benchmark (cybersecurity)
0001-01-01
A benchmark in the context of cybersecurity is a set of best practices that organizations can use to measure and enhance their security performance.
Benchmarking is a continuous, iterative process. Generally it will look something like this:
Establish a baseline
Apply changes
Track improvements, comparing the performance of a change against previous data.
Identify additional areas of improvement
Repeat
Linux Persistence: Modular Software
2025-04-17 DFIR CTF persistence linux persistence apache asterisk
Linux Persistence: Web Shells
2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP
Linux Persistence: Rootkits
2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking
Defanging Linux LKM Rootkits With cleanup_module()
2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit