@ -175,7 +175,7 @@ Spamhaus Project is the authority on IP and domain reputation. Also https://url
175
175
176
176
:::{grid-item-card}
177
177
:link:https://www.cybok.org
178
-
{octicon}`hubot;1em;caption-text`**The Cyber Security Body Of Knowledge**
178
+
{octicon}`thumbsup;1em;caption-text`**The Cyber Security Body Of Knowledge**
179
179
^^^
180
180
A comprehensive Body of Knowledge to inform and underpin education and professional training for the cyber security sector. A great collection of resources that cover all aspects of cyber security.
181
181
+++
@@ -184,7 +184,7 @@ A comprehensive Body of Knowledge to inform and underpin education and professio
non-profit security research organization, dedicated to investigating the latest attacks and developing open source security tools to improve Internet security. See also the list with active projects: https://www.honeynet.org/projects/
190
190
+++
@@ -193,7 +193,7 @@ non-profit security research organization, dedicated to investigating the latest
Since our founding in 2004, The Shadowserver Foundation has become one of the world’s leading resources for Internet security reporting and malicious activity investigation. When we started, we were staffed entirely by volunteers. Today, we employ a full-time team and maintain a global infrastructure spanning 80 countries. Shadowserver scans the entire IPv4 Internet for over 100 different network protocols every day, and also performs IPv6 scans based on IPv6 hitlists for selected protocols. These are “hello” type port scans that do not exploit any vulnerability. Check the [daily dashboard](https://dashboard.shadowserver.org/) provided by this foundation.
199
199
+++
@@ -202,7 +202,7 @@ Since our founding in 2004, The Shadowserver Foundation has become one of the wo
The Trusted CI Framework is a minimum standard for cybersecurity programs. The mission of Trusted CI Foundation is to improve the cybersecurity of NSF computational science and engineering projects, while allowing those projects to focus on their science endeavors. This foundation provides great [templates and tools](https://www.trustedci.org/framework/templates) ready to use!
208
208
+++
@@ -212,7 +212,7 @@ The Trusted CI Framework is a minimum standard for cybersecurity programs. The m
212
212
213
213
:::{grid-item-card}
214
214
:link:https://www.dns0.eu/
215
-
{octicon}`briefcase;1em;caption-text`**dns0.eu**
215
+
{octicon}`zap;1em;caption-text`**dns0.eu**
216
216
^^^
217
217
The European public DNS that makes your Internet safer. A free, sovereign and GDPR-compliant recursive DNS resolver with a strong focus on security to protect the citizens and organizations of the European Union.
OSA distills the know-how of the security architecture community and provides readily usable patterns for your application. OSA shall be a free framework that is developed and owned by the community.
24
+
+++
25
+
[Read more or use this reference »](http://www.opensecurityarchitecture.org/)
The Software Assurance Maturity Model (SAMM) is an open framework to help organizations formulate and implement a strategy for software security that is tailored to the specific risks facing the organization.
34
+
+++
35
+
[Read more or use this reference »](https://www.opensamm.org/)
36
+
:::
37
+
38
+
39
+
::::
40
+
% End of Grid
41
+
% This file is GENERATED using a simple tool. Check the tools on https://nocomplexity.com/ or my github.com/nocomplexity to use it too! Its FOSS.
OSA distills the know-how of the security architecture community and provides readily usable patterns for your application. OSA shall be a free framework that is developed and owned by the community.
24
+
+++
25
+
[Read more or use this reference »](http://www.opensecurityarchitecture.org/)
The Software Assurance Maturity Model (SAMM) is an open framework to help organizations formulate and implement a strategy for software security that is tailored to the specific risks facing the organization.
34
+
+++
35
+
[Read more or use this reference »](https://www.opensamm.org/)
36
+
:::
37
+
38
+
39
+
::::
40
+
% End of Grid
41
+
% This file is GENERATED using a simple tool. Check the tools on https://nocomplexity.com/ or my github.com/nocomplexity to use it too! Its FOSS.
0 commit comments