Security Guides

A practical guide to implementing DNS security, covering protective DNS, DNSSEC, encrypted DNS protocols, threat detection, and enterprise architecture patterns.

A practical guide to implementing mobile security and BYOD programs, covering MDM deployment, containerization, app vetting, conditional access, and compliance requirements for iOS and Android.

A practical guide for new CISOs and security leaders building security programs from scratch, covering governance, risk assessment, team building, framework selection, and executive communication.

A comprehensive guide to securing Industrial Control Systems and Operational Technology, covering the Purdue Model, ICS-specific threats, network segmentation, and building an OT security program.

A comprehensive guide to establishing an insider threat program, covering detection technologies, behavioral indicators, HR integration, legal considerations, and balancing security with employee trust.

A practical guide to implementing PAM, covering credential vaulting, just-in-time access, session recording, service account management, and cloud privileged access across AWS, Azure, and GCP.

A comprehensive guide to developing security awareness training that changes behavior, not just checks compliance boxes. Covers program design, phishing simulations, metrics, and building a security culture.

A practical guide to developing security metrics that matter, communicating cyber risk to boards in financial terms, and building dashboards that drive decisions rather than just display data.

A comprehensive guide to implementing SIEM, covering log source prioritization, detection engineering, architecture patterns, cost optimization, and the shift toward data lake architectures.

Comprehensive guide to network security covering defense in depth, segmentation, firewalls, IDS/IPS, zero trust architecture, and protection against common network attacks including lateral movement and man-in-the-middle.

How to create, test, and maintain an incident response plan aligned with NIST SP 800-61r3 and CSF 2.0, covering preparation, detection, containment, and regulatory reporting obligations.