Presentation on how to chat with PDF using ChatGPT code interpreter
Cyber security measurement capabilities
1. Cyber Security
Measurement and Capabilities
Eng. Muhammad Alduriweesh (Cyber Security Consultant)
M_al_duriweesh@Hotmail.com
Mob: +966 505 970 841
2. Cyber Security Measurement and Capabilities
Level - 0: (Easy Target) No security
Security Control Description
System, Network and
Application administrations.
Separation of duties and job description and
responsibility for (System, Network, Database and
Application) administrators.
Security Baseline Security Hardening & check list
End-point protection Anti Viruses
Network Access Control VLANs, Network Segregation, Firewall.
System Access Control Identity and access privileges management
3. Cyber Security Measurement and Capabilities
Level - 0: (Easy Target) No security
0 20 40 60 80 100 120
System Access Control
Network Access Control
End-point protection
Security Baseline
System, Network and Application…
System Access
Control
Network
Access Control
End-point
protection
Security
Baseline
System,
Network and
Application
administration.
Capabilities 0 0 0 0
Target 100 100 100 100 100
Capabilities Target
4. Cyber Security Measurement and Capabilities
Level - 1: (Challenging Target ) Basic Security
Security Control Description
Internet protection Proxy, DNS and URL filters.
Next Generation Firewall deep-packet inspection (App-id , user-id…)
Advanced End-point protection Device and Application control.
IDS / IPS inappropriate, incorrect, anomalous or behavioural
activity.
WAF Web application security layer.
Secure Mail gateway SPAM filter, malware detection, policy and rules
based, attachment control, DLP and encryption)
LOGs management / SEIM Logging , monitoring and reporting.
Security Assessment Vulnerability Assessment and management.
5. Cyber Security Measurement and Capabilities
0 20 40 60 80 100 120
Security Assessment
LOGs management
Secure Mail Gateway
WAF
IDS/IPS
Advanced End-point protection
Next Generation Firewall
Internet Protection
Security
Assessme
nt
LOGs
managem
ent
Secure
Mail
Gateway
WAF IDS/IPS
Advanced
End-point
protectio
n
Next
Generati
on
Firewall
Internet
Protectio
n
Capabilities 0 0 0 0 0 0 0 0
Target 100 100 100 100 100 100 100 100
Capabilities Target
Level - 1: (Challenging Target ) Basic Security
6. Cyber Security Measurement and Capabilities
Level - 2: (Advanced Security)
Security Control Description
GRC ( Governance, risk management, and compliance.)
APT Detection Detecting Remote Access Trojans, Suspect
communications, Attack behaviors, Malicious
content,• Zero-day and known malware,C&C
communication,RATs
Incident Response and Handling Incident Response Policy, Process and procedures.
Malware Analysis and Revers
Engineering.
Deeply Malware Analysis and Revers Engineering.
Digital forensics Tools, procedures, Legal issues.
Penetration Testing (White box pen test for new releases, Grey box pen
test for specific services and Black box pen test for
all services once per year minimum)
10. Cyber Security Measurement and Capabilities
please feel free to contact me if you
have any questions
• Eng. Muhammad Alduriweesh (Cyber Security Consultant)
• M_al_duriweesh@Hotmail.com
• Mob: +966 505 970 841