SlideShare a Scribd company logo

Effective Cyber Security Report Writing

n|u - The Open Security Community
n|u - The Open Security Community

Effective Cyber Security Report Writing

Education
1 of 20
Download to read offline
Effective Report Writing Cyber Security
whoami? Ashwini Varadkar Sr. Security Analyst 5. 6 years of Experience in Cyber Security Avid Reader Kathak Professional Special Love Towards Reporting :p
What is a Report? “Report” is derived from the Latin word of “reportare” which means carry back. Re is back and portare means to carry. Represents information in structured format, is short and concise, purposeful, and has audience.
Cyber Security and Reports - The Inseparables • SOC • Assessment • DFIR • GRC
The Reality Check! As to how did we realize that there is a gap that needs to be addressed? • Leader/Reviewer/Project Manager • Other way: • Client report rejection • Social media posts • Not talked about a lot
Need for Effective Writing Reputation Consulting
Common Mistakes COMMUNICATING SOMEONE ELSE’S OUTPUT VAGUE SENTENCES IMAGE RELATED ISSUES
Common Concerns • Unable to lead people through the content in a structured way. They should get the information that they want quickly and easily. • Confusion often arises about the writing style, what to include, the language to use, the length of the document and other factors.
What is Effective? :/ Rules Concept
Formal Writings • What all comes under the umbrella of formal writing? • Academic research papers • Business presentations, • Emails and memorandums • Business reports for conveying information • and other types of official correspondence.
Contractions • Avoid using contracted words. E.g.: oShould + not = Shouldn’t oWill + not = Won’t oAre + not = Aren’t oIs + not = Isn’t
Stay Active • Active voices – Sentences that are direct and concise. E.g. o Passive voice – An instance of XSS was observed by the analyst. o Active voice – The analyst observed an XSS instance. o Passive voice – Instructions will be given to you by the assessor. o Active voice – The assessor will give you instructions.
Capitalization in Titles • Thumb Rule: o Capitalize the important words in the title o E.g – Weak Password Policy in Use o E.g – Cross-Site Request Forgery (CSRF) • So which words are usually written in lowercase when creating headlines and titles? o Articles (a, an, the) o Coordinating Conjunctions (and, but, for) o Short (less than 5 letters) Prepositions (at, by, from) Consistency is the KEY
• Lower Case Titles o E.g – Weak password policy in use o E.g – Cross-site request forgery (CSRF) • Same rule applies to the image captions (these are nothing but short titles).
Capitalization in Sentences • Avoid random capitalization of letters in sentences. oE.g: URL's should not contain any Sensitive Information, for example, a session Token, as the information is often logged at various locations. oSimply: URL's should not contain any sensitive information, for example, a session token, as the information is often logged at various locations. • Capitalize proper nouns (names, countries, cities) such as the below sentence. oE.g: xyzOrg discovered multiple instances of weak physical security in SampleOrganization’s Chicago data centre.
Software Name • It is JavaScript (abbreviated as JS) and not Javascript • jQuery and not Jquery or JQuery • Clickjacking and not ClickJacking Simply check the tool/service/software name on their official websites! This also applies to attack names. • EternalBlue • POODLE Consistency is the KEY
Highlights and Emphasis • Make relevant highlights. • Use single or double quotes to stress on a word. Ensure consistency. • Subtitles can be emphasized by using bold (under PoC section, under Remediation). • Observe the template. If XYZ uses single quotes for highlights, continue that in your write up too. Consistency is the KEY
Images • General points: • All images must be aligned in one specific way. • Relevant masking must be done. • Relevant highlights must be made. • Image should be clear. Consistency is the KEY
Conclusion • Note the points discussed here • Write • Write down the points • Frame sentence around it • Ask for help • Share the responsibilities • Courses / Apps • Books/Ebooks • Checklist Consistency is the KEY
Thank You J

