Vulnerability Management - Vulnerability Dashboard using Power BI

Was playing with Power BI today. Created a simple dashboard using CISA KEV vulnerability data from https://nucleussec.com/cisa-kev/ (Nucleus Security)

What’s the difference between Power BI and Excel?

Will not comment rather I would say "What’s the difference between an alligator and a crocodile? You’ll see one later and one in a while." 😁

Happy Learning !!

CyberSecurity - Why do we need standard data formats ?

As we all know there are data formats for various standards related to storage, representation and exchange of information in CyberSecurity domain for e.g.

For

1. Vulnerability - CVE

2. Platform - CPE, SWID and PURL

3. Configuration - CCE

4. Vulnerability Scoring - CVSS

5. SBOM - CycloneDX and SPDX

6. Identity Information - SAML and JWT

7. Malware Information - MAEC and MISP

8. Threat Information - STIX and TAXII

9. Log File - CSV, JSON, KVP (Key Value Pair) and CEF (Common Event Format)

and the list goes on.

Standard data formats are necessary because of the following reasons:

1. Enables correlation, integration and automation

2. Exchanging information among security vendors; among security researchers

3. Allows for the faster development of countermeasures (signatures and security patches)

4. Reduces potential duplication of malware and vulnerability analysis efforts by researchers

Happy Learning !!

Vulnerability Management - Basics for beginners

Beginners in Vulnerability Management domain have doubts such as from where to begin or what to study. I have created a document and tried to answer such doubts. It is always good to learn basics and then move towards advanced concepts. I have tried to provide links to corresponding points in the document as much as I can. Cases where you don't find any link or the link present is expired, you can always google :).

Following are the points I want to highlight through this post:

1. For beginners please don't try to search interview questions directly. First create a theoretical base and realize the concepts by performing practicals.
2. Slow and steady wins the race, so, give 4-6 months of time. While going through the document you can observe, 40%-60% concepts are basics, hence you will not be wasting time by learning them. After some time if you don't find Vulnerability Management interesting, you can always navigate to other subdomains like incident response and penetration testing.
3. You will get hands-on on enterprise solutions once you join an organization. You will face a different set of challenges there. Many on LinkedIn create posts to address such challenges but first clear your basics to understand such posts/articles.
4. Once you have performed above steps, you can search interview questions and start appearing for interviews.
5. I do not recommend directly going for global certifications as a lot of content is there on internet.

Finally, I find articles from Balint F. very interesting.

https://www.linkedin.com/in/balint-fazakas/recent-activity/articles/

Happy Learning !!