Software as a Service
Best Practice Content
NIST Data
Training
Pricing
Download Best Practices and Standards to add expert guidance to your digital work
Improve Cyber Security Management >
NIST Framework for Improving Critical Infrastructure Cybersecurity
NIST IT Supply Chain Risk Management
NIST Cyber Security Capability Maturity Model
UK Government Cyber Essentials
UK Government Cyber Essentials Plus
Process for Improving Cyber Security Management
Improve Security of Application Development >
NIST Taxonomy and Terminology of Adversarial Machine Learning
5.7.6.2.5 - NIST Failure Mode Analysis in Machine Learning
OWASP Application Security Verification Standard
NIST Digital Identity Guidelines
NIST Security of Web Services
NIST Reducing Software Vulnerabilities
Improve IT Infrastructure & Network Security >
ITIL Service Standards and Processes
NIST Security and Privacy Controls
NIST Server Security
NIST Securing Public Web Servers
NIST Electronic Mail Security
NIST Security of Voice Over IP Systems
NIST Securing Wireless Networks
NIST Securing Wireless Local Area Networks
NIST Security of IPsec VPNs
NIST Security of Virtualization Technologies
NIST Security for Hypervisor Deployment
NIST Security-Focused Configuration Management
NIST IT Asset Management
Storage Area Networks
IETF Robust Inter-Domain Routing Standard
SOC 2 Data Centre Operations Security
Enterprise Architecture Principles
Information Security Capability Model
Improve CISO Security Services >
NIST Data-Centric System Threat Modeling
NIST Intrusion Detection and Prevention Systems
FIPS Data Encryption at Rest Standards
NIST for Key Management
NIST Cryptographic Key Management Systems
NIST Security of Hash, Random Number and Digital Signature Algorithms
NIST Application Container Security
NIST Security of Linux Containers
NIST Test Methods for Access Control
NIST Recovering from Ransomware and Other Destructive Events
NIST Cybersecurity Event Recovery Best Practice
Cyber Attack Emergency Exercise Training >
NIST Cyber Attack Incident Recovery
Cyber Attack Vectors and Scenarios
Incident Response Process
IT and Cyber Security Asset Register.
IT and Cyber Security Asset Register - Medium Complexity
IT and Cyber Security Asset Register - High Complexity
Cyber Security experts - Competency Ratings
Ethical Hacking and Penetration Testing
Business Continuity Process
Crisis Management Process
Cyber and IT Policy, ISO27001 Controls
Cyber Security Insurance
Data Protection Officer Content and Tools >
Data Protection Impact Assessment
Data Mapping and Flows
Data Protection Policies and Procedures
Subject Access Request
Breach Notification Register
NIST Protecting Controlled Information
NIST Mapping Information Systems to Security Categories
NIST Security and Privacy Controls
NIST Digital Identity Guidelines
NIST Test Methods for Access Control
NIST Security in System Development
NIST Penetration Testing and Assessment
NIST Guidelines for Media Sanitization
NIST Supply Chain Risk
NIST Data-Centric Threat Modelling
NIST Cloud Computing Forensics
NIST Recovering from Ransomware and Other Destructive Events
NIST Computer Security Incident Handling
NIST Cybersecurity Event Recovery
Cyber attack and data exfiltration blueprints >
Attacks on compiled software without source code
Anti-forensic techniques
Automated probes and scans
Automated widespread attacks
Cyber-threats with bullying
Distributed attack tools
Email propagation of malicious code
Executable code attacks against browsers
Exploiting infrastructure software vulnerabilities
Fully undetectable software or noise
GUI intrusion tools
Internet social engineering attacks
Network sniffers
Packet spoofing
Session-hijacking
Sophisticated botnet command and control attacks
"Stealth" and other advanced scanning techniques
Targeting of specific users using user data
Wide-scale trojan distribution
Widespread attacks on DNS infrastructure
Windows-based remote access trojans
Widespread attacks using NNTP to distribute attack
Widespread, distributed denial-of-service attacks
Wide-scale use of worms
Conduct Cyber Penetration Test >
NIST Penetration Testing and Assessment
1. Enumerating the Servers
2. IPs on Servers
3. Host Status & Data
4. Logical Map of relationships
6. System Vulnerabilities
7. Wifi Hacking
8. Web Application Security
9. Password Cracking
10. Break in, Hunt for Files
11. Pass the Hash Authentication
12. Client Side Attacks
13. Network Resilence
14. Switches and Hubs
15. Reconnection Testing
16. Database exploitation
Improve Risk Management in Financial Services >
NIST IT Asset Management Financial Services
Principles for effective risk data aggregation and reporting, BCBS 239.
