Decluttering the Toolset – Part 1
In the previous chapter, we discussed trying to make sense of the certification...
In the previous chapter, we discussed trying to make sense of the certification...
This chapter was originally going to be a lab/exercise-heavy chapter that allowed you to explore various tools that can be used and deployed within the enterprise but still be accessible in the home lab. Well, the labs ended up creating a chapter that was over 200 pages in length and consisted of pictures and step-by-step instructions. This caused the editors to have a mild heart attack. All kidding aside, these labs are still a critical part of this chapter. With that in mind and understanding the need to have them available, Packt has made them available at the following GitHub link: https://github.com/PacktPublishing/Cybersecurity-Architects-Handbook.
The labs associated with this chapter include the following labs and exercises:
Selecting the right tools is fundamental to building an effective cybersecurity architecture. With the overwhelming array of solutions on the market, architects must thoughtfully curate a toolkit tailored to their organization’s specific risks, constraints, and use cases.
Rather than reactively adopting every new technology, discerning professionals take a systematic approach based on established frameworks such as NIST or MITRE ATT&CK. This provides a stable taxonomy for evaluating tools by common categories and security functions.
The following sections will explore major classes of security tools, providing examples and analyzing their purpose within a defense-in-depth toolkit. While not exhaustive, these categories encompass core solutions for threat detection, prevention, and response. In addition, the various labs and exercises associated with each tool set vary in complexity, from basic to more advanced, but all of them should be...
This chapter explored strategies for thoughtfully assembling a cybersecurity architecture toolkit by evaluating solutions to find the optimal fit. It emphasized understanding unique organizational vulnerabilities and risks first, then matching appropriate defenses accordingly.
This chapter covered several major classes of security tools: