Episodes
-
8.5 Define and apply secure coding guidelines and standards
8.5.1 Security weaknesses and vulnerabilities at the source-code level8.5.2 Security of application programming interfaces (API)8.5.3 Secure Coding Practices8.5.4 Software-defined security -
8.3 Assess the effectiveness of software security
8.3.1 Auditing and logging of changes8.3.2 Risk analysis and mitigation8.4 Assess security impact of acquired software
8.4.1 Commercial-off-the-shelf (COTS)8.4.2 Open Source8.4.3 Third-Party8.4.4 Managed Services (e.g.., enterprise applications)8.4.5 Cloud Services (e.g.., SaaS, IaaS, PaaS) -
Missing episodes?
-
8.2 Identify & apply security controls in development environments
8.2.1 Programming languages8.2.2 Libraries8.2.3 Tool sets8.2.4 Integrated Development Environment (IDE)8.2.5 Runtime8.2.6 Continuous Integration and Continuous Delivery (CI / CD)8.2.7 Software Configuration Management (SCM)8.2.8 Code Repositories8.2.9 Application security testing (e.g., SAST, DAST, IAST & SCA) -
8.1 Understand and integrate security in the software development lifecycle
8.1.1 Development Methodologies8.1.2 Maturity Models (e.g., Capability Maturity Model (CMM), Software Assurance Maturity Model (SAMM))8.1.3 Operations & Maintenance8.1.4 Change Management8.1.5 Integrated Product Team (IPT) -
7.13 Participate in Business Continuity (BC) planning and exercises
7.14 Implement and manage physical security
7.15 Address personnel safety and security concerns
7.15.1 Travel7.15.2 Security Training & Awareness7.15.3 Emergency Management7.15.4 Duress -
7.12 Test Disaster Recovery Plans
7.12.1 Read-through/Checklist7.12.2 Walk-through/Tabletop7.12.3 Simulation7.12.4 Parallel7.12.5 Full Interruption7.12.6 Communications (e.g., stakeholders, test status, regulators) -
7.11 Implement Disaster Recovery Process
7.11.1 Response7.11.2 Personnel7.11.3 Communications7.11.4 Assessment7.11.5 Restoration7.11.6 Training & Awareness7.11.7 Lessons Learned -
7.8 Implement and support patch and vulnerability management
7.9 Understand and participate in change management processes
7.10 Implement recovery strategies
7.10.1 Backup storage strategies7.10.2 Recovery site strategies7.10.3 Multiple processing sites7.10.4 System resilience, high availability (HA), Quality of Service (QoS), and fault tolerance (FT) -
7.7 Operate and maintain detection and preventative measures
7.7.1 Firewall7.7.2 Intrusion detection and prevention systems7.7.3 Whitelisting/Blacklisting7.7.4 Third-party provided security services7.7.5 Sandboxing7.7.6 Honeypots / Honeynets7.7.7 Anti-malware7.7.8 Machine learning and artificial intelligence (AI) based tools -
7.6 Conduct incident management
7.6.1 Detection7.6.2 Response7.6.3 Mitigation7.6.4 Reporting7.6.5 Recovery7.6.6 Remediation7.6.7 Lessons Learned -
7.5 Apply resource protection techniques
7.5.1 Media Management7.5.2 Hardware and software asset management7.5.3 Data at rest/Data in transit -
7.3 Perform Configuration Management (e.g., provisioning, baselining, automation)
7.4 Apply foundational security operations concepts
7.4.1 Need to know/Least privileges7.4.2 Separation of Duties (SoD) and responsibilities7.4.3 Privileged account management7.4.4 Job rotation7.4.5 Service Level Agreement (SLA) -
7.2 Conduct logging and monitoring activities
7.2.1 Intrusion detection and prevention systems (IDPS)7.2.2 Security information and Event Management (SIEM)7.2.3 Security orchestration, automation, and response (SOAR)7.2.4 Continuous Monitoring7.2.5 Egress Monitoring7.2.6 Log Management7.2.7 Threat Intelligence (e.g. Threat feeds, threat hunting)7.2.8 User and Entity Behavior Analytics (UEBA) -
7.0 DOMAIN 7: SECURITY OPERATIONS
7.1 Understand and support investigations7.1.1 Evidence Collection and Handling7.1.2 Reporting and Documentation7.1.3 Investigation Techniques7.1.4 Digital forensics tools, tactics, and procedures7.1.5 Artifacts (e.g., data, computers, networks, mobile devices) -
6.4 Analyze test output and generate report
6.4.1 Remediation6.4.2 Exception Handling6.4.3 Ethical disclosure6.5 Conduct or facilitate security audits
6.5.1 Internal6.5.2 External6.5.3 Third Party6.5.4 Location -
6.3 Collect Security Process data
6.3.1 Account Management6.3.2 Management review and approval6.3.3 Key Performance and Risk Indicator6.3.4 Backup Verification data6.3.5 Training and Awareness6.3.6 Disaster Recovery (DR) and Business Continuity (BC) -
6.2 Conduct Security Control Testing
6.2.1 Vulnerability Assessment6.2.2 Penetration Testing6.2.3 Log Reviews6.2.4 Synthetic Transaction6.2.5 Code review and testing6.2.6 Misuse case testing6.2.7 Coverage analysis6.2.8 Interface Testing6.2.9 Breach attack simulations (BAS)6.2.10 Compliance checks -
6.0 DOMAIN 6: SECURITY ASSESSMENT AND TESTING
6.1 Design and Validate assessment, test, and audit strategies6.1.1 Internal6.1.2 External6.1.3 Third-party6.1.4 Location (e.g. on-premises, cloud, hybrid) -
5.5 Manage the identity and access provisioning lifecycle
5.5.1 Account access review (e.g., user, system, service)5.5.2 Provisioning and deprovisioning (e.g., on/off boarding & transfers)5.5.3 Role definition & transition (e.g. people assigned to new roles)5.5.4 Privilege escalation (e.g. use of sudo, auditing its use)5.5.5 Service Accounts Management5.5.6 Implement Authentication Systems -
5.4 Implement and manage authorization mechanisms
- Show more