update text corrections

Author: nocomplexity

introduction.md

@@ -1,9 +1,9 @@
 # Introduction
 
-There are many myths about security, and how difficult it is. Cyber security is complex domain. There is no perfect solution. Never. However there are simple solutions that do work. Always. Often the best cyber security solutions are open solutions which everyone can use. Good solutions are not subject to a hype. Open solutions are transparent so everyone can use and improve it. 
+There are many myths about security, and how difficult it is. Cyber security is a complex domain. There is no perfect solution. Never. But there are simple solutions that do work. Often the best cyber security solutions are open solutions which everyone can use. Good solutions are not subject to a hype. Open solutions are transparent and fully open. So everyone can use and improve it. 
 
 ```{admonition} This Playbook
-is created to help you solving your specific complex security challenges.
+is created to help you with solving your specific complex security challenges.
 ```
 
 
@@ -17,7 +17,7 @@ Find a proven solution by using this Security Reference Architecture:
 :margin: 3
 :class-body: text-center
 :class-header: bg-light text-center
-**[Prevention](prevention/prevention)** ✍
+**[Prevention](prevention/prevention)** 🔐
 ^^^
 [Simple Checklist](prevention/simple-checklists)
 
@@ -31,7 +31,7 @@ Find a proven solution by using this Security Reference Architecture:
 :margin: 3
 :class-body: text-center
 :class-header: bg-light text-center
-**[Protection](protection/security-management)** 🚀
+**[Protection](protection/security-management)** ✅
 ^^^
 [Security Policies](protection/security-policies)
 
@@ -49,7 +49,7 @@ Find a proven solution by using this Security Reference Architecture:
 :margin: 3
 :class-body: text-center
 :class-header: bg-light text-center
-**[Architecture](architecture/reference-architecture)** ✨
+**[Architecture](architecture/reference-architecture)** 📓
 ^^^
 [Frameworks](architecture/frameworks)
 
@@ -62,7 +62,7 @@ Find a proven solution by using this Security Reference Architecture:
 :margin: 3
 :class-body: text-center
 :class-header: bg-light text-center
-**[Learning ](learning/securitycourses)** 🎁
+**[Learning ](learning/securitycourses)** 📚 
 ^^^
 [Security courses](learning/securitycourses)
 
@@ -82,19 +82,19 @@ Find a proven solution by using this Security Reference Architecture:
 
 This security architecture is not just another security book. We wanted to create an innovative solution that helps you to create better and faster security solutions for your security use case. So we used our many years of experience when dealing with security challenges and created this interactive community driven publication to enable this goal. 
 
-All information within this guide is targeted for reuse to solve your cyber security challenge. This guides is designed so you can make your cyber security designs faster and better. Do not reinvent the wheel. Reuse and improve solid cyber security knowledge and experience that is created to build upon. 
+All information within this guide is targeted for reuse to solve your cyber security challenge. This guide is designed so you can make your cyber security designs faster and better. Do not reinvent the wheel. Reuse and improve solid cyber security knowledge and experience that is created to build upon. 
 
 
 We believe in open and simple cyber security solutions. Openness and transparency builds trust.
 
 Open simple solutions are:
-* solutions that are easily too understand 
+* solutions that are easily to understand 
 * solutions that can be studied 
 * solutions that can be improved
 
-Good cyber security solutions are open solutions. Transparency builds trust. Simple solutions that can easily be understand and studied are more transparent than complex proprietary  solutions. 
+Good cyber security solutions are open solutions. Transparency builds trust. Simple solutions that can easily be understood and studied are more transparent than complex proprietary  solutions. 
 
-Our mission with this open security reference architecture is to create the best playbook on internet that continuously helps you solving your cyber security challenges.
+Our mission with this open security reference architecture is to create the best playbook on the internet that continuously helps you with solving your cyber security challenges.
 
