Standards & frameworks

Structure, prioritization and clean implementation.

• NIST Cybersecurity Framework (CSF)
  Framework für Cybersecurity-Programme.
• NIST SP 800-53 (Security & Privacy Controls)
  Kontrollkatalog: Controls systematisch planen.
• NIST SP 800-30 (Risk Assessments)
  Risikoanalyse: Impact & Wahrscheinlichkeit sauber bewerten.
• NIST SP 800-61 (Incident Response)
  IR-Lifecycle & Playbooks.
• CIS Critical Security Controls
  Priorisierte Basis-Controls (sehr KMU-tauglich).
• CIS Benchmarks
  Hardening-Baselines für OS/Apps.
• BSI (IT-Grundschutz)
  German Referenz für Grundschutz/Methodik.
• OWASP ASVS
  Prüfstandard für Web-Apps (defensiv).

Advisories & vulnerability tracking

Primary sources for CVEs, patches and advisories.

• NVD (NIST) – Vulnerability Search
  CVE-Recherche inkl. CVSS & Referenzen.
• CVE Program (MITRE)
  CVE-Identifikatoren & Programmübersicht.
• MITRE CWE
  Schwachstellenklassen (Root Cause verstehen).
• GitHub Security Advisories
  Advisories und Abhängigkeiten (Supply Chain).
• Microsoft Security Update Guide (MSRC)
  Patches & CVEs für Microsoft Produkte.
• Apple Security Updates
  Security Notes für macOS/iOS/iPadOS.
• Ubuntu Security Notices (USN)
  Ubuntu Advisories & Fixes.
• Debian Security Advisories (DSA)
  Debian Security Updates & Advisories.
• Red Hat CVE Database
  CVE-Infos & Errata (RHEL/Produkte).

Threat intelligence & situational awareness

Overview of what’s happening — without exploit how-tos.

• CISA – Known Exploited Vulnerabilities (KEV)
  Liste aktiv ausgenutzter Schwachstellen (Priorisierung!).
• CISA Cybersecurity Alerts & Advisories
  Advisories & technische Hinweise.
• CERT-Bund (BSI) – Warnungen & Informationen
  German Lageinfos/Warnungen.
• ENISA – Threat Landscape
  EU-Überblick zu Threats & Trends.
• MITRE ATT&CK
  TTP-Referenz für Detection/Response (defensiv).
• MITRE D3FEND
  Defensive Countermeasures als Wissensgraph.
• Spamhaus Project
  Blocklists/Threat-Intel rund um Spam/Malware.
• Cloudflare Radar
  Internet-Trends & Angriffs-Übersichten.

Hardening & secure config guides

Configs, baselines, checks.

• Microsoft Security Baselines
  Windows Baselines (GPO/Settings als Referenz).
• Mozilla Observatory
  HTTP Security Header Checks.
• Qualys SSL Labs
  TLS/HTTPS-Analyse (Serverkonfiguration).
• OpenSSF Best Practices
  Open-Source Security / Supply-Chain Basics.
• Kubernetes CIS Benchmark (Info)
  Wenn du K8s berührst: Baseline-Orientierung.
• Linux Hardening Index (CIS/Docs)
  Startpunkt für Linux Baselines (CIS).
• Windows Event Logging Guidance
  Audit/Logging-Basics (Windows).

Incident response, playbooks & blue team

Processes, playbooks, detection.

• NIST SP 800-61
  Incident Response Guide (Phasen, Rollen, Lessons Learned).
• SANS Incident Handler’s Handbook (Index)
  SANS Whitepapers (IR & Blue-Team Themen).
• FIRST CSIRT Services Framework
  CSIRT-Services strukturieren.
• Sigma Rules (GitHub)
  Detections als generisches Regel-Format (SIEM).
• MITRE Caldera (Training)
  Emulation/Training – für Detection-Validierung (kontrolliert).
• Elastic Security Docs
  Detection/Response-Doku (wenn du Elastic nutzt).

Email & DNS security

High-impact basics: SPF/DKIM/DMARC & DNS hygiene.

• DMARC.org
  DMARC Grundlagen & Links.
• OpenDMARC
  Open-Source DMARC tooling.
• MTA-STS (RFC 8461)
  SMTP TLS Policy via DNS/HTTPS.
• TLS-RPT (RFC 8460)
  Reports für TLS-Probleme im Mailverkehr.
• SPF (RFC 7208)
  Sender Policy Framework.
• DKIM (RFC 6376)
  DomainKeys Identified Mail.
• DNSChecker – DMARC Validation
  DMARC Record schnell prüfen.
• MXToolbox (Checks)
  Mail/DNS Checks (SPF/DKIM/Blacklist).

Privacy, compliance & orientation

Important for SMBs: understand the basics without drowning in paperwork.

• BSI – IT-Sicherheit in der Wirtschaft
  KMU-orientierte Empfehlungen.
• EU GDPR (DSGVO) Portal (EUR-Lex)
  Originaltext DSGVO.
• EDPB Guidelines
  Leitlinien zur DSGVO-Auslegung.
• OWASP Top 10
  Top Web-Risiken (Awareness + Controls).

Forensics & log analysis

When you need to collect and understand evidence.

• DFIR Report
  Fallstudien (sehr lehrreich, defensiv).
• Velociraptor (DFIR)
  Endpoint DFIR Tooling.
• KAPE (Kroll)
  Artifact Collection (Windows DFIR).
• Sysmon (Microsoft)
  Windows Telemetrie (für Detection/IR).
• Sigma + Sysmon (SwiftOnSecurity Config)
  Praxisnahe Sysmon Konfiguration.

OSINT & exposure checks (defensive)

What is publicly visible about you/your organization?

• Have I Been Pwned
  Breaches prüfen (Accounts/Emails).
• Shodan
  Internet-Exposure Suche (defensiv prüfen!).
• Censys
  Exposure/Certificates/Hosts Recherche.
• Security.txt (RFC 9116)
  Standard für Responsible Disclosure Kontakt.

Full link list (reference)

If you want EVERYTHING from the link list (including offensive references), use the full view. Exploit/PoC references are hidden by default and can be enabled intentionally.