Center for Internet Security: The 18 CIS Critical Security Controls—www.cisecurity.org/controls/cis-controls-list
Cybersecurity & Infrastructure Security Agency: CISA Tabletop Exercise Packages—www.cisa.gov/cisa-tabletop-exercises-packages
Executive Order on Improving the Nation's Cybersecurity—www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity
NIST Special Publication 800-53 Revision 5: Security and Privacy Controls for Information Systems and Organizations—https://doi.org/10.6028/NIST.SP.800-53r5
NIST Special Publication 800-61 Revision 2: Computer Security Incident Handling Guide—https://doi.org/10.6028/NIST.SP.800-61r2
NIST Special Publication 800-84: Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities—https://doi.org/10.6028/NIST.SP.800-84
NIST Special Publication 800-171 Revision 2: Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations—https://doi.org/10.6028/NIST.SP.800-171r2
NIST Special Publication 800-207: Zero Trust Architecture—https://doi.org/10.6028/NIST.SP.800-207
OWASP API Security Project—https://owasp.org/www-project-api-security
OWASP Top 10—https://owasp.org/Top10
Adobe's Case Study on Zero Trust—www.youtube.com/watch?v=IGFhMoRXTqg&t=7s
How Akami Implemented a Zero Trust Security Model—www.akamai.com/us/en/multimedia/documents/case-study/how-akamai-implemented-a-zero-trust-security-model-without-a-vpn.pdf
LogRhythm's Journey to Zero Trust—www.youtube.com/watch?v=Fj4ifrMfD8w&feature=emb_logo
An overview: “A New Approach to Enterprise Security”—https://research.google.com/pubs/pub43231.html
How Google did it: “Design to Deployment at Google”—https://research.google.com/pubs/pub44860.html
Google's front-end infrastructure: “The Access Proxy”—https://research.google.com/pubs/pub45728.html
Migrating to BeyondCorp: “Maintaining Productivity while Improving Security”—https://research.google.com/pubs/pub46134.html
The human element: “The User Experience”—https://research.google.com/pubs/pub46366.html
Secure your endpoints: “Building a Healthy Fleet”—https://ai.google/research/pubs/pub47356
Cyber Warfare—Truth, Tactics, and Strategies. Dr. Chase Cunningham, Packt Publishing, 2020.
Zero Trust Networks. Evan Gilman, Doug Barth, O'Reilly Media, 2017.
Zero Trust Security: An Enterprise Guide. Jason Garbis, Jerry W. Chapman, Apress, 2021.
Best Practices for Securing Active Directory—https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/best-practices-for-securing-active-directory
Cisco Router Hardening Guide—www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html
Docker Hardening—https://docs.docker.com/engine/security
Kubernetes Hardening Guide—https://media.defense.gov/2021/Aug/03/2002820425/-1/-1/0/CTR_Kubernetes_Hardening_Guidance_1.1_20220315.PDF
Microsoft Security Baselines—https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines
Securing Distribution Independent Linux—www.cisecurity.org/benchmark/distribution_independent_linux
VMWare Security Hardening Guides—www.vmware.com/security/hardening-guides.html
Windows Server Security Documentation—https://docs.microsoft.com/en-us/windows-server/security/security-and-assurance
3.142.200.28