Do you feel overwhelmed by the barrage of security white papers, webinars, and guides? Are you parallized trying to figure out what you need to do first to get ready for the next attack? We don’t need more security guides, we need a consolidated landing that pulls in all the advice into one place. We need security guides, projects, & workbooks that provide curated content and are not biased toward any vendor or option. We need security guides, projects, & workbooks that are maintained to some of the latest lessons learned. We need to have materials that do not overwhelm us, having us feel stuck trying to figure out “what do I do first.” We need practical security guides to do something that will reduce the cybersecurity risk to my team, my organization, my family, and my community.
These guides are the first attempt to build this list. They are cybersecurity, networking, and Internet scaling guides and workbooks curated with a range of materials, pulling in lessons learned from all over the world and then sharing it in a way where you and your team can gain immediate & actionable value.
The “projects” complement the guilds and workbooks. The Cybersecurity Projects are activities you can participate and take security action. They range from the simple (i.e. like the Spoofer Project) to group action that pushes back on the badness (i.e. like Shadowserver or the HoneyNet Project). Some projects are efforts that push best common practices (i.e. like MANRS). All of these projects are minimal to zero capital investment. Many of these projects are the source of “commercial vendor solutions” that do not let you know about open source and community driven security activities. We have them here with the guides as a way for individuals and organization to leverage open source, community, and “cyber-civil defense” resourses.
“Empower First – Vendors/Consultants Second” Philosophy
These Guides & Workbooks are crafted with the Senki philosophy of tenacity to seek knowledge and insight BEFORE pulling in the “experts.” The philosophy is first to learn, take simple actions, and have the foresight and humility to reach out to your peers in the community seeking their help. Then reach out to paid consultants, vendors who want to sell you their services, and operators who offer to protect you. Leadership forgets the reality that the people who are there now are the EXPERTs who know the business, understand the customers, live with the organizational dynamics, and have a deep understanding of the systems they architected.
Note: Senki is not an anti-consultant, anti-vendor, or anti-operator site. Consultants, vendors, and operators are all CRITICAL to your organization’s resiliency. The “Empower First – Vendors/Consultants Second” Philosophy provides a way to take immediate action, learn what you need, and then pull in the appropriate solution. The philosophy has proven over the decades not to waste time, money, or resources putting the ladder on the wrong wall.
List of Practical Security Guide & Workbooks
Internet DDoS Attacks are a force of nature on the Internet. They are like earthquakes, hurricanes, floods, tornados, tsunamis, and all other disasters. Organizations need to prepare for a DDoS Attack the same way they prepare for severe weather and natural disasters. These guides have been crafted based on my personal experience (+25 years of DDoS experience) and the experience of my peers who I’m constantly working with to mitigate, disrupt, push back on the DDoS threats. The DDoS Attack Preparation Workbook pulls all the work into one location. This would make it easier for teams to pull down materials, guidelines, tools, and techniques that have proven to mitigate the effects of DDoS Attacks.
Proactive CyberSecurity Projects
Don’t wait to get hit by a security incident. There are actions you can take within your organization to minimize risk, track the miscreants, disrupt the threat actors, and help law enforcement track them down. These proactive cybersecurity projects are community effort that promote BCPs, non-profit “cyber-civil defense” organizations, tooling, and visibility.
Spoofer is a tool you can download to you computer to detect two types of IP spoofing. The tool is heavily vetted and works effectively on MAC, PC, and Linux. We use Spoofer to measure which networks are NOT doing Source Address Validation (SAV) on their customers or on their network. We also measure if the network is at risk from someone pretending to be them and using spoofed IP sources to break into the network. CAIDA is the primary sponsor of the program and is funded by grants. Other organizations like Shadowserver and MANRS leverage the data Spoofer and CAIDA collects.