- My team at Savvis provides security assessments, design, and operational assistance for businesses.
- I'll be teaching malware analysis at SANS conferences in Orlando, San Diego, and on-line.
- Take a look at my IT and security cheat sheets, which I designed to assist in difficult situations.
Information Technology Cheat Sheets
As much as we try to be proactive about information security, IT planning, or project management, we get distracted, or procrastinate. I created these cheat sheets to assist Information Technology professionals in difficult situations.
Analyzing Malicious Documents Cheat Sheet
This cheat sheet outlines tips and tools for reverse-engineering malicious documents, such as Microsoft Office (DOC, XLS, PPT) and Adobe Acrobat (PDF) files.
Security Architecture Cheat Sheet for Internet Applications
This cheat sheet offers tips for the initial design and review of a complex Internet application's security architecture.
Troubleshooting Human Communications
This cheat sheet offers communication tips for technologists, engineers, and information workers.
Security Incident Survey Cheat Sheet for Server Administrators
This cheat sheet captures tips for examining a suspect server to decide whether to escalate for formal incident response.
Initial Security Incident Questionnaire for Responders
This cheat sheet lists the questions the incident handler should consider asking when taking control of a qualified incident.
Network DDoS Incident Response Cheat Sheet
This cheat sheet captures advice for battling a network DDoS attack on your infrastructure.
Reverse-Engineering Cheat Sheet
This cheat sheet presents shortcuts and tips for analyzing malicious software.
Information Security Assessment RFP Cheat Sheet
This cheat sheet offers tips for planning, issuing and reviewing RFPs for information security assessments.
How to Suck at Information Security
This cheat sheet presents common information security mistakes, so you can avoid making them.
Security-Related Cheat Sheets by Other Authors
- x86 Intel Assembly Cheat Sheet by Nick Harbour
- Win32 x86 Assembly Cheat Sheet by Peter Kankowski
- Network Cheat Sheets by Jeremy Stretch
- SQL Injection Prevention Cheat Sheet by OWASP
- XSS (Cross Site Scripting) Prevention Cheat Sheet by OWASP
- TCP/IP and Tcpdump Packet Reference by SANS Institute
- Google Hacking and Defense Cheat Sheet by SANS Institute
- Windows Command Line Cheat Sheet by Ed Skoudis
- Netcat Cheat Sheet by Ed Skoudis
- ASP.NET Security Architecture Cheat Sheet by Alik Levin
- A Directory of IT Cheat Sheets at Whatis?com
- SSL/TLS Protection Cheat Sheet by OWASP
- A Directory of Cheat Sheets for Developers by Tim Church
About the Author: Lenny Zeltser leads the security consulting practice at Savvis. His team provides security assessments, design, and operational assistance for business-critical IT infrastructure. Lenny also teaches malware analysis at SANS Institute, explores security topics at conferences and in articles, and volunteers as an incident handler at the Internet Storm Center.
Copyright © 1995-2010 Lenny Zeltser. All rights reserved. RSS Feed.