☁️ لینک گروه تکنولوژی های ابری و مجازی سازی
https://t.iss.one/joinchat/BDE3OVH_RBXgwYZzbPZNqA
@iranopensource🐧
https://t.iss.one/joinchat/BDE3OVH_RBXgwYZzbPZNqA
@iranopensource🐧
Iran Open Source (IOS)
☁️ لینک گروه تکنولوژی های ابری و مجازی سازی https://t.iss.one/joinchat/BDE3OVH_RBXgwYZzbPZNqA @iranopensource🐧
Microsoft Azure Security Center by Yuri Diogenes #Microsoft #Azure #Security
--------------------------------
Discover high-value Azure security insights, tips, and operational optimizations
This book presents comprehensive Azure Security Center techniques for safeguarding cloud and hybrid environments. Leading Microsoft security and cloud experts Yuri Diogenes and Dr. Thomas Shinder show how to apply Azure Security Center’s full spectrum of features and capabilities to address protection, detection, and response in key operational scenarios. You’ll learn how to secure any Azure workload, and optimize virtually all facets of modern security, from policies and identity to incident response and risk management. Whatever your role in Azure security, you’ll learn how to save hours, days, or even weeks by solving problems in most efficient, reliable ways possible.
Two of Microsoft’s leading cloud security experts show how to:
• Assess the impact of cloud and hybrid environments on security, compliance, operations, data protection, and risk management
• Master a new security paradigm for a world without traditional perimeters
• Gain visibility and control to secure compute, network, storage, and application workloads
• Incorporate Azure Security Center into your security operations center
• Integrate Azure Security Center with Azure AD Identity Protection Center and third-party solutions
• Adapt Azure Security Center’s built-in policies and definitions for your organization
• Perform security assessments and implement Azure Security Center recommendations
• Use incident response features to detect, investigate, and address threats
• Create high-fidelity fusion alerts to focus attention on your most urgent security issues
• Implement application whitelisting and just-in-time VM access
• Monitor user behavior and access, and investigate compromised or misused credentials
• Customize and perform operating system security baseline assessments
• Leverage integrated threat intelligence to identify known bad actors
--------------------------------—————————————
2018 | EPUB | 192 pages | 8,47 MB
-------------------------------—————————————
@iranopensource🐧
--------------------------------
Discover high-value Azure security insights, tips, and operational optimizations
This book presents comprehensive Azure Security Center techniques for safeguarding cloud and hybrid environments. Leading Microsoft security and cloud experts Yuri Diogenes and Dr. Thomas Shinder show how to apply Azure Security Center’s full spectrum of features and capabilities to address protection, detection, and response in key operational scenarios. You’ll learn how to secure any Azure workload, and optimize virtually all facets of modern security, from policies and identity to incident response and risk management. Whatever your role in Azure security, you’ll learn how to save hours, days, or even weeks by solving problems in most efficient, reliable ways possible.
Two of Microsoft’s leading cloud security experts show how to:
• Assess the impact of cloud and hybrid environments on security, compliance, operations, data protection, and risk management
• Master a new security paradigm for a world without traditional perimeters
• Gain visibility and control to secure compute, network, storage, and application workloads
• Incorporate Azure Security Center into your security operations center
• Integrate Azure Security Center with Azure AD Identity Protection Center and third-party solutions
• Adapt Azure Security Center’s built-in policies and definitions for your organization
• Perform security assessments and implement Azure Security Center recommendations
• Use incident response features to detect, investigate, and address threats
• Create high-fidelity fusion alerts to focus attention on your most urgent security issues
• Implement application whitelisting and just-in-time VM access
• Monitor user behavior and access, and investigate compromised or misused credentials
• Customize and perform operating system security baseline assessments
• Leverage integrated threat intelligence to identify known bad actors
--------------------------------—————————————
2018 | EPUB | 192 pages | 8,47 MB
-------------------------------—————————————
@iranopensource🐧
💎 بطور کلی مرکز عملیات امنیت یا SOC از 5 ماژول اصلی تشکیل شده است:
1️⃣ ماژول Event Generators
2️⃣ ماژول Event Collectors
3️⃣ ماژول Message Database
4️⃣ ماژول Analysis Engines
5️⃣ ماژول Reaction Management Software
در این مقاله شما با مفاهیم SOC، پیاده سازی و معماری آن آشنا می شوید.
💎 لینک گروه الماس
https://t.iss.one/joinchat/BDE3OQ2LakQWk-JDHFiNaQ
@iranopensource🐧
1️⃣ ماژول Event Generators
2️⃣ ماژول Event Collectors
3️⃣ ماژول Message Database
4️⃣ ماژول Analysis Engines
5️⃣ ماژول Reaction Management Software
در این مقاله شما با مفاهیم SOC، پیاده سازی و معماری آن آشنا می شوید.