Recommended

2106 ACM DIS
2106 ACM DIS2106 ACM DIS
2106 ACM DISWarNik Chow
 
2104 Talk @SSU
2104 Talk @SSU2104 Talk @SSU
2104 Talk @SSUWarNik Chow
 
Sumit A
Sumit ASumit A
Sumit AHilary Ip
 
Aspect Level Sentiment Analysis for Arabic Language
Aspect Level Sentiment Analysis for Arabic LanguageAspect Level Sentiment Analysis for Arabic Language
Aspect Level Sentiment Analysis for Arabic LanguageMido Razaz
 
Hidden sides of Code Review (MMM-2023)
Hidden sides of Code Review (MMM-2023)Hidden sides of Code Review (MMM-2023)
Hidden sides of Code Review (MMM-2023)Dmitrii Ivanov
 
Mind the Semantic Gap
Mind the Semantic GapMind the Semantic Gap
Mind the Semantic GapPanos Alexopoulos
 
Opinion Mining
Opinion MiningOpinion Mining
Opinion MiningShital Kat
 
Iulia Pasov, Sixt. Trends in sentiment analysis. The entire history from rule...
Iulia Pasov, Sixt. Trends in sentiment analysis. The entire history from rule...Iulia Pasov, Sixt. Trends in sentiment analysis. The entire history from rule...
Iulia Pasov, Sixt. Trends in sentiment analysis. The entire history from rule...IT Arena
 

Recommended

2106 ACM DIS
2106 ACM DIS2106 ACM DIS
2106 ACM DISWarNik Chow
 
2104 Talk @SSU
2104 Talk @SSU2104 Talk @SSU
2104 Talk @SSUWarNik Chow
 
Sumit A
Sumit ASumit A
Sumit AHilary Ip
 
Aspect Level Sentiment Analysis for Arabic Language
Aspect Level Sentiment Analysis for Arabic LanguageAspect Level Sentiment Analysis for Arabic Language
Aspect Level Sentiment Analysis for Arabic LanguageMido Razaz
 
Hidden sides of Code Review (MMM-2023)
Hidden sides of Code Review (MMM-2023)Hidden sides of Code Review (MMM-2023)
Hidden sides of Code Review (MMM-2023)Dmitrii Ivanov
 
Mind the Semantic Gap
Mind the Semantic GapMind the Semantic Gap
Mind the Semantic GapPanos Alexopoulos
 
Opinion Mining
Opinion MiningOpinion Mining
Opinion MiningShital Kat
 
Iulia Pasov, Sixt. Trends in sentiment analysis. The entire history from rule...
Iulia Pasov, Sixt. Trends in sentiment analysis. The entire history from rule...Iulia Pasov, Sixt. Trends in sentiment analysis. The entire history from rule...
Iulia Pasov, Sixt. Trends in sentiment analysis. The entire history from rule...IT Arena
 
Software Design
Software DesignSoftware Design
Software DesignAhmed Misbah
 
Hidden sides of Code Review (Do-iOS)
Hidden sides of Code Review (Do-iOS)Hidden sides of Code Review (Do-iOS)
Hidden sides of Code Review (Do-iOS)Dmitrii Ivanov
 
Keep It Simple - presentation at ASTC October 2018
Keep It Simple - presentation at ASTC October 2018Keep It Simple - presentation at ASTC October 2018
Keep It Simple - presentation at ASTC October 2018Kirsty Taylor, CLPM
 
Technical+Writing+Introduction+PowerPoint.ppt+2223_1_(1).ppt
Technical+Writing+Introduction+PowerPoint.ppt+2223_1_(1).pptTechnical+Writing+Introduction+PowerPoint.ppt+2223_1_(1).ppt
Technical+Writing+Introduction+PowerPoint.ppt+2223_1_(1).pptGeetanjali Mishra
 
How to build a winning Data Science resume
How to build a winning Data Science resumeHow to build a winning Data Science resume
How to build a winning Data Science resumeBrian Spiering
 
Role of compliance in security audits
Role of compliance in security auditsRole of compliance in security audits
Role of compliance in security auditsn|u - The Open Security Community
 
