From Fedora Project Wiki

(→‎Basic Security Topics: Fixed broken link)
 
(13 intermediate revisions by 3 users not shown)
Line 2: Line 2:


Below, is a list of resources, broken down by subject, to help those with an interest in information security expand their horizons.
Below, is a list of resources, broken down by subject, to help those with an interest in information security expand their horizons.
== General Security Information ==
* [http://www.cl.cam.ac.uk/~rja14/book.html Security Engineering — The Book] - Free Online Book (with non-free paper/ebook versions)
* [https://benchmarks.cisecurity.org/downloads/multiform/index.cfm Center for Internet Security Benchmarks]


== Auditing ==
== Auditing ==
* [https://www.worldcat.org/oclc/70836623 The Art of Software Security Assessment] - Book
* [https://www.worldcat.org/oclc/70836623 The Art of Software Security Assessment] - Book
* [https://www.worldcat.org/oclc/226356183 Web Security Testing Cookbook] - Book
* [https://www.worldcat.org/oclc/226356183 Web Security Testing Cookbook] - Book
== Basic Security Topics ==
* Fedora [[Security Features Matrix]]


== Cryptography ==
== Cryptography ==
Line 14: Line 15:
* [http://www.candlepinproject.org/presentations/pki-crash-course PKI Crash Course]
* [http://www.candlepinproject.org/presentations/pki-crash-course PKI Crash Course]
* [https://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml U.S. NSA Suite B Cryptography Guidance]
* [https://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml U.S. NSA Suite B Cryptography Guidance]
* [https://www.worldcat.org/title/bulletproof-ssl-and-tls/oclc/889874499 Bulletproof SSL and TLS]
* [https://wiki.mozilla.org/Security/Server_Side_TLS Mozilla Security/Server Side TLS guide]
* [https://mozilla.github.io/server-side-tls/ssl-config-generator/ Mozilla SSL Configuration Generator]


=== Hashing ===
=== Hashing ===
Line 19: Line 23:
== Network Security ==
== Network Security ==
* [https://www.worldcat.org/oclc/779863403 Hacking Exposed: Network Security Secrets & Solutions] - Book
* [https://www.worldcat.org/oclc/779863403 Hacking Exposed: Network Security Secrets & Solutions] - Book
== OS/System Security Topics ==
* Fedora [[Security Features Matrix]]
* [https://www.stigviewer.com/stig/red_hat_enterprise_linux_6/ Security Technical Implementation Guide (RHEL 6)] ''(contains mainly useful tips for securing Fedora systems)''
* [https://www.sans.org/reading-room/whitepapers/linux/securing-linux-containers-36142 Securing Linux Containers] - research paper on securing Linux container deployments/infrastructure


== Product-specific Documentation ==
== Product-specific Documentation ==
Line 36: Line 45:
* [https://www.owasp.org/index.php/OWASP_Testing_Project Security Testing Guide]
* [https://www.owasp.org/index.php/OWASP_Testing_Project Security Testing Guide]
* [https://www.worldcat.org/oclc/767909239 Buffer Overflow Attacks: Detect, Exploit, Prevent] - Book
* [https://www.worldcat.org/oclc/767909239 Buffer Overflow Attacks: Detect, Exploit, Prevent] - Book
* [https://www.owasp.org OWASP free and open software security community]
* [https://github.com/OWASP/DevGuide/tree/dc5a2977a4797d9b98486417a5527b9f15d8a251/DevGuide2.0.1 OWASP Security DevGuide] - Book
* [https://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/ Secure Programming HOWTO] - book by David A. Wheeler
== Free Security Training ==
* [http://www.pivotproject.org/ Pivot Project for Cyber Skills]
* [http://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/ FSU Offensive Computer Security Class]
== Non-Free Security Training ==
* [https://www.redhat.com/en/services/training/rh413-red-hat-server-hardening RH413: Server Hardening] - goes along with the [https://www.redhat.com/en/services/training/ex413-red-hat-certificate-expertise-server-hardening-exam EX413] exam for certification
* [https://www.sans.org/course/security-essentials-bootcamp-style SANS SEC401: Security Essentials Bootcamp Style]
* [http://www.eccouncil.org/Certification/certified-ethical-hacker Certified Ethical Hacker v9 Training Program]
== Memberships/Fellowship/Certifications ==
* [https://www.issa.org/ Information Systems Security Association (ISSA)]
* [https://www.isc2.org/ The International Information Systems Security Certification Consortium (ISC)2]




[[Category:Security]]
[[Category:Security]]
[[Category:Education]]
[[Category:Education]]

Latest revision as of 13:06, 16 April 2017

Information security is a specialized skill-set that requires years of education and experience to master. Unfortunately, many security gurus agree that it's next to impossible to teach many of the skills necessary to become an expert. While we agree with this we'll, in any case, try to lead those willing to put in the time to expand their knowledge of information security.

Below, is a list of resources, broken down by subject, to help those with an interest in information security expand their horizons.

General Security Information

Auditing

Cryptography

Encryption

Hashing

Network Security

OS/System Security Topics

Product-specific Documentation

Fedora

Red Hat

Secure Programming

Free Security Training

Non-Free Security Training


Memberships/Fellowship/Certifications