💎 لینک گروه الماس
https://t.iss.one/joinchat/BDE3OQ2LakQWk-JDHFiNaQ
@iranopensource🐧
Iran Open Source (IOS)
💎 بطور کلی مرکز عملیات امنیت یا SOC از 5 ماژول اصلی تشکیل شده است: 1️⃣ ماژول Event Generators 2️⃣ ماژول Event Collectors 3️⃣ ماژول Message Database 4️⃣ ماژول Analysis Engines 5️⃣ ماژول Reaction Management Software در این مقاله شما با مفاهیم SOC، پیاده سازی…
SOCConceptAndImplementation.pdf
119.6 KB
👨💼 #Service_Administration_Specialist
♻️ Job description
📌 Perform routine administration and maintenance of designated system(s) to meet the Company business requirements.
📌 Monitor systems to achieve optimum level of performance.
📌 Monitor servers for compliance with established standards, policies, configuration guidelines and procedures.
📌 Provide capacity analysis reports/data.
📌 Monitor server backups on a daily basis.
📌 Perform first level problem determination and resolution to ensure availability and stability of corporate based platforms according to established service level agreements.
📌 Escalate higher level issues to senior levels as required.
📌 Participates in the evaluation, selection, implementation and on-going support of software, hardware and tools used by the Enterprise Infrastructure platform.
📌 Experience with PowerShell and/or other scripting languages.
📌 Active Directory Domain Administrator – Manage and maintain: Sites and Services, DNS, DHCP, Group Policy Objects, Computer/User Objects, LDAP, Authentication protocols,
📌 AD Permission delegation using the least privilege methodology, Dynamic/Static AD groups, as well as other Domain services in accordance with MS best practices and compliance requirements.
📌 Strong experience with infrastructure services such as DHCP, DNS, WSUS, AD CS
📌 Strong knowledge of Microsoft Exchange Server 2013,2016 and 2019, and ability to manage, deploy and maintain servers
📌 Strong knowledge of Microsoft SharePoint Server 2016, Office Online Server and SQL Server and ability to manage, deploy and maintain SharePoint Farm.
📌 Experience working with NTFS permissions and DFS name spaces for file sharing.
📌 Experience with Current versions of Windows (e.g. Server 2012, 2016, Windows 10 Enterprise)
📌 Experience with Manage Engine Solutions.
📌 Able to troubleshoot and re-mediate issues by reviewing and tracking system logs, events, etc.
📌 Assists in ensuring compliance with security policies and procedures.
📌 Knowledge of .Net programing languages is a plus
♻️ Requirements
📌 Bachelor’s Degree or equivalent in Computer Science, Information Systems, or related field and 3-5 years of relevant experience.
📌 Excellent (verbal and written) English communication skills.
📌 Customer service driven.
📪 Please send your resume to: [email protected]
♻️ Job description
📌 Perform routine administration and maintenance of designated system(s) to meet the Company business requirements.
📌 Monitor systems to achieve optimum level of performance.
📌 Monitor servers for compliance with established standards, policies, configuration guidelines and procedures.
📌 Provide capacity analysis reports/data.
📌 Monitor server backups on a daily basis.
📌 Perform first level problem determination and resolution to ensure availability and stability of corporate based platforms according to established service level agreements.
📌 Escalate higher level issues to senior levels as required.
📌 Participates in the evaluation, selection, implementation and on-going support of software, hardware and tools used by the Enterprise Infrastructure platform.
📌 Experience with PowerShell and/or other scripting languages.
📌 Active Directory Domain Administrator – Manage and maintain: Sites and Services, DNS, DHCP, Group Policy Objects, Computer/User Objects, LDAP, Authentication protocols,
📌 AD Permission delegation using the least privilege methodology, Dynamic/Static AD groups, as well as other Domain services in accordance with MS best practices and compliance requirements.
📌 Strong experience with infrastructure services such as DHCP, DNS, WSUS, AD CS
📌 Strong knowledge of Microsoft Exchange Server 2013,2016 and 2019, and ability to manage, deploy and maintain servers
📌 Strong knowledge of Microsoft SharePoint Server 2016, Office Online Server and SQL Server and ability to manage, deploy and maintain SharePoint Farm.
📌 Experience working with NTFS permissions and DFS name spaces for file sharing.
📌 Experience with Current versions of Windows (e.g. Server 2012, 2016, Windows 10 Enterprise)
📌 Experience with Manage Engine Solutions.
📌 Able to troubleshoot and re-mediate issues by reviewing and tracking system logs, events, etc.
📌 Assists in ensuring compliance with security policies and procedures.
📌 Knowledge of .Net programing languages is a plus
♻️ Requirements
📌 Bachelor’s Degree or equivalent in Computer Science, Information Systems, or related field and 3-5 years of relevant experience.