SOFLUX Meetup - Landing on your dream job
SOFLUX Meetup - Landing on your dream jobSOFLUX Meetup - Landing on your dream job
SOFLUX Meetup - Landing on your dream jobMarta Guerra
 
principles of effective writing
principles of effective writingprinciples of effective writing
principles of effective writingDr Pooja Raj Srivastava
 
Tutorial on Opinion Mining and Sentiment Analysis
Tutorial on Opinion Mining and Sentiment AnalysisTutorial on Opinion Mining and Sentiment Analysis
Tutorial on Opinion Mining and Sentiment AnalysisYun Hao
 
Braun, Clarke & Hayfield Thematic Analysis Part 3
Braun, Clarke & Hayfield Thematic Analysis Part 3Braun, Clarke & Hayfield Thematic Analysis Part 3
Braun, Clarke & Hayfield Thematic Analysis Part 3Victoria Clarke
 
AI-SDV 2022: Embedding-based Search Vs. Relevancy Search: comparing the new w...
AI-SDV 2022: Embedding-based Search Vs. Relevancy Search: comparing the new w...AI-SDV 2022: Embedding-based Search Vs. Relevancy Search: comparing the new w...
AI-SDV 2022: Embedding-based Search Vs. Relevancy Search: comparing the new w...Dr. Haxel Consult
 
How to Implement Domain Driven Design in Real Life SDLC
How to Implement Domain Driven Design in Real Life SDLCHow to Implement Domain Driven Design in Real Life SDLC
How to Implement Domain Driven Design in Real Life SDLCAbdul Karim
 
Copywriting 101 - Delucchi Plus
Copywriting 101 - Delucchi PlusCopywriting 101 - Delucchi Plus
Copywriting 101 - Delucchi Plusdelucchiplus
 
2007 Writing Presentation given as guest lecturer, George Mason University
2007 Writing Presentation given as guest lecturer, George Mason University2007 Writing Presentation given as guest lecturer, George Mason University
2007 Writing Presentation given as guest lecturer, George Mason UniversityStephen Bates
 
Prototyping Accessibility - WordCamp Europe 2018
Prototyping Accessibility - WordCamp Europe 2018Prototyping Accessibility - WordCamp Europe 2018
Prototyping Accessibility - WordCamp Europe 2018Adrian Roselli
 
Code Quality Makes Your Job Easier
Code Quality Makes Your Job EasierCode Quality Makes Your Job Easier
Code Quality Makes Your Job EasierTonya Mork
 
Academic Writing and Error
Academic Writing and ErrorAcademic Writing and Error
Academic Writing and ErrorDrAmitPurushottam
 
Sld-Natural-Language-Processing-for-large-volumes-of-human-text-data-Sozzi-Br...
Sld-Natural-Language-Processing-for-large-volumes-of-human-text-data-Sozzi-Br...Sld-Natural-Language-Processing-for-large-volumes-of-human-text-data-Sozzi-Br...
Sld-Natural-Language-Processing-for-large-volumes-of-human-text-data-Sozzi-Br...hajinouha0
 
Content Academy - The art of self-proofing.pptx
Content Academy - The art of self-proofing.pptxContent Academy - The art of self-proofing.pptx
Content Academy - The art of self-proofing.pptxMattScott93
 
Effective powerpoint presentation
Effective powerpoint presentationEffective powerpoint presentation
Effective powerpoint presentationfeueacmrq
 
Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)n|u - The Open Security Community
 
Osint primer
Osint primerOsint primer
Osint primern|u - The Open Security Community
 

More Related Content

Similar to Effective Cyber Security Report Writing

Hidden sides of Code Review (Do-iOS)
Hidden sides of Code Review (Do-iOS)Hidden sides of Code Review (Do-iOS)
Hidden sides of Code Review (Do-iOS)Dmitrii Ivanov
 
Keep It Simple - presentation at ASTC October 2018
Keep It Simple - presentation at ASTC October 2018Keep It Simple - presentation at ASTC October 2018
Keep It Simple - presentation at ASTC October 2018Kirsty Taylor, CLPM
 
