Selected Pages
Security Frameworks by SEAL
1.
Introduction to the Frameworks
2.
What It Is
3.
What It Isn't
4.
How to Navigate the Website
5.
Overview of Each Framework
Frameworks
6.
Infrastructure
6.1.
Cloud Infrastructure
6.2.
DDoS Protection
6.3.
DNS and Domain Registration
6.4.
Operating System Security
6.5.
Asset Inventory
6.6.
Identity and Access Management
6.7.
Zero-Trust Principles
6.8.
Network Security
7.
Monitoring
7.1.
Guidelines
7.2.
Thresholds
8.
Front-End/Web Application
8.1.
Web Application Security
8.2.
Mobile Application Security
9.
Community Management
9.1.
Discord
9.2.
Twitter
9.3.
Telegram
9.4.
Google
10.
Key Management
10.1.
Custodial vs Non-Custodial
10.2.
Signing Schemes
10.3.
Software Wallets
10.4.
Hardware Wallets
10.5.
Cold vs Hot Wallet
11.
Encryption
11.1.
File Encryption
11.2.
Volume Encryption
11.3.
Full Disk Encryption (FDE)
11.4.
Partition Encryption
11.5.
Cloud Data Encryption
11.6.
Email Encryption
11.7.
Communication Encryption
11.8.
Database Encryption
11.9.
Hardware Encryption
12.
Incident Management
12.1.
SEAL 911 War Room Guidelines
12.2.
Incident Detection and Response Mechanisms
12.3.
Playbooks
12.4.
Communication Strategies
12.5.
Lessons Learned
13.
Operational Security
13.1.
SIM Swapping
13.2.
Telegram
13.3.
Standard Operating Environment
13.4.
Wireless Security
13.5.
Password/Secrets Management
13.6.
Physical Security
13.7.
Detecting and Mitigating Insider Threats
13.8.
G Suite Security
14.
DevSecOps
14.1.
Repository Hardening
14.2.
Code Signing
14.3.
Integrated Development Environments
14.4.
Continuous Integration and Continuous Deployment
15.
Privacy
15.1.
Digital Footprint
15.2.
Secure Browsing
15.3.
Privacy-Focused Operating Systems and Tools
15.4.
Financial Privacy Services
15.5.
Encrypted Communication Tools
15.6.
VPN Services
15.7.
Data Removal Services
16.
Vulnerability Disclosure
16.1.
Security Contact
16.2.
Bug Bounties
17.
Supply Chain
17.1.
Dependency Awareness
17.2.
Supply-Chain Levels for Software Artifacts
18.
Awareness
18.1.
Social Engineering
18.2.
Security Training
18.3.
Staying Up to Date
19.
External Security Reviews
19.1.
Expectation
19.2.
Preparation
19.3.
Vendor Selection
19.4.
Security Policies and Procedures
20.
Governance
20.1.
Risk Management
20.2.
Compliance with Regulatory Requirements
20.3.
Security Metrics and KPIs
21.
Security Automation
21.1.
Threat Detection and Response
21.2.
Infrastructure as Code
21.3.
Compliance Checks
22.
Threat Modeling
22.1.
Identify and Mitigate Threats
22.2.
Create and Maintain Threat Models
23.
Identity and Access Management (IAM)
23.1.
Role-Based Access Control (RBAC)
23.2.
Secure Authentication
24.
Secure Software Development
24.1.
Secure Coding Standards and Guidelines
24.2.
Threat Modeling and Secure Design Principles
24.3.
Code Reviews and Peer Audits
24.4.
Secure Code Repositories and Version Control
25.
Security Testing
25.1.
Dynamic Application Security Testing (DAST)
25.2.
Static Application Security Testing (SAST)
25.3.
Fuzz Testing
25.4.
Security Regression Testing
26.
User and Team Security
26.1.
Security Training
26.2.
Security-Aware Culture
26.3.
Phishing and Social Engineering
Practical Guides
Additional Resources
27.
Contributing
27.1.
Contributors
Light
Rust
Coal
Navy
Ayu
Latte
Frappé
Macchiato
Mocha
Security Frameworks by SEAL
Encrypted Communication Tools