📌 Excellent (verbal and written) English communication skills.
📌 Customer service driven.
📪 Please send your resume to: [email protected]
سند بررسی مفاهیم فنی VMware VVoL
در این سند شما با موارد زیر آشنا خواهید شد:
📌 مفهوم VMware VVoL و Storage Container
📌 معماری و کامپوننت های VMware VVoL
📌 مزایای کلیدی VVoL
📌 مفهوم Storage Policy-Based Management یا به اختصار SPBM
📌 معرفی ویژگی های جدید VVoL v2.0
📌 و...
☁️ لینک گروه تکنولوژی های ابری و مجازی سازی
https://t.iss.one/joinchat/BDE3OVH_RBXgwYZzbPZNqA
@iranopensource🐧
در این سند شما با موارد زیر آشنا خواهید شد:
📌 مفهوم VMware VVoL و Storage Container
📌 معماری و کامپوننت های VMware VVoL
📌 مزایای کلیدی VVoL
📌 مفهوم Storage Policy-Based Management یا به اختصار SPBM
📌 معرفی ویژگی های جدید VVoL v2.0
📌 و...
☁️ لینک گروه تکنولوژی های ابری و مجازی سازی
https://t.iss.one/joinchat/BDE3OVH_RBXgwYZzbPZNqA
@iranopensource🐧
Iran Open Source (IOS)
سند بررسی مفاهیم فنی VMware VVoL در این سند شما با موارد زیر آشنا خواهید شد: 📌 مفهوم VMware VVoL و Storage Container 📌 معماری و کامپوننت های VMware VVoL 📌 مزایای کلیدی VVoL 📌 مفهوم Storage Policy-Based Management یا به اختصار SPBM 📌 معرفی ویژگی های جدید…
vSphere Virtual Volumes Technical Overview.pdf
2.2 MB
💎 یک مثال از ساختار سازمانی (چارت سازمانی) در یک SOC
💎 لینک گروه الماس
https://t.iss.one/joinchat/BDE3OQ2LakQWk-JDHFiNaQ
@iranopensource🐧
💎 لینک گروه الماس
https://t.iss.one/joinchat/BDE3OQ2LakQWk-JDHFiNaQ
@iranopensource🐧
💎 توپولوژی IDS using a Network Tap چیست؟
💎 لینک گروه الماس
https://t.iss.one/joinchat/BDE3OQ2LakQWk-JDHFiNaQ
@iranopensource🐧
💎 لینک گروه الماس
https://t.iss.one/joinchat/BDE3OQ2LakQWk-JDHFiNaQ
@iranopensource🐧
Iran Open Source (IOS)
💎 توپولوژی IDS using a Network Tap چیست؟ 💎 لینک گروه الماس https://t.iss.one/joinchat/BDE3OQ2LakQWk-JDHFiNaQ @iranopensource🐧
بطور کلی ما دو نوع تکنولوژی برای capture کردن packetهای شبکه توسط IDSها داریم:
1️⃣ تکنولوژی Port mirroring
2️⃣ تکنولوژی Network taps
تکنولوژی Network taps دیدگاهش اتصال به deviceها بصورت OOB یا Out-Of-Band از طریق Network taps جهت مانیتور و capture کردن packetهای یک segment از شبکه با استفاده از لینک های point-to-point است. مثلاً در شکل فوق از ارتباط Tap برای Capture کردن لینک بین شبکه Firewall و Switch و پکت هایی که بین این دو (شبکه Outside و Inside) منتقل می شود می توانیم استفاده نماییم. در واقع پیاده سازی IDS در این حالت به شما و سازمانتان این اجازه را می دهد که بدون اینکه توپولوژی شبکه و زیرساختتان را تغییر دهید ترافیک لینک ها را مانیتور نمایید. این روش، یک روش Passive Monitoring است. وقتی شما تنظیم می کنید که IDS تان در مد Tap Mode پیکربندی شود، در واقع یه کپی از packetها به سمت آن ارسال می شود. به مد Tap Mode اصطلاحاً monitor-only mode نیز گفته می شود.
