...

Blog Series

In Progress

Cybersecurity Labs

Cybersecurity labs are specialized virtual environments where individuals or organizations can test, analyze, and learn cybersecurity.

Read More: https://devendrashirbad.in/cybersecurity-labs

Upcoming

We shortlisted and are considering these blog series to be published but we do not have deadlines for these blog series as of now. Stay tuned!

NIST Risk Management Framework (RMF)

The NIST Risk Management Framework (RMF) provides a comprehensive, flexible, repeatable, and measurable 7-step process that any organization can use to manage information security and privacy risk for organizations and systems and links to a suite of NIST standards and guidelines to support implementation of risk management programs to meet the requirements of the Federal Information Security Modernization Act (FISMA).

  • SP 800-30: Guide for Conducting Risk Assessments
  • SP 800-37: Risk Management Framework for Information Systems and Organizations
  • SP 800-39: Managing Information Security Risk
  • SP 800-53: Security and Privacy Controls for Information Systems and Organizations

Read More: https://csrc.nist.gov/Projects/risk-management

NIST Cybersecurity Framework (CSF)

The NIST Cybersecurity Framework (CSF) 2.0 provides guidance to industry, government agencies, and other organizations to manage cybersecurity risks. It offers a taxonomy of highlevel cybersecurity outcomes that can be used by any organization – regardless of its size, sector, or maturity – to better understand, assess, prioritize, and communicate its cybersecurity efforts. The CSF does not prescribe how outcomes should be achieved. Rather, it links to online resources that provide additional guidance on practices and controls that could be used to achieve those outcomes. This document describes CSF 2.0, its components, and some of the many ways that it can be used.

Read More: https://www.nist.gov/cyberframework

Privacy Framework

The NIST Privacy Framework is a voluntary tool developed in collaboration with stakeholders intended to help organizations identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy.

Read More: https://www.nist.gov/privacy-framework

Secure Software Development Framework (SSDF)

The Secure Software Development Framework (SSDF) is a set of fundamental, sound, and secure software development practices based on established secure software development practice documents from organizations such as BSA, OWASP, and SAFECode. Few software development life cycle (SDLC) models explicitly address software security in detail, so practices like those in the SSDF need to be added to and integrated with each SDLC implementation.

Read More: https://csrc.nist.gov/Projects/ssdf

Zero Trust Architecture

The NCCoE initiated this project in collaboration with industry participants to demonstrate several approaches to a zero trust architecture applied to a conventional, general purpose enterprise information technology (IT) infrastructure on premises and in the cloud, which will be designed and deployed according to the concepts and tenets documented in NIST Special Publication (SP) 800-207, Zero Trust Architecture. The example implementations integrate commercial and open-source products that leverage cybersecurity standards and recommended practices to showcase the robust security features of zero trust architectures.

  • SP 800-207: Zero Trust Architecture

Read More: https://www.nccoe.nist.gov/projects/implementing-zero-trust-architecture

Completed

PCI DSS

The PCI DSS v4.0 (Mar 2022) is an overwhelming document of 360 pages. In this blog series, we will break it down into bite-sized chunks.

Read More: https://devendrashirbad.in/pci-dss

Scroll to Top
Seraphinite AcceleratorOptimized by Seraphinite Accelerator
Turns on site high speed to be attractive for people and search engines.