 We believe this is best done together. 
 ```{tip} Just use the buttons on top of every page. Create an edit suggestion or create an issue. 
@@ -110,7 +110,7 @@ Cyber security is a process, not a destination to arrive at. Designing a cyber s
 
 Good security design and implementation takes time, patience and hard work. 
 
-Society, companies, governments are increasingly dependent on IT. Good cyber security is required for safety and privacy.
+Society, companies, and governments are increasingly dependent on IT. Good cyber security is required for safety and privacy.
 
 There are no silver bullets when it comes to cyber security. Risks will never be zero. Using complex and expensive cyber security solutions are not by definition better. 
 

prevention/architecturesteps.md

@@ -2,7 +2,7 @@
 
 This section outlines a clear and simple way to create your security solution.
 
-To create a sustainable solution to mitigate security risks you must start is to create a security architecture for your solution. 
+To create a sustainable solution to mitigate security risks you must start is by creating a security architecture for your solution. 
 
 An architecture itself does not protect you but a good solution architecture:
 * reduces costs
@@ -12,7 +12,7 @@ In an architecture the emphasis is not only on the IT (software and hardware) bu
 
 The perfect solution to reduce security risks to zero does not exist. A solution architecture helps in the continuous process of optimizing and controlling your security risks.
 
-Creating a security architecture can take a lot of time and effort. But a good way to speed up the process of creating your solution is to use this open security reference architecture as basis. 
+Creating a security architecture can take a lot of time and effort. But a good way to speed up the process of creating your solution is to use this open security reference architecture as the basis. 
 
 This open security reference architecture is created to:
 1. Make security architectures faster and
@@ -22,7 +22,7 @@ This open security reference architecture is created to:
 
 Creating security a security or privacy solution architecture consists of the following high level steps:
 
-* Dive in the business strategy and organization. Perform a simple risks assessment.
+* Dive in the business strategy and organization. Perform a simple risk assessment.
 
 *  Gather security  principles and requirements that are relevant for your context.
 

prevention/prevention.md

@@ -1,17 +1,17 @@
 # Simplify Prevention
 
-Investing in prevention measurements is the easiest and simplest way to minimize cyber security risks.
+Investing in prevention measurements is the easiest and simplest way to minimise cyber security risks.
 
 Good cyber security prevention measurements are simple and cheap. So before investing is expensive cyber security software solution follow these simple prevention rules:
 
 
 ```{admonition} Make a daily-back of important data.
 :class: tip, dropdown
 
-A simple backup that works is cheap, simple and effective against many security threads. Having idiot proof off backups is the most valuable weapon against ransomware. 
+A simple backup that works is cheap, simple and effective against many security threads. Having idiot proof backups is the most valuable weapon against ransomware. 
 
 
-A Off-line, incorruptible, and disconnected backups – that cannot be encrypted by the malware – is a key corrective control that stops the malware from encrypting your ‘live’ data as well as the backed-up data.
+Off-line, incorruptible, and disconnected backups – that cannot be encrypted by the malware – is a key corrective control that stops the malware from encrypting your ‘live’ data as well as the backed-up data.
 ```
 
 
@@ -66,7 +66,7 @@ As with applications, security weaknesses are often discovered in operating syst
 ```{admonition} Restrict administrative privileges.
 :class: tip, dropdown
 
-Mcirosoft Windows is intended to be easy to use, and often users have free reign of the computer. However, administrator privileges should only be provided on an as-needs basis, as otherwise exploits have the ‘keys to the kingdom’ and can corrupt the computer itself.  
+Microsoft Windows is intended to be easy to use, and often users have free reign of the computer. However, administrator privileges should only be provided on an as-needs basis, as otherwise exploits have the ‘keys to the kingdom’ and can corrupt the computer itself.  
 
 Also on unix based systems, appliances and network devices  limiting administrative privileges is a must do. 
 Software SHOULD never have to use a high privilege account to run. 
@@ -75,5 +75,5 @@ Software SHOULD never have to use a high privilege account to run.
 ```{admonition} Prevent untrusted code to be run.
 :class: tip, dropdown
 
- So use MAC (mandatory access control). Despite the many technologies like sandboxing around the most important and simple measurement is: think! Be aware of attachments and downloads of strangers.
+ So use MAC (mandatory access control). Despite the many technologies like sandboxing, the most important and simple measurement is: to think! Be aware of attachments and downloads of strangers.
 ```

prevention/simple-checklists.md

@@ -4,13 +4,13 @@ The landscape of cyber security solutions is filled with:
 * Holy Grails and
 * Failures
 
-We are all humans. So for severe problems like mitigating cyber security risks we fall in love with so called 'Holy Grail' products. The product capabilities of these product are outlined with vague and difficult marketing buzz. So perfect for managers who lack a solid technical background.  Of course you have to trust the vendor since these too-good-to-be-true products are never F/OSS products. This of course to hide the fact that magic solutions do not exist. And security by obscurity is a bad security principle.
+We are all humans. So for severe problems like mitigating cyber security risks we fall in love with so-called 'Holy Grail' products. The product capabilities of these products are outlined with vague and difficult marketing buzz. So perfect for managers who lack a solid technical background.  Of course you have to trust the vendor since these too-good-to-be-true products are never F/OSS products. This of course to hide the fact that magic solutions do not exist. And security by obscurity is a bad security principle.
 
