Vardesyn — Tools & Resources

8 Categories · 48 Links

☁Azure UpdatesLatest platform changes and new service launches 🏗Azure Architecture CenterReference architectures, CAF, and landing zones 🗂Cloud Adoption FrameworkEnd-to-end guidance for Azure adoption at scale ⚖Well-Architected FrameworkReliability, security, cost, performance, ops pillars 💬Microsoft Tech CommunityBlogs, announcements, and expert discussions

🪪Entra ID — What's NewMonthly changelog for the Microsoft Entra platform 🔐Zero Trust Guidance CenterMicrosoft's full ZT deployment guidance and pillars ⚙Graph ExplorerInteractive API testing for M365 and Entra 🧪AADInternalsEntra ID / M365 security research and tooling 🔔MSRC Security Update GuideMicrosoft's authoritative CVE and patch release tracker

🗺MITRE ATT&CKAdversary tactics, techniques, and procedures matrix ⚠CISA KEV CatalogKnown exploited vulnerabilities — patch priority list 📋NVD / NIST CVE DatabaseAuthoritative vulnerability scoring and details 🧬VirusTotalMulti-engine file, URL, and hash analysis 📡LevelBlue / AlienVault OTXOpen threat exchange — IOCs, pulses, and threat feeds 💣Zero Day Initiative — UpcomingDisclosed but unpatched vulnerabilities with countdown timers 🌫GreyNoise VisualizerInternet background noise vs. targeted attack traffic

🕷PortSwigger Web AcademyFree web app security labs — SQLi, XSS, OAuth, SSRF 📦Hack The BoxHands-on labs, machines, and CTF challenges 🎮TryHackMeGuided learning paths for red and blue team skills 🪴LOLBAS ProjectLiving off the land binaries, scripts, and libraries 🔬Snyk Security DatabaseOpen source and container vulnerability intelligence

📐NIST CSF 2.0Identify, protect, detect, respond, recover, govern 🏅ISO/IEC 27001:2022Information security management systems standard 📏CIS BenchmarksHardening guides for OS, cloud, and applications 📊COBITIT governance and management framework by ISACA ☁CSA Cloud Controls Matrix v4Cloud-specific security controls and compliance mapping 🔍NCSC Cyber Assessment FrameworkUK government CAF for critical national infrastructure 🔟OWASP Top 10The ten most critical web application security risks 🏛Microsoft Compliance OfferingsISO, SOC, GDPR, FedRAMP, and more

🇺🇸CISA AdvisoriesUS cybersecurity advisories, alerts, and threat notices 🇬🇧NCSC UKUK national cyber security centre — advisories and guidance 🇪🇺ENISAEU Agency for Cybersecurity — policy, threat landscape, and reports 🇩🇪BSI — Federal Office for Information SecurityGerman national cybersecurity authority — standards and advisories 🇳🇿NCSC New ZealandNZ national cyber security centre alerts and notifications 🛡NATO Cyber DefenceAlliance-level cyber defence posture, policy, and capabilities

📕Verizon DBIRData Breach Investigations Report — the industry gold standard 📗Google Mandiant M-TrendsFrontline incident response insights and adversary trends 📘CrowdStrike Global Threat ReportNation-state actor activity, eCrime trends, and breakout times 📙Unit 42 Global IR ReportPalo Alto's incident response findings and attacker TTPs 🕵Red Canary Threat Detection ReportTop techniques observed across managed detection environments 🌍ENISA Threat LandscapeEU threat landscape overview covering major threat actors and trends ☁Google Cloud Threat HorizonsBi-annual cloud-focused threat intelligence from Google

📬MXToolboxMX, SPF, DKIM, DMARC, blacklist, and DNS diagnostics 🔭Censys SearchInternet-wide host and certificate enumeration and OSINT 🌐DomainTools WHOISDomain ownership, registration history, and reverse lookups ⛏Dig Web InterfaceBrowser-based DNS query tool with propagation checking 🌫GreyNoise VisualizerClassify internet scanners — separate noise from real threats

? shortcuts