Technical+Writing+Introduction+PowerPoint.ppt+2223_1_(1).ppt
Technical+Writing+Introduction+PowerPoint.ppt+2223_1_(1).pptTechnical+Writing+Introduction+PowerPoint.ppt+2223_1_(1).ppt
Technical+Writing+Introduction+PowerPoint.ppt+2223_1_(1).pptGeetanjali Mishra
 
How to build a winning Data Science resume
How to build a winning Data Science resumeHow to build a winning Data Science resume
How to build a winning Data Science resumeBrian Spiering
 
SOFLUX Meetup - Landing on your dream job
SOFLUX Meetup - Landing on your dream jobSOFLUX Meetup - Landing on your dream job
SOFLUX Meetup - Landing on your dream jobMarta Guerra
 
Tutorial on Opinion Mining and Sentiment Analysis
Tutorial on Opinion Mining and Sentiment AnalysisTutorial on Opinion Mining and Sentiment Analysis
Tutorial on Opinion Mining and Sentiment AnalysisYun Hao
 
Braun, Clarke & Hayfield Thematic Analysis Part 3
Braun, Clarke & Hayfield Thematic Analysis Part 3Braun, Clarke & Hayfield Thematic Analysis Part 3
Braun, Clarke & Hayfield Thematic Analysis Part 3Victoria Clarke
 
AI-SDV 2022: Embedding-based Search Vs. Relevancy Search: comparing the new w...
AI-SDV 2022: Embedding-based Search Vs. Relevancy Search: comparing the new w...AI-SDV 2022: Embedding-based Search Vs. Relevancy Search: comparing the new w...
AI-SDV 2022: Embedding-based Search Vs. Relevancy Search: comparing the new w...Dr. Haxel Consult
 
How to Implement Domain Driven Design in Real Life SDLC
How to Implement Domain Driven Design in Real Life SDLCHow to Implement Domain Driven Design in Real Life SDLC
How to Implement Domain Driven Design in Real Life SDLCAbdul Karim
 
Copywriting 101 - Delucchi Plus
Copywriting 101 - Delucchi PlusCopywriting 101 - Delucchi Plus
Copywriting 101 - Delucchi Plusdelucchiplus
 
2007 Writing Presentation given as guest lecturer, George Mason University
2007 Writing Presentation given as guest lecturer, George Mason University2007 Writing Presentation given as guest lecturer, George Mason University
2007 Writing Presentation given as guest lecturer, George Mason UniversityStephen Bates
 
Prototyping Accessibility - WordCamp Europe 2018
Prototyping Accessibility - WordCamp Europe 2018Prototyping Accessibility - WordCamp Europe 2018
Prototyping Accessibility - WordCamp Europe 2018Adrian Roselli
 
Code Quality Makes Your Job Easier
Code Quality Makes Your Job EasierCode Quality Makes Your Job Easier
Code Quality Makes Your Job EasierTonya Mork
 
Sld-Natural-Language-Processing-for-large-volumes-of-human-text-data-Sozzi-Br...
Sld-Natural-Language-Processing-for-large-volumes-of-human-text-data-Sozzi-Br...Sld-Natural-Language-Processing-for-large-volumes-of-human-text-data-Sozzi-Br...
Sld-Natural-Language-Processing-for-large-volumes-of-human-text-data-Sozzi-Br...hajinouha0
 
Content Academy - The art of self-proofing.pptx
Content Academy - The art of self-proofing.pptxContent Academy - The art of self-proofing.pptx
Content Academy - The art of self-proofing.pptxMattScott93
 
Effective powerpoint presentation
Effective powerpoint presentationEffective powerpoint presentation
Effective powerpoint presentationfeueacmrq
 

Similar to Effective Cyber Security Report Writing (20)

Software Design
Software DesignSoftware Design
Software Design
 
Hidden sides of Code Review (Do-iOS)
Hidden sides of Code Review (Do-iOS)Hidden sides of Code Review (Do-iOS)
Hidden sides of Code Review (Do-iOS)
 
