Provide Information Site

Select Genre All

security_company

convenient_service

vulnerable_site

vulnerability_notification_site

Security Advisary

Education,Training

Cloud Security Posture Management

Information Site Top

->

All

This is a collection of sites about security.
The order is alphabetical.

Show Search Menu

Document

No	Image	Name	URL	Description	Tag
401		Guidelines for Information Security Measures for Small and Medium Enterprises	https://www.ipa.go.jp/security/guide/sme/about.html	The "Guidelines for Information Security Measures for Small and Medium-sized Enterprises" (hereinafter referred to as "the Guidelines") summarizes (1) the guidelines that should be recognized and implemented by the management and (2) the procedures and methods for implementing the measures in the company when taking information security measures. It consists of a management chapter and a practical chapter, and is intended for use by small and medium-sized enterprises (hereinafter referred to as "SMEs"), including sole proprietors and small businesses.Excerpt from [https://www.ipa.go.jp/security/keihatsu/sme/guideline/]sss	Japanese Organization Information Provision Documents
402		10 Major Threats to Information Security 2020	https://www.ipa.go.jp/security/10threats/2020/index.html		Japanese Organization Information Provision Documents
403		Threat Intelligence Implementation and Operation Guidelines	https://www.ipa.go.jp/jinzai/ics/core_human_resource/final_project/2024/f55m8k0000003510-att/f55m8k000000358r.pdf	IPAが公開してくれた2024版の脅威インテリジェンスの資料です。市販の本を買う前に一度読むことをお勧めします。	Japanese Organization Education Information Provision Documents Monitoring Threat Intelligence
404		How to effectively implement vulnerability countermeasures (using tools)	https://www.ipa.go.jp/security/reports/technicalwatch/hjuojm0000006o48-att/000071584.pdf	He explains how to use Vuls to prevent vulnerabilities.sss	Japanese Organization Information Provision Documents
405		Vulnerability Assessor Skill Map Project	https://wiki.owasp.org/index.php/Pentester_Skillmap_Project_JP	The Pentester Skillmap Project (JP) is an initiative by OWASP (Open Web Application Security Project) to provide a comprehensive guide to the skills needed for penetration testers (pentesters). It outlines the core competencies, tools, and techniques required to effectively identify vulnerabilities and secure systems. The skillmap is especially useful for individuals in Japan who are seeking to advance their penetration testing capabilities and understand the necessary steps for becoming proficient in cybersecurity.sss	Japanese Web Audit Organization Education Pentest Documents
406		金融分野におけるサイバーセキュリティに関するガイドライン　2024/10/4	https://www.fsa.go.jp/news/r5/sonota/20240628-2/17.pdf	金融系システム開発に携わっている技術者は一回は目を通すことをオススメします。	Japanese Organization Documents
407		Standard Textbook for Building High-Reliability Systems - Virtualization and High Availability	https://linuc.org/textbooks/system/	The "High Availability System Construction Standard Textbook – Virtualization and High Availability" is a guide designed to help IT professionals learn how to create highly reliable systems using virtualization technologies and high availability practices. It focuses on designing systems that ensure minimal downtime and reliability, covering topics such as server clustering, database redundancy, and the use of virtualization technologies like Xen and KVM. This textbook is useful for those preparing for the LinuC Level 3 certification exam (304).sss	Japanese Qualifications Education Linux/Unix Information Provision Documents

Education,Training

No	Image	Name	URL	Description	Tag
408		Bugcrowd	https://www.bugcrowd.com/	A bug bounty platform where ethical hackers can find and report vulnerabilities in products and services from various companies. Hackers earn rewards for finding and reporting valid security flaws.sss	English Tools Hacking CTF Education
409		CTFtime	https://ctftime.org/	A site dedicated to tracking upcoming CTF competitions around the world. It also includes rankings and scores from past events, making it a great resource for discovering new CTF events.sss	English Hacking CTF Education
410		Cyber Security Challenges	https://cybersecuritychallenge.org.uk/	An educational competition and challenge platform aimed at encouraging young people to pursue careers in cybersecurity. It includes a variety of challenges from basic to expert-level.sss	English Hacking CTF Education
411		Hacking the cloud	https://hackingthe.cloud/	AWSなどのCloud環境の攻撃手法をボランティアで纏めているサイトです。防御方法などもこれからは記載していくようです。	English Hacking Education Pentest Information Provision Cloud AWS AZUL GCP
412		HackInTheBox	https://www.hitb.org/	A well-known cybersecurity conference and community platform that includes a variety of events, security talks, and technical challenges. It’s a great place to explore cutting-edge security topics.sss	English Hacking CTF Education
413		hackthebox	https://www.hackthebox.com/	An online platform offering real-world penetration testing challenges and CTF-style tasks. Users can practice hacking skills in a variety of categories like web, cryptography, and reverse engineering.sss	English Hacking CTF Education
414		KENRO	https://flatt.tech/kenro/	This is a platform that enables security learning to take root through online exercises that specialize in hands-on learning.It allows software developers to learn security not only through classroom lectures, but also through actual hands-on experience.sss	Japanese Tools Hacking Education Information Provision
415		OverTheWire	https://overthewire.org/	A collection of beginner-friendly CTF-style challenges designed to teach the fundamentals of hacking and penetration testing. It includes a wide variety of game-like exercises for users to learn and practice their skills.sss	English
416		OverTheWire: Bandit	https://overthewire.org/wargames/bandit/	A beginner-friendly series of challenges that teach fundamental concepts in Linux and security using the Bandit game.sss	English
417		Root Me	https://www.root-me.org/	A platform offering a variety of challenges related to penetration testing, security, and cryptography. Users can practice ethical hacking on real-world simulations of websites and systems.sss	English
418		SANS NetWars	https://www.sans.org/cyber-ranges/	An interactive platform provided by the SANS Institute, offering virtual environments and cybersecurity challenges in areas like incident response, malware analysis, and penetration testing.sss	English
419		Synack	https://www.synack.com/	A cybersecurity company that runs a crowdsourced security testing platform. Synack provides opportunities for ethical hackers to engage in bug bounty programs and vulnerability testing for clients in exchange for rewards.sss	English
420		TryHackMe	https://tryhackme.com/	An interactive cybersecurity learning platform with beginner-friendly to advanced-level challenges. It offers virtual labs and environments to practice different skills in offensive and defensive security.sss	English
421		VulnHub	https://www.vulnhub.com/	A platform offering downloadable vulnerable machines that allow users to practice their penetration testing and hacking skills. Each machine has its own set of challenges designed to teach different aspects of hacking.sss	English
422		Cross-Origin Resource Sharing, CORS	https://developer.mozilla.org/ja/docs/Web/HTTP/Guides/CORS	オリジン間リソース共有 (CORS)についてわかりやすく説明してくれているページです。セキュリティエンジニアやウェブ開発を行うエンジニアは一回読んでおくと、とても勉強になります。	Japanese Education Information Provision

Cloud Security Posture Management

No	Image	Name	URL	Description	Tag
423		Check Point CloudGuard	https://www.checkpoint.com/cloudguard/	Check Point CloudGuard: Provides comprehensive cloud security posture management for multi-cloud environments, offering protection against misconfigurations, threats, and vulnerabilities while maintaining compliance.sss	Japanese Cloud Security
424		Checkov	https://www.checkov.io/	Open-source infrastructure-as-code (IaC) security scanner for Terraform, CloudFormation, etc. Finds misconfigurations and security risks.sss	Japanese Vulnerability Management Cloud Security
425		CrowdStrike	https://www.crowdstrike.com/platform/cloud-security/	CrowdStrike: A cloud-native security platform that delivers advanced threat detection and protection for workloads in the cloud. It focuses on preventing breaches and securing cloud environments with endpoint detection and response (EDR).sss	Japanese Cloud Security
426		Fugue	https://snyk.io/jp/product/	Fugue: A cloud security solution that continuously monitors infrastructure for security risks, compliance violations, and misconfigurations. It offers visibility into cloud infrastructure and automates security enforcement.sss	Japanese Cloud Security
427		KICS	https://kics.io/index.html	Scans Terraform, Kubernetes, CloudFormation, etc. for security vulnerabilities and compliance issues.sss	Japanese Cloud Security
428		Lacework	https://www.lacework.com/	Lacework: A cloud security platform that offers workload security, visibility, and compliance monitoring across cloud services. Lacework helps organizations identify risks, vulnerabilities, and ensure secure configurations.sss	Japanese Cloud Security
429		Orca Security	https://orca.security/platform/cloud-security-posture-management-cspm	Orca Security: A cloud security platform that provides comprehensive protection for workloads across public cloud environments like AWS, Azure, and Google Cloud. It offers continuous visibility and automatic discovery of security risks.sss	Japanese Cloud Security
430		PingSafe	https://jp.sentinelone.com/platform/singularity-cloud-native-security/	PingSafe: A cloud security platform that uses AI-driven threat detection and prevention to protect cloud infrastructure. It focuses on identifying security misconfigurations and vulnerabilities within the cloud environment.sss	Japanese Cloud Security
431		SpectralOps	https://spectralops.io/	Spectral is a developer-first security tool that scans codebases, config files, and secrets to detect leaks and misconfigurations early. It integrates seamlessly into CI/CD pipelines to catch issues before deployment.sss	Japanese Cloud Security
432		terraform	https://developer.hashicorp.com/terraform	Terraform by HashiCorp is an open-source infrastructure-as-code (IaC) software tool that enables users to define, provision, and manage cloud infrastructure using a high-level configuration language. It supports multiple cloud providers, like AWS, Azure, and Google Cloud, and allows for automation, version control, and reproducibility of infrastructure.sss	Japanese Cloud Security Cloud
433		Terrascan	https://runterrascan.io/	Detects compliance and security violations in Terraform code. Supports policy as code (OPA).sss	Japanese Source Code Audit Cloud Security
434		TFLint	https://github.com/terraform-linters/tflint	tool to find syntax errors, unused declarations, deprecated features, and more. Highly customizable with rulesets.sss	Japanese Vulnerability Management Cloud Security
435		tfsec	https://aquasecurity.github.io/tfsec/v1.28.13/	Security scanner focused on Terraform code. Detects insecure configurations using static analysis.sss	Japanese Vulnerability Management Cloud Security Cloud
436		TrendMicro	https://www.trendmicro.com/ja_jp/business.html	A CSPM tool that helps enterprises secure their cloud environments. It focuses on identifying and remediating misconfigurations and compliance issues to ensure cloud security.sss	English Cloud Security
437		Zluri	https://www.zluri.com/blog/cloud-security-posture-management-tools	Zluri: A SaaS management platform with integrated cloud security posture management that helps businesses manage and secure their cloud applications. Zluri offers features to monitor app usage, compliance, and security risks.sss	Japanese Cloud Security
438		Zscaler Posture Control	https://www.zscaler.com/products-and-solutions/data-security-posture-management-dspm	Zscaler Posture Control: A solution that provides continuous monitoring and enforcement of cloud security policies, offering visibility and control to reduce risks and maintain security across cloud services.sss	Japanese Cloud Security
439		Cloudscort	https://www.nuligen.com/service/cloudscort	Cloudscort, originally developed by New Regen Security Corporation, is a SaaS-type cloud security operation support service for web systems and other IT environments built on the cloud. Excerpted from [https://www.nuligen.com/service/cloudscort]sss	Japanese Vulnerability Management Cloud Security Cloud AWS AZUL GCP CSPM（Cloud Security Posture Management）
440		cloudbase	https://cloudbase.ink/	Misconfiguration diagnostic platform in public clouds such as AWS, GCP, Azure, etc. Early detection of risks leading to serious incidents as CSPM for Japanese companies. Excerpt from [https://cloudbase.ink/]sss	Japanese Cloud Security AWS AZUL GCP CSPM（Cloud Security Posture Management）

AI

No	Image	Name	URL	Description	Tag
441		deepseek	https://www.deepseek.com/	DeepSeek is a Chinese AI company known for its efficient large language models. Founded in 2023, it gained attention with DeepSeek-R1, a cost-effective competitor to GPT-4. The company emphasizes open-source AI development.sss	English AI
442		GitHub Copilot	https://github.com/features/copilot	GitHub Copilot: AI-powered code completion tool that suggests code snippets and entire functions, helping developers write code faster and more efficiently.sss	English AI
443		IntelliCode	https://visualstudio.microsoft.com/services/intellicode/	IntelliCode: AI-powered service from Microsoft that provides intelligent code suggestions based on best practices, helping developers write better code.sss	English AI
444		OpenAI	https://openai.com/	OpenAI is an artificial intelligence research and deployment company dedicated to developing advanced AI technologies for the benefit of humanity. It focuses on creating safe and powerful AI models, including language models like ChatGPT, and collaborates with organizations to integrate AI responsibly into various applications.sss	Japanese AI
445		snyk	https://snyk.io/jp/	Snyk: AI-powered security tool for identifying and fixing vulnerabilities in code, dependencies, and infrastructure, ensuring secure coding practices.sss	Japanese AI
446		SonarQube	https://www.sonarsource.com/	SonarQube: Static code analysis tool that detects code quality issues, security vulnerabilities, and bugs, improving code maintainability and security.sss	English AI
447		Tabnine	https://www.tabnine.com/	Tabnine: AI-based code completion tool that offers context-aware suggestions, helping developers code faster and with fewer errors.sss	English AI
448		Turing	https://www.turing.com/	Turing: AI-powered platform that connects companies with remote developers, using AI to match developers with the right skills for job requirements.sss	English AI