شما فرض کنید IDSتان یک Cisco FirePower است و بصورت زیر آن را در مد monitor-only کانفیگ کرده اید. در این شرایط یک کپی از ترافیک توسط Network TAP بر روی IDS شما ارسال شده و IDS ترافیک را به این صورت Capture و مانیتور می کند. (چه inside trafficها و چه outside ترافیک ها)
firewall transparent
!
interface GigabitEthernet1/1
no nameif
no security-level
traffic-forward sfr monitor-only
لینک1: https://www.cisco.com/c/en/us/td/docs/security/firepower/hw/firepower_device/firepower_7k8k_device/deployment.html
لینک2: https://finkotek.com/cisco-firepower-inline-tap/
میثم ناظمی
@iranopensource🐧
1️⃣ تکنولوژی Port mirroring
2️⃣ تکنولوژی Network taps
تکنولوژی Network taps دیدگاهش اتصال به deviceها بصورت OOB یا Out-Of-Band از طریق Network taps جهت مانیتور و capture کردن packetهای یک segment از شبکه با استفاده از لینک های point-to-point است. مثلاً در شکل فوق از ارتباط Tap برای Capture کردن لینک بین شبکه Firewall و Switch و پکت هایی که بین این دو (شبکه Outside و Inside) منتقل می شود می توانیم استفاده نماییم. در واقع پیاده سازی IDS در این حالت به شما و سازمانتان این اجازه را می دهد که بدون اینکه توپولوژی شبکه و زیرساختتان را تغییر دهید ترافیک لینک ها را مانیتور نمایید. این روش، یک روش Passive Monitoring است. وقتی شما تنظیم می کنید که IDS تان در مد Tap Mode پیکربندی شود، در واقع یه کپی از packetها به سمت آن ارسال می شود. به مد Tap Mode اصطلاحاً monitor-only mode نیز گفته می شود.
شما فرض کنید IDSتان یک Cisco FirePower است و بصورت زیر آن را در مد monitor-only کانفیگ کرده اید. در این شرایط یک کپی از ترافیک توسط Network TAP بر روی IDS شما ارسال شده و IDS ترافیک را به این صورت Capture و مانیتور می کند. (چه inside trafficها و چه outside ترافیک ها)
firewall transparent
!
interface GigabitEthernet1/1
no nameif
no security-level
traffic-forward sfr monitor-only
لینک1: https://www.cisco.com/c/en/us/td/docs/security/firepower/hw/firepower_device/firepower_7k8k_device/deployment.html
لینک2: https://finkotek.com/cisco-firepower-inline-tap/
میثم ناظمی
@iranopensource🐧
Cisco
Cisco Firepower 7000 and 8000 Series Installation Guide, Version 6.x - Deploying Firepower Managed Devices [Cisco FirePOWER 7000…
💎 مزایای یک In-House SOC و یک Virtual SOC
💎 لینک گروه الماس
https://t.iss.one/joinchat/BDE3OQ2LakQWk-JDHFiNaQ
@iranopensource🐧
💎 لینک گروه الماس
https://t.iss.one/joinchat/BDE3OQ2LakQWk-JDHFiNaQ
@iranopensource🐧
💎 مقاله: انواع استراتژی های پیاده سازی Network IDS/IPS از دیدگاه SANS
💎 لینک گروه الماس
https://t.iss.one/joinchat/BDE3OQ2LakQWk-JDHFiNaQ
@iranopensource🐧
💎 لینک گروه الماس
https://t.iss.one/joinchat/BDE3OQ2LakQWk-JDHFiNaQ
@iranopensource🐧
Iran Open Source (IOS)
💎 لینک گروه الماس https://t.iss.one/joinchat/BDE3OQ2LakQWk-JDHFiNaQ @iranopensource🐧
Practical Windows Forensics by Ayman Shaaban & Konstantin Sapronov #Pactical_Windows_Forensics
----------------------------------
Over the last few years, the wave of the cybercrime has risen rapidly. We have witnessed many major attacks on the governmental, military, financial, and media sectors. Tracking all these attacks and crimes requires a deep understanding of operating system operations, how to extract evident data from digital evidence, and the best usage of the digital forensic tools and techniques. Regardless of your level of experience in the field of information security in general, this book will fully introduce you to digital forensics. It will provide you with the knowledge needed to assemble different types of evidence effectively, and walk you through the various stages of the analysis process.
We start by discussing the principles of the digital forensics process and move on to show you the approaches that are used to conduct analysis. We will then study various tools to perform live analysis, and go through different techniques to analyze volatile and non-volatile data.
-------------------------------———————
2016 | PDF | 314 pages | 19.8 MB
-----------------———————————
@iranopensource🐧
----------------------------------
Over the last few years, the wave of the cybercrime has risen rapidly. We have witnessed many major attacks on the governmental, military, financial, and media sectors. Tracking all these attacks and crimes requires a deep understanding of operating system operations, how to extract evident data from digital evidence, and the best usage of the digital forensic tools and techniques. Regardless of your level of experience in the field of information security in general, this book will fully introduce you to digital forensics. It will provide you with the knowledge needed to assemble different types of evidence effectively, and walk you through the various stages of the analysis process.
We start by discussing the principles of the digital forensics process and move on to show you the approaches that are used to conduct analysis. We will then study various tools to perform live analysis, and go through different techniques to analyze volatile and non-volatile data.
-------------------------------———————
2016 | PDF | 314 pages | 19.8 MB
-----------------———————————
@iranopensource🐧