Keep It Simple - presentation at ASTC October 2018
Keep It Simple - presentation at ASTC October 2018Keep It Simple - presentation at ASTC October 2018
Keep It Simple - presentation at ASTC October 2018
 
Technical+Writing+Introduction+PowerPoint.ppt+2223_1_(1).ppt
Technical+Writing+Introduction+PowerPoint.ppt+2223_1_(1).pptTechnical+Writing+Introduction+PowerPoint.ppt+2223_1_(1).ppt
Technical+Writing+Introduction+PowerPoint.ppt+2223_1_(1).ppt
 
How to build a winning Data Science resume
How to build a winning Data Science resumeHow to build a winning Data Science resume
How to build a winning Data Science resume
 
Role of compliance in security audits
Role of compliance in security auditsRole of compliance in security audits
Role of compliance in security audits
 
SOFLUX Meetup - Landing on your dream job
SOFLUX Meetup - Landing on your dream jobSOFLUX Meetup - Landing on your dream job
SOFLUX Meetup - Landing on your dream job
 
principles of effective writing
principles of effective writingprinciples of effective writing
principles of effective writing
 
Tutorial on Opinion Mining and Sentiment Analysis
Tutorial on Opinion Mining and Sentiment AnalysisTutorial on Opinion Mining and Sentiment Analysis
Tutorial on Opinion Mining and Sentiment Analysis
 
Braun, Clarke & Hayfield Thematic Analysis Part 3
Braun, Clarke & Hayfield Thematic Analysis Part 3Braun, Clarke & Hayfield Thematic Analysis Part 3
Braun, Clarke & Hayfield Thematic Analysis Part 3
 
AI-SDV 2022: Embedding-based Search Vs. Relevancy Search: comparing the new w...
AI-SDV 2022: Embedding-based Search Vs. Relevancy Search: comparing the new w...AI-SDV 2022: Embedding-based Search Vs. Relevancy Search: comparing the new w...
AI-SDV 2022: Embedding-based Search Vs. Relevancy Search: comparing the new w...
 
How to Implement Domain Driven Design in Real Life SDLC
How to Implement Domain Driven Design in Real Life SDLCHow to Implement Domain Driven Design in Real Life SDLC
How to Implement Domain Driven Design in Real Life SDLC
 
Copywriting 101 - Delucchi Plus
Copywriting 101 - Delucchi PlusCopywriting 101 - Delucchi Plus
Copywriting 101 - Delucchi Plus
 
2007 Writing Presentation given as guest lecturer, George Mason University
2007 Writing Presentation given as guest lecturer, George Mason University2007 Writing Presentation given as guest lecturer, George Mason University
2007 Writing Presentation given as guest lecturer, George Mason University
 
Prototyping Accessibility - WordCamp Europe 2018
Prototyping Accessibility - WordCamp Europe 2018Prototyping Accessibility - WordCamp Europe 2018
Prototyping Accessibility - WordCamp Europe 2018
 
Code Quality Makes Your Job Easier
Code Quality Makes Your Job EasierCode Quality Makes Your Job Easier
Code Quality Makes Your Job Easier
 
Academic Writing and Error
Academic Writing and ErrorAcademic Writing and Error
Academic Writing and Error
 
Sld-Natural-Language-Processing-for-large-volumes-of-human-text-data-Sozzi-Br...
Sld-Natural-Language-Processing-for-large-volumes-of-human-text-data-Sozzi-Br...Sld-Natural-Language-Processing-for-large-volumes-of-human-text-data-Sozzi-Br...
Sld-Natural-Language-Processing-for-large-volumes-of-human-text-data-Sozzi-Br...
 
