Effective Cyber Security Report Writing
0 likes833 views
The document emphasizes the importance of effective report writing in cyber security, outlining common mistakes and key principles for clear communication. It stresses the need for consistency in style, language, and formatting while providing guidelines on writing active sentences and appropriate capitalization. Additionally, it covers the significance of structuring content to facilitate easy understanding for the audience.
Effective Cyber Security Report Writing
- 1. Effective Report Writing Cyber Security
- 2. whoami? Ashwini Varadkar Sr. Security Analyst 5. 6 years of Experience in Cyber Security Avid Reader Kathak Professional Special Love Towards Reporting :p
- 3. What is a Report? “Report” is derived from the Latin word of “reportare” which means carry back. Re is back and portare means to carry. Represents information in structured format, is short and concise, purposeful, and has audience.
- 4. Cyber Security and Reports - The Inseparables • SOC • Assessment • DFIR • GRC
- 5. The Reality Check! As to how did we realize that there is a gap that needs to be addressed? • Leader/Reviewer/Project Manager • Other way: • Client report rejection • Social media posts • Not talked about a lot
- 6. Need for Effective Writing Reputation Consulting
- 7. Common Mistakes COMMUNICATING SOMEONE ELSE’S OUTPUT VAGUE SENTENCES IMAGE RELATED ISSUES
- 8. Common Concerns • Unable to lead people through the content in a structured way. They should get the information that they want quickly and easily. • Confusion often arises about the writing style, what to include, the language to use, the length of the document and other factors.
- 9. What is Effective? :/ Rules Concept
- 10. Formal Writings • What all comes under the umbrella of formal writing? • Academic research papers • Business presentations, • Emails and memorandums • Business reports for conveying information • and other types of official correspondence.
- 11. Contractions • Avoid using contracted words. E.g.: oShould + not = Shouldn’t oWill + not = Won’t oAre + not = Aren’t oIs + not = Isn’t
- 12. Stay Active • Active voices – Sentences that are direct and concise. E.g. o Passive voice – An instance of XSS was observed by the analyst. o Active voice – The analyst observed an XSS instance. o Passive voice – Instructions will be given to you by the assessor. o Active voice – The assessor will give you instructions.
- 13. Capitalization in Titles • Thumb Rule: o Capitalize the important words in the title o E.g – Weak Password Policy in Use o E.g – Cross-Site Request Forgery (CSRF) • So which words are usually written in lowercase when creating headlines and titles? o Articles (a, an, the) o Coordinating Conjunctions (and, but, for) o Short (less than 5 letters) Prepositions (at, by, from) Consistency is the KEY
- 14. • Lower Case Titles o E.g – Weak password policy in use o E.g – Cross-site request forgery (CSRF) • Same rule applies to the image captions (these are nothing but short titles).
- 15. Capitalization in Sentences • Avoid random capitalization of letters in sentences. oE.g: URL's should not contain any Sensitive Information, for example, a session Token, as the information is often logged at various locations. oSimply: URL's should not contain any sensitive information, for example, a session token, as the information is often logged at various locations. • Capitalize proper nouns (names, countries, cities) such as the below sentence. oE.g: xyzOrg discovered multiple instances of weak physical security in SampleOrganization’s Chicago data centre.
- 16. Software Name • It is JavaScript (abbreviated as JS) and not Javascript • jQuery and not Jquery or JQuery • Clickjacking and not ClickJacking Simply check the tool/service/software name on their official websites! This also applies to attack names. • EternalBlue • POODLE Consistency is the KEY
- 17. Highlights and Emphasis • Make relevant highlights. • Use single or double quotes to stress on a word. Ensure consistency. • Subtitles can be emphasized by using bold (under PoC section, under Remediation). • Observe the template. If XYZ uses single quotes for highlights, continue that in your write up too. Consistency is the KEY
- 18. Images • General points: • All images must be aligned in one specific way. • Relevant masking must be done. • Relevant highlights must be made. • Image should be clear. Consistency is the KEY
- 19. Conclusion • Note the points discussed here • Write • Write down the points • Frame sentence around it • Ask for help • Share the responsibilities • Courses / Apps • Books/Ebooks • Checklist Consistency is the KEY
- 20. Thank You J