Repository navigation
security-architecture
- Website
- Wikipedia
How to systematically secure anything: a repository about security engineering
《数据安全架构设计与实战》:本书系统性地介绍数据安全架构的设计与实践,融入了作者多年在安全领域积累的实践经验。全书分四大部分,共20章。 第一部分介绍安全架构的基础知识,内容包括安全、数据安全、安全架构、5A方法论、CIA等基本概念,为后续论述奠定基础。 第二部分介绍产品安全架构,内容包括:身份认证、授权、访问控制、审计、资产保护等,讲解如何从源头设计来保障数据安全和隐私安全,防患于未然。 第三部分介绍安全技术体系架构,内容包括:安全技术架构、网络和通信层安全架构、设备和主机层安全架构、应用和数据层安全架构、安全架构案例分析等。 第四部分介绍数据安全与隐私保护治理,内容包括:数据安全治理、数据安全政策文件体系、隐私保护基础与增强技术、GRC治理框架、数据安全与隐私保护的统一等。
Your internal mediocrity is the moment when you lost the faith of being excellent. Just do it.
Hack23 Public Information Security Management System:Security Through Transparency and Open Documentation Demonstrating Security Excellence Through Public ISMS Disclosure
A walkthrough of security controls for a serverless architecture via a demo application
Notes and practice exam analysis I completed when preparing for my CompTIA Security+ exam
An attempt at creating a unifying Threat Model Definition Language using a declarative syntax with cuelang
Common (and Advanced) Information Security Questions. Questions you should know the answer to for your information security career.
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about The Open Group Architecture Framework (TOGAF) in Cybersecurity.
Excalidraw library for threat modeling diagrams
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Security Assurance in Cybersecurity
Medusa is a package that improves the overall security of the Linux OS by extending the standard Linux (Unix) security architecture while preserving backward compatibility.
ASTRA (Architecture and Security Threat Review and Analysis) is a collaborative, business-driven methodology for security architecture review and threat modeling. NOT an audit.
Security implementation guides covering modern security practices, authentication, authorization, and compliance frameworks
A conceptual architecture designed to make file-based malware attacks fundamentally impossible
Dragon1 is an Enterprise Architecture Software Tool to design, analyze and generate maps, diagrams, visualizations with views, reports and animated scenarios (data driven) - UML, BPMN, ArchiMate, TOGAF and BizBok supported. https://www.dragon1.com
Threat model and security analysis for STEVAL-SENSORTILEBOX product from ST Microelectronics
Repository containing best practices for securing cloud architectures using SCPs and OPCs, with sample policies and implementation scripts to enforce a holistic security posture
This projects brings the MontiSecArc language to the popular IntelliJ IDE. The plugin provides a deep integration of secure architecture files into the IDE. Allowing the fast creation of secure architectures and an plain learning curve.