MiFID II and MiFIR Implementation Technical Standards.
OTC Derivatives Margin Requirements, BCBS 261
Credit Risk in Banks and Financial Institutions
Treating Customers Fairly in Financial Services
Market Abuse Regulations
Risks to executives from regulatory attestations
Assess Payment Card Industry Data Security >
Payment Card Industry Data Security Standard (PCI DSS)
PCI Supplementary requirements Code Reviews and Application Firewalls
PCI Supplement requirements Wireless Guidelines
PCI Supplementary Requirements for Penetration Testing
NIST Card Application and Middleware Interface Test
NIST Security and Privacy Controls PCI DSS
Improve 'Internet of Things' Design and Build >
NIST Network of ‘Things’
NIST IOT Edge Computing Conceptual Model
NIST Platform Firmware Resiliency Guidelines
Step 1 – Understand topology for IOT Elements
Step 2 – Assess Cybersecurity for Cyber Physical Systems
Step 3 – Convert IoT assessment to a business case assessment
Programme & Project Management Standards >
Programme Management (MSP)
Project Management (Prince2)
Project Management (PMI)
Finance Transformation
Agile Project Management
Implement Security through Cloud Computing >
NIST Evaluation of Cloud Computing Services
NIST Cloud Computing Reference Architecture
NIST Security and Privacy in Public Cloud Computing
Controlling SaaS Environments from an IT Viewpoint
Data Services Transformation
Assess IT & Application Estate and Opportunities
Compute Transformation
Network Services Transformation
Application & Development Process Transformation
Application Services Transformation
Security Transformation
Business Intelligence & Machine learning
Contract Alignment & Operationalisation
Improve Enterprise Data Management >
Ontology, Semantic and Conceptual Data Modeling
Enterprise Data Quality Standard
eDiscovery
Enterprise Data Standards Setting Process
Improve Industrial Control Systems >
NIST Industrial Control System Security
Community Emergency Response
Improve Cyber Risks in Healthcare >
NIST Securing Wireless Infusion Pumps
Management of Medical Equipment
Managing Biological Risks in Laboratories
Control of Substances Hazardous to Health
General Data Protection Regulation Implementation >
General Data Protection Regulations, GDPR
1. Carry out GDPR Gap Analysis
2. Implement GDPR Management Oversight
3. Implement Business process for Compliance
4. Implement Heightened citizen rights
European Union - Network and Information Security Directive
United States - Cyber Security Regulation
UK - Investigatory Powers Bill
Evaluate Blockchain Use Cases and Risks >
Blockchain Technology Use Cases
Blockchain Application Testing and Assurance
Conduct Cyber Security Audit >
NIST Auditing Security and Privacy Controls
Audit - Application and Software
Audit - Data and Storage
Audit - Network
Audit - End User Devices
Audit - Computer and Data Centre
Audit - Tools and Configuration
Audit - Physical Security
Quantify Cyber Risk with Monte Carlo >
Calculate Cyber Risk in Financial Terms
Calculate Insurance coverage using Monte Carlo
Calculate Company operational risk using Monte Carlo
Calculate risk for Regulatory purposes using Monte Carlo
Cyber Security Line of Defence Assessment >
1st Line of Defense Attacks - People
2nd Line of Defense Attacks - Network Boundary
3rd Line of Defense Attacks - Internal
4th Line of Defense Attacks - Supply Chain Vulnerabilities
Improve Software Development for Cyber Resilence >
Dev Ops Assessment
Software Testing during Development
Software Development in Aviation
Software Development
Application Modernisation and Architecture Blueprints >