TPS Reports

Lets call this a If we use the building metaphor for infosec to talk about the industry   Vulnerabilities  vs weaknesses vs compliance findings  ( need more clear definitions)  Consultations are going to an architect to see if an idea is solid or can be implemented better. Threat modeling is walking and walking through a complete blue print discussing both security best practices, weaknesses in the design, and zoning/safety laws(compliance). White box security testing  is walkthrough and inspection with some gentle use to make sure you were built up to code and no defects popped up because substandard materials got into the build.( Shit happens) Black box security testing or black box penetration testing is asking a security company to assess you like an attacker would.  Vulnerability management would then be regular inspections for mold or wear and tear damage.  Incident response is an emergency repair team that can be called on for many reasons. They can implement quick fixes and cat

I'm more of an auditory learner. At one point I did use to sit down for hours and read but that is no longer the case. Now when I want information I  want it structured as efficiently as possible and in a format that I can pipe to my headphones. I've found some good resources that allow me to convert books to audio and awesome podcasts. Infosec books and coding book are tricky because you need to see the diagrams and output snippets but I tend to lean heavily on youtube for that. I also love the kindle apps reading feature that lets it read books you've bought. That way you get the book and the narration with one purchase. Some audio resources and online youtube classes to supplement your learning include: Podcasts:  https://risky.biz/netcasts/risky-business/ Online classes:  Sam Bowne's  class CNIT 129S: Securing Web Applications https://www.youtube.com/watch?v=s8lS2V5thhY&list=PL7gCgFw1RV1M6vJFX1RPDhgPZbg9qU3ub