Dr. Erdal Ozkaya
Search
  • Home
  • About Me
  • Home
  • About Me
  • Home
  • General, Cybersecurity, Cloud Computing, How to ...?, Artificial Intelligence AI
  • Mark Simos Resource List – Absolutely 4 Free

Mark Simos Resource List – Absolutely 4 Free

mark simos
Erdal2021-07-16T14:45:29-04:00

Mark Simos , a Chief Security Advisor at Microsoft and a great friend of mine recently shared a very useful resource list which I want to re share with you .

Here is Mark Simos Resource List

Enjoy!

Recent Updates

Table of Contents

  • Recent Updates
  • Incident Response and Recovery
  • Cybersecurity for Business Leaders
  • Mitigating Ransomware and Rapid Cyberattacks (Petya, WannaCrypt, etc.)
  • Microsoft Security Guidance
  • Cybersecurity Reference Architectures
  • Security Operations [Center] (SOC)
  • Zero Trust Resources
  • Enterprise Patch Management
  • Identity and Passwords
  • Microsoft Azure
  • Azure Sentinel
  • Office 365 Security
  • Application/Development Security
  • Securing Privileged Access
    • To register for free events :
  • Added CDOC blog link for “Zen and the Art of Threat Hunting“
  • Fixed some broken links

Incident Response and Recovery

  • IR Reference Guide – Lessons learned and recommendations from Microsoft, EY, Edelman, and Orrick to manage major incidents based on our collective experience (technical, operational, legal, and communications)
  • NIST Guide for Cybersecurity Event Recovery – https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-184.pdf
  • Microsoft’s Detection and Response Team (DART) – https://aka.ms/DART

Cybersecurity for Business Leaders

  • Security Return on Investment (ROI) Video (1.5 minutes) – https://www.youtube.com/watch?v=maQh35MdFKY
  • Cybersecurity Resilience – https://docs.microsoft.com/en-us/security/ciso-workshop/ciso-workshop-module-1#part-2-cybersecurity-resilience-1350

Mitigating Ransomware and Rapid Cyberattacks (Petya, WannaCrypt, etc.)

Roadmap of recommendations to protect against these attacks (30 days, 90 days, and beyond) put together by Microsoft, NIST, CIS, and DHS NCCIC (formerly US-CERT)

  • Webinar – https://aka.ms/rapidattack-webinar
  • Download slides (including detailed notes) – https://aka.ms/rapidattack-slides

Microsoft Security Guidance

  • Security Documentation Main Site – https://aka.ms/securitydocs
  • Best Practice Documentation and Videos – https://docs.microsoft.com/en-us/security/compass/microsoft-security-compass-introduction
  • Cybersecurity Training (CISO Workshop) – https://aka.ms/CISOWorkshop

Cybersecurity Reference Architectures

  • Microsoft Cybersecurity Reference Architecture (MCRA) Slides – http://aka.ms/mcra
  • Security Operations Center (SOC) – Slide 72 of Slides | Video
  • Zero Trust Access Control – Slide 14 of Slides | Video
  • Mapping to NIST CSF and ISO 27001 – https://aka.ms/CyberMapping

Security Operations [Center] (SOC)

  • CDOC Blog Series – Part 1 | Part 2a | Part 2b | Part 3a | Part 3b | Part 3c | Part 3d
  • Video from Microsoft’s Virtual Security Summit (starting at 1:05:48) – https://info.microsoft.com/US-SCRTY-WBNR-FY19-04Apr-16-01MasterTheVirtualSecuritySummit-MCW0012180_02OnDemandRegistration-ForminBody.html
  • Poster – https://aka.ms/minutesmatter

Zero Trust Resources

  • Zero Trust Landing Page – Overview and links to resources, assessments, etc.
  • CISO Workshop Slides/Videos – Zero Trust strategy and application to modern identity architecture
  • Microsoft’s IT Learnings – from (ongoing) Zero Trust journey
  • Vision Paper – Microsoft’s maturity model describing the Zero Trust journey
  • eBook – summarizing dynamics of Zero Trust and how Microsoft technology supports it today

Enterprise Patch Management

  • Patching as a Social Responsibility

Identity and Passwords

  • Your Pa$$word Doesn’t Matter – https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Your-Pa-word-doesn-t-matter/ba-p/731984

Microsoft Azure

  • Azure Security Compass (and tracking spreadsheets) – https://aka.ms/azuresecuritycompass
  • Security Architecture Guidance (similar to AWS well-architected framework) – https://aka.ms/AzureSecurityArchitecture
  • Azure Security Documentation – http://aka.ms/AzureSecInfo
  • Feature Updates – https://azure.microsoft.com/en-us/updates/?status=all