-Failed security products are doomed when deployed. These products are characterized by:
+Failed security products are doomed when deployed. These products are characterised by:
 * a complex setup
 * propriety solution and
 * complex mandatory maintenance and update processes.  
-Too often these product introduces extra risks instead of mitigating risks. Deploying these products can be compared with deliberately installing a large backdoor in your trusted environment.
+Too often these products introduce extra risks instead of mitigating risks. Deploying these products can be compared with deliberately installing a large backdoor in your trusted environment.
 
 Checklists help with improving all security management aspects like:
 

prevention/simplesolutions.md

@@ -4,7 +4,7 @@
 
 ```{admonition} How to mitigate DDoS attacks - never simple..
 :class: tip, dropdown
-A Denial of Service (DoS) attack is an attempt to affect the availability of a targeted system. Typically, attackers generate large volumes of packets or requests ultimately overwhelming the target system. In case of a Distributed Denial of Service (DDoS) attack the attacker often uses multiple compromised sources to generate the attack. Like cloud services. Also a DDoS attack can be used as distraction to get unprivileged access. 
+A Denial of Service (DoS) attack is an attempt to affect the availability of a targeted system. Typically, attackers generate large volumes of packets or requests ultimately overwhelming the target system. In case of a Distributed Denial of Service (DDoS) attack the attacker often uses multiple compromised sources to generate the attack. Like cloud services. Also a DDoS attack can be used as a distraction to get unprivileged access. 
 
 DDoS attacks are most common at the Network (layer 3), Transport (Layer 4), Presentation (Layer 6) and Application (Layer 7) Layers.
 
@@ -25,9 +25,9 @@ Simple rules for mitigating DDOS attacks:
 :class: tip, dropdown
 
 So follow these simple steps:
-* Do a risk analyse.
-* Develop a security architecture based on your risks profile.
-* Always consider real distributed solutions where your security concerns are to spread across several nodes to reduce the impact of a single breach. E.g. spread data and secrets across several independent nodes to be more resilience.  
+* Do a risk analysis.
+* Develop a security architecture based on your risk profile.
+* Always consider real distributed solutions where your security concerns are to spread across several nodes to reduce the impact of a single breach. E.g. spread data and secrets across several independent nodes to be more resilient.  
 * Develop a thread analyse and improve your architecture.
 
 
@@ -40,10 +40,10 @@ So follow these simple steps:
 ```{admonition} Implement simple measurements that really help!
 :class: tip, dropdown
 
-The most security protection measurements are very simple and extreme effective.
+Most security protection measurements are very simple and extremely effective.
 
 So just do:
-* Develop awareness within your company and awareness trainings a continuous process! 
+* Developing awareness within your company and following awareness trainings a continuous process! 
 * Always implement virus protection on MS Windows based platforms.
 * Always implement network segmentation.
 * Always implement some simple firewall rules. 
@@ -59,15 +59,15 @@ So just do:
 Implement some simple but good detection measurements to detect security breaches. Else:everything you do is useless.
 
 So just do:
-* Use audit logging on file systems. Simple is: Use the audit capabilities that are delivered on your operating system. E.g. the FreeBSD audit system for determining read,write,changes on systems is simple but very effective. So use implement this. [FreeBSD Audit Handbook](https://docs.freebsd.org/en/books/handbook/audit/ )
-* Use the default detection system to log and audit all successful and unsuccessfully login attempts on your network.
+* Use audit logging on file systems. Simple is: Use the audit capabilities that are delivered on your operating system. E.g. The FreeBSD audit system for determining read,write,changes on systems is simple but very effective. So use this [FreeBSD Audit Handbook](https://docs.freebsd.org/en/books/handbook/audit/ ).
+* Use the default detection system to log and audit all successful and unsuccessful login attempts on your network.
 
 
 ```
 
 ## Respond
 
-```{admonition} Implement some simple procedures to respond on security incidents.
+```{admonition} Implement some simple procedures to respond to security incidents.
 :class: tip, dropdown
 
 Do not reinvent the wheel. For every simple or complex security incident a good procedure is already invented. 
@@ -89,7 +89,7 @@ Do not reinvent the wheel. A good recovery plan is simple:
 * Make backups and test recovery procedures.
 
 Automate making the backups. But make sure that recovery is always manually verified.
-Test for for disasters. So never ever assume that your backups can not be compromised or stolen.
+Test for disasters. So never ever assume that your backups can not be compromised or stolen.
 
 
 ```