From 87d91f998a7d0cd214ef38156602da4127af5afb Mon Sep 17 00:00:00 2001 From: kamranahmedse <4921183+kamranahmedse@users.noreply.github.com> Date: Mon, 15 Dec 2025 14:41:13 +0000 Subject: [PATCH] chore: sync content to repo --- .../content/acls@lLWQhvzXn3EpeCf9Mhgyj.md | 9 ++++++++- .../content/alert-types@-j1PH9_z-Eq3jxX6e8VmQ.md | 10 +++++++++- .../content/asymmetric@hz0WFG5ksaBFMpq7ypLgF.md | 10 +++++++++- ...ttack-surface-mapping@JztcgG94qZ5trdhfDcRa6.md | 12 +++++++++++- ...t--compliance-mapping@04_UcLELHkqjBCwliCw7H.md | 9 ++++++++- .../authentication@iiOWJ7KXyHp_ovVWNmDoc.md | 13 ++++++++++++- .../authorization@DYmh1MkmAuXUJOFqnFzWc.md | 9 ++++++++- .../automated-patching@HahTEhITEAGaoys1psZqV.md | 11 ++++++++++- .../content/bash@r3XBfcNtxSraF11YK_5d5.md | 11 ++++++++++- .../content/bcrypt@TqmbGC_Q_b3BkU7UkvE-S.md | 11 ++++++++++- ...ld-pipeline-hardening@nkPrYgpM5Mn6C_9u9yAyQ.md | 10 +++++++++- .../content/burp-suite@uAUg6mDDDq7ZyR0IEDxg5.md | 12 +++++++++++- ...certificate-lifecycle@quUzTCnBnmJoSmIPBGjxk.md | 10 +++++++++- .../content/cia-triad@k7AtVkkVavHjCVo1hqCc0.md | 9 ++++++++- .../cloud-security@ou2-KKBNyOxH_IW9s3eE9.md | 9 ++++++++- .../container-security@EnDqfr07RzNZmPIth6wSq.md | 9 ++++++++- .../content/containment@CUjGVwPvQytVYqy2zEPuw.md | 9 ++++++++- ...cryptographic-hashing@EqfPoveYajk61VH-ii_uE.md | 11 ++++++++++- .../content/cspm@eTOjfNSzlvbWsyX5an_5w.md | 11 ++++++++++- ...s-miligation-strategy@ltpquwL_YEvbgMZ2OyNS4.md | 12 +++++++++++- ...nse-in-depth-concepts@a4dYHrx1KzhKRtarZT1iy.md | 10 +++++++++- ...dency-risk-management@AAd_X7gI-WA7Jh9FKsuE_.md | 9 ++++++++- .../devsecops-vs-devops@SJa6UcRcgT08lF8Phnh0X.md | 10 +++++++++- .../content/dns@TnDsOr1iJX3hY7vJRpp7S.md | 12 +++++++++++- .../content/docker@-OWtiqx4YbcOVhtYU0D69.md | 10 +++++++++- .../content/edr-strategy@A67WShi92I-TX0iK7Fv0L.md | 4 +++- .../content/encryption@0ey7Spq4DoZ-AfXOsMtag.md | 9 ++++++++- .../endpoint-detection@E2jGo4HeKaeuXYa9-f-vy.md | 11 ++++++++++- ...enterprise-operations@68qVLExPlVrKJweTjd_S5.md | 9 ++++++++- .../content/firewalls@LV_uiNRdUi9OrmxQCdeGw.md | 12 +++++++++++- .../content/forensics@h_kjdN5uGNKLtJ3puQ9RH.md | 9 ++++++++- .../devsecops/content/go@UcBt4BsvLDlsnVy3KKJ1y.md | 13 ++++++++++++- .../content/http@WamX-UieM8NxhK6P_bDCB.md | 12 +++++++++++- .../content/iam@-RORxEsNvIPSlnM2TWB3j.md | 12 +++++++++++- .../content/iam@JDglIowCyRjSoqCcNfkZr.md | 12 +++++++++++- .../identity-basics@iONpD135a4kd3zR5ufoTx.md | 8 +++++++- .../content/ids@L3Mu6rCIu58VyhtxeyLXq.md | 10 +++++++++- .../image-scanning@bPmjX9IPL9Da0XUApY5UF.md | 10 +++++++++- .../incident-response@V5eQcby9FNcGv68KPj5rH.md | 11 ++++++++++- ...t-validation-patterns@lq4nTMBniaxxwPvH5M77Z.md | 10 +++++++++- .../content/introduction@-X3GTFpg3kzm0cELAngjb.md | 12 +++++++++++- .../content/ips@PYH_nc4bktIJoCJA6OC5E.md | 9 ++++++++- .../content/ir-lifecycle@X-pvSQnfB2W4992_3eOEy.md | 11 ++++++++++- .../content/iso-27001@JBNiSzYD8DSnKfHoKRjMg.md | 9 ++++++++- .../javascript--nodejs@BeUiBY18JHqCKVNtYAHH3.md | 15 ++++++++++++++- ...ey-management-service@l76yFl4lSXnxg5DBbnnID.md | 11 ++++++++++- .../content/kubernetes@YveqgdX6eNRFC1zU_q7r1.md | 13 ++++++++++++- ...ale-identity-strategy@XRnxOPVChkGLQSXX-kUmi.md | 11 ++++++++++- ...