Security Engineering Overview
Security engineering is the strategic application of Defense-in-Depth (DiD) technologies and best practices in an effort to reduce the potential for Institutional compromise from internal and external threats that might act against the organization. Security engineers either directly design a strategic DiD, or operate as a trusted adviser for technology experts, consulting on items such as firewall techniques and strategies, antivirus and anti-malware implementations, server hardening, incident forensics and more.
This section of the website's content is very technical in nature and not targeted for traditional home users. Rather the content should be educational and applicable for network and system engineers, database administrators, 2nd tier tech support, and the like. Because of the sheer volume of content in this realm, the Security Engineering section is divided into three categories.
These are the categorical threats that can attack our Institution at any time. Merriam-Webster defines 'bestiary' as "a medieval allegorical or moralizing work on the appearance and habits of real or imaginary animals". Here you will find information regarding various breeds of malware, cyber-criminal, natural and man-made threats and more.
Bulwarks are "something that provides protection for or against something". This section contains information regarding antivirus software, firewalls, best practices for dealing with social engineering, and more.
Let's get offensive! In some cases, the best defense is a good offense. To be clear,
it is never acceptable to commit any type of cyber crime. However you may use the
same tools and techniques cyber criminals use to analyze and test your organization's
Defense-in-Depth layers, to analyze zero-day threats and advanced persistent threats
that may be invading your network.