Cybersecurity Index
该文章探讨了信息安全领域的研究框架与方法论,涵盖了安全评估类型(如漏洞评估、渗透测试)、威胁建模及红蓝紫队的团队结构,并分析了安全事件管理的相关术语与分类。 2025-8-30 12:0:0 Author: danielmiessler.com(查看原文) 阅读量:3 收藏
该文章探讨了信息安全领域的研究框架与方法论,涵盖了安全评估类型(如漏洞评估、渗透测试)、威胁建模及红蓝紫队的团队结构,并分析了安全事件管理的相关术语与分类。 2025-8-30 12:0:0 Author: danielmiessler.com(查看原文) 阅读量:3 收藏
A comprehensive collection of security research, frameworks, and methodologies developed over two decades in information security, covering assessment types, threat modeling, web application security, and the evolving security landscape.
Information Security Assessment Types
Comprehensive taxonomy: vulnerability assessments, penetration tests, red teams, audits, threat modeling
Vulnerability Assessment vs. Penetration Test
Goal-oriented vs. list-oriented security testing methodologies
When to Use Different Assessment Types
Decision framework for assessment type selection
Red, Blue, and Purple Teams
Team structures, operational roles, and interaction patterns
Events, Alerts, and Incidents
SOC terminology and operational classification
文章来源: https://danielmiessler.com/blog/cybersecurity-backup?utm_source=rss&utm_medium=feed&utm_campaign=website
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh