The Core

There are simple truths that remain since the beginning of time. These apply to all the domains of security and help build the core of a good program. Whether you are using this to defend your environment or to build a successful attack, these core guidelines remain something worth putting the effort into building.

ESTABLISH BASELINES

Understand what your environment looks like, what the normal is, and work towards getting a solid foundational control collection.

LOOK FOR ANOMALIES

Constantly detect things deviating from the norm, paying attention to subtle changes that may indicate malicious action or systemic issues.

HAVE A PLAN

Know what to do when something goes wrong, even when it’s an unknown, have a standard operating procedure that helps initiate action.

Note: This is part of The Laws Of Security website.