Azure Sentinel

Microsoft’s Cloud Native SIEM and SOAR capability

  • Azure Sentinel Documentation
  • Project VAST dashboard – Discover old insecure protocols creating risk

Office 365 Security

  • Prioritized Recommendations – Roadmap of security recommendations for protecting Office 365 against top attacks and prioritize by things to do in the first 30 days, first 90 days and beyond.
  • Feature updates – https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=

Application/Development Security

The Secure DevOps Toolkit for Azure (AZSK) is the set of documentation and scripts that Microsoft’s IT organization used to secure the DevOps process on Azure

  • Website – https://azsk.azurewebsites.net/

Securing Privileged Access

Recommended roadmap for securing privileged access

  • Roadmap – Prescriptive roadmap of steps in priority order (first 30 days, 90 days, and beyond) – http://aka.ms/SPAroadmap
  • Credential Theft Demonstration (~10 minutes) – http://aka.ms/credtheftdemo
  • RSA Conference Presentation – Co-presentation with Tony Sager of the Center for Internet Security (CIS) on this aspect of critical hygiene – https://aka.ms/criticalhygiene-rsac
Microsoft Azure
Microsoft Azure

To register for free events :

https://www.erdalozkaya.com/category/free-events/

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *


Related Posts

Why researching IT Security?

Why researching IT Security There is nearly every week an IT Security incident, more and more corporations and individuals are getting... read more
Network Security Administrator Erdal

Network Security Administrator (ENSA) Free Certification Week 2

Network Security Administrator Lecture 2: Security Standards Security Policy Network Security Threats DEMO: Network security threats from real life Delivered by Erdal Ozkaya Week 1 : https://www.erdalozkaya.com/network-security-administrator/ ... read more
Essential Components of a Zero Trust Erdal Ozkaya

Essential Components of a Zero Trust Architecture : Free VIDE0

Essential Components of a Zero Trust The key components of an effective "zero trust" architecture include multifactor authentication, network segmentation, and... read more
update on the current cyber security threat profile

Erdal’s update on the current cyber security threat profile Free Webinar :

update on the current cyber security threat profile Join Microsoft #Cybersecurity Architect Dr Erdal Ozkaya tonight (7-8:30pm AEST) to hear about... read more
Secrets of Windows

Recommend web sites for IT Security Pros : Free 2 learn

  Since I am delivering many FREE online classes, I started to receive if not hundreds, tens of emails... read more
Give your Career a Boost Erdal Ozkaya

Give your Career a Boost – 9 Great ways

We all know that getting certified can give your career (and resume) a boost. And I am a very... read more
SuperHero Erdal Ozkaya

New Normal and Tech Shift 2020 Free Online Summit

New Normal and Tech Shift 2020 Online Web Summit - Delivering a Session on Cybersecurity  Join us at the #newnormal and... read more
How to Decipher Zero Trust for Your Business

How to Decipher Zero Trust for Your Business – A research from Gartner – Free

How to Decipher Zero Trust for Your Business Xcitium , A Research from Gartner  Security and risk management leaders are asking for... read more

Heartbleed clinic seeks to staunch flow ( Free Training 14)

Heartbleed clinic seeks to staunch flow Over 6 000 students have enrolled in a Hacking Countermeasures short course to be run... read more
CISO Dr Ozkaya

7 Tips to impactfully start your CISO job

As CISO – especially in a new organization – you need to balance being a Cybersecurity guru and business acumen.... read more

Categories

  • About Dr Erdal Ozkaya (298)
    • Awards (96)
    • Erdal in the news (118)
    • Feedback (90)
    • My Books (54)
    • Who is Dr Erdal Ozkaya ? (2)
  • Announcemets (302)
  • Artificial Intelligence AI (11)
  • Certification (52)
  • Cloud Computing (72)
  • Cybersecurity (322)
  • Cybersecurity Leadership (52)
  • Financial Sector (31)
  • Forensics (17)
  • Free Events (156)
  • General (133)
  • How to …? (63)
  • ISO 2700x (12)
  • News (38)
  • Reviews (77)
    • Book Reviews (33)
    • Free E-Books (13)
    • Hardware Review (9)
    • Security Review / Reports (10)
    • Software Review (8)
  • Video Tutorials (101)
  • What is new? (27)
  • Windows (30)

Recent Comments

  • Erdal on Free EDR Certification Training
  • SANDEEP SHRIVASTAV on Free EDR Certification Training
  • Alicia Harlow on Core isolation Memory Integrity not available – (Get it fixed)
  • Alicia Harlow on Core isolation Memory Integrity not available – (Get it fixed)
  • Erdal on Siber Güvenlik Saldiri ve Savunma Stratejileri – NEW B00K

Archives

Dr. Erdal Ozkaya © Copyright 2023. All Rights Reserved.