Security Foundations
Defensive Security– main tasks are (Blue teams are part of the defensive security landscape)
- Preventing intrusions from occurring
- Detecting intrusions when they occur and responding properly
Some of the tasks that are related to defensive security include:
- User cyber security awareness
- Documenting and managing assets
- Updating and patching systems
- Setting up preventative security devices
- Setting up logging and monitoring devices
Areas of defensive security
- Security Operations Center (SOC)- monitoring the network and its systems to detect malicious cyber security events. Some of the main interests of SOC include Vulnerabilities, Policy violations, Unauthorized activity, Network intrusions. Threat intelligence aims to gather information to help the company better prepare against potential adversaries.
- Digital Forensics and Incident Response (DFIR) – involves the following Digital Forensics, Incident Response, Malware Analysis