Content Academy - The art of self-proofing.pptx
Content Academy - The art of self-proofing.pptxContent Academy - The art of self-proofing.pptx
Content Academy - The art of self-proofing.pptx
 
Effective powerpoint presentation
Effective powerpoint presentationEffective powerpoint presentation
Effective powerpoint presentation
 

More from n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

More from n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Recently uploaded

Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 

Recently uploaded (20)

Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 

Effective Cyber Security Report Writing

  • 2. whoami? Ashwini Varadkar Sr. Security Analyst 5. 6 years of Experience in Cyber Security Avid Reader Kathak Professional Special Love Towards Reporting :p
  • 3. What is a Report? “Report” is derived from the Latin word of “reportare” which means carry back. Re is back and portare means to carry. Represents information in structured format, is short and concise, purposeful, and has audience.
  • 4. Cyber Security and Reports - The Inseparables • SOC • Assessment • DFIR • GRC
  • 5. The Reality Check! As to how did we realize that there is a gap that needs to be addressed? • Leader/Reviewer/Project Manager • Other way: • Client report rejection • Social media posts • Not talked about a lot
  • 6. Need for Effective Writing Reputation Consulting
  • 7. Common Mistakes COMMUNICATING SOMEONE ELSE’S OUTPUT VAGUE SENTENCES IMAGE RELATED ISSUES
  • 8. Common Concerns • Unable to lead people through the content in a structured way. They should get the information that they want quickly and easily. • Confusion often arises about the writing style, what to include, the language to use, the length of the document and other factors.
  • 9. What is Effective? :/ Rules Concept
  • 10. Formal Writings • What all comes under the umbrella of formal writing? • Academic research papers • Business presentations, • Emails and memorandums • Business reports for conveying information • and other types of official correspondence.
  • 11. Contractions • Avoid using contracted words. E.g.: oShould + not = Shouldn’t oWill + not = Won’t oAre + not = Aren’t oIs + not = Isn’t
  • 12. Stay Active • Active voices – Sentences that are direct and concise. E.g. o Passive voice – An instance of XSS was observed by the analyst. o Active voice – The analyst observed an XSS instance. o Passive voice – Instructions will be given to you by the assessor. o Active voice – The assessor will give you instructions.
  • 13. Capitalization in Titles • Thumb Rule: o Capitalize the important words in the title o E.g – Weak Password Policy in Use o E.g – Cross-Site Request Forgery (CSRF) • So which words are usually written in lowercase when creating headlines and titles? o Articles (a, an, the) o Coordinating Conjunctions (and, but, for) o Short (less than 5 letters) Prepositions (at, by, from) Consistency is the KEY
  • 14. • Lower Case Titles o E.g – Weak password policy in use o E.g – Cross-site request forgery (CSRF) • Same rule applies to the image captions (these are nothing but short titles).
  • 15. Capitalization in Sentences • Avoid random capitalization of letters in sentences. oE.g: URL's should not contain any Sensitive Information, for example, a session Token, as the information is often logged at various locations. oSimply: URL's should not contain any sensitive information, for example, a session token, as the information is often logged at various locations. • Capitalize proper nouns (names, countries, cities) such as the below sentence. oE.g: xyzOrg discovered multiple instances of weak physical security in SampleOrganization’s Chicago data centre.
  • 16. Software Name • It is JavaScript (abbreviated as JS) and not Javascript • jQuery and not Jquery or JQuery • Clickjacking and not ClickJacking Simply check the tool/service/software name on their official websites! This also applies to attack names. • EternalBlue • POODLE Consistency is the KEY
  • 17. Highlights and Emphasis • Make relevant highlights. • Use single or double quotes to stress on a word. Ensure consistency. • Subtitles can be emphasized by using bold (under PoC section, under Remediation). • Observe the template. If XYZ uses single quotes for highlights, continue that in your write up too. Consistency is the KEY
  • 18. Images • General points: • All images must be aligned in one specific way. • Relevant masking must be done. • Relevant highlights must be made. • Image should be clear. Consistency is the KEY
  • 19. Conclusion • Note the points discussed here • Write • Write down the points • Frame sentence around it • Ask for help • Share the responsibilities • Courses / Apps • Books/Ebooks • Checklist Consistency is the KEY