-programming-language@v5FGKQc-_7NYEsWjmTEuq.md | 4 +++- .../least-privilege@rK-RToN5JRcclYl23TyYz.md | 11 ++++++++++- .../content/log-analysis@_Kr2_N8021tsZfa0wZ3Vu.md | 12 +++++++++++- .../content/monitoring@MMTCo21ap15MrPV64vKka.md | 9 ++++++++- ...ion-security-planning@eALB73XbtnFF3-PYcLcZq.md | 11 ++++++++++- .../content/nessus@EqbzAy56Tu8asKNFzuti_.md | 12 +++++++++++- .../network-segmentation@Cr0VAtdu0ZYPOkUU_7vjR.md | 10 +++++++++- .../networking-basics@84HlHz8bHCDtAPGpq7LpX.md | 10 +++++++++- .../content/nist@yMb0-A55r1KEsLntOmp5F.md | 9 ++++++++- .../content/nmap-basics@JyXv5vPHCjSBc0J-PpUEV.md | 11 ++++++++++- .../content/nmap@0Tci_Ks8jXisin90VqB_D.md | 10 +++++++++- .../content/openvas@mIcs0fp3T9IwwAvgYyKnY.md | 11 ++++++++++- .../content/owasp-top-10@igGASa7AknApWtq57v2Qx.md | 9 ++++++++- .../content/pasta@6A_3p3CzwxFVjJaXahEVr.md | 10 +++++++++- ...i-design-and-failover@nEYMyTKfRDqA2Uc1tCwxv.md | 10 +++++++++- .../content/powershell@91lxZEOZ6KF3tY9id2Au8.md | 12 +++++++++++- .../content/python@txcfATz3k89CedFrSZMWj.md | 13 ++++++++++++- .../content/qualys@Pkud7rAzdV5asF5aGAq7z.md | 12 +++++++++++- .../response-strategy@6Q2VIdeSuBZzo7c1qnYLG.md | 10 +++++++++- .../risk-quantification@V97S_0PrVw3jjHnmcxDgJ.md | 10 +++++++++- .../role-based-access@9Tea1ge_l1fls0fyPxMPG.md | 10 +++++++++- .../root-cause-analysis@VyzLkdcLgxfSSFuUS0xO_.md | 9 ++++++++- .../content/ruby@nKthK-OsFO0TGwptD-Dme.md | 10 +++++++++- .../content/rust@V_-gY34XcyIqPcLKtDJZr.md | 12 +++++++++++- .../content/sboms@MF8AYjKun5SHtumTyuurJ.md | 12 +++++++++++- .../scripting-knowledge@wjJPzrFJBNYOD3SJLzW2M.md | 12 +++++++++++- .../secure-api-design@aMu0e6xQ3Rak44F_I7Ish.md | 11 ++++++++++- .../secure-coding@iHd6XNAUGXn3_d-I_YtTM.md | 10 +++++++++- ...secure-network-zoning@ixiKWBp8m4tP55dBYFzRL.md | 10 +++++++++- .../content/sha-256@LKMBv-M9k71yrR2WzN4bK.md | 12 +++++++++++- .../content/siem@hnroE_riXvw6BqYdirWBX.md | 12 +++++++++++- .../soar-automation@rXS1CIZHu7TA_o7L-vMtV.md | 10 +++++++++- .../soar-concepts@O0aVW37VhZInw9Z9Mghcg.md | 9 ++++++++- .../content/soc-2@VmDslOmZANHpHmAInFa_j.md | 9 ++++++++- ...-injection-prevention@VPBQh3CSsNA-esuvEHT3X.md | 10 +++++++++- .../content/stride@EZZsZHxu7__yM2l9tr95-.md | 11 ++++++++++- ...supply-chain-security@qKHb2e9g_Xuo-nHepICTR.md | 12 +++++++++++- .../content/symmetric@mT1cKWZcKXwvopW6BeX-A.md | 10 +++++++++- ...at-modeling-workflows@qfhpMprVX562UuktYN9BZ.md | 10 +++++++++- .../threat-modeling@XA7JUF00B1locP0xY3T95.md | 11 ++++++++++- .../content/tls@FvU310TuexCsp8QkvxJib.md | 11 ++++++++++- .../vim--nano--emacs@7MavDAydyrt0tOJ6a6xRQ.md | 14 +++++++++++++- .../content/vlans@GPVN-nDitsY1bF_3huqnh.md | 9 ++++++++- .../wireshark-basics@iHhitN8zToXm4nK1m0OeR.md | 11 ++++++++++- .../xss-prevention@ph7rFQFJffi_di133vm3Z.md | 12 +++++++++++- .../zero-trust-concepts@3UAH70FkQlv5_VbYon4U9.md | 9 ++++++++- 94 files changed, 891 insertions(+), 94 deletions(-) diff --git a/src/data/roadmaps/devsecops/content/acls@lLWQhvzXn3EpeCf9Mhgyj.md b/src/data/roadmaps/devsecops/content/acls@lLWQhvzXn3EpeCf9Mhgyj.md index 749a96eef56f..c5a9ffc479e6 100644 --- a/src/data/roadmaps/devsecops/content/acls@lLWQhvzXn3EpeCf9Mhgyj.md +++ b/src/data/roadmaps/devsecops/content/acls@lLWQhvzXn3EpeCf9Mhgyj.md @@ -1 +1,8 @@ -# ACLs \ No newline at end of file +# Access Control Lists (ACLs) + +Access Control Lists (ACLs) are sets of rules that determine whether network traffic is allowed or denied to pass through a network interface. They act as a security filter, examining packets based on source and destination IP addresses, ports, and protocols. ACLs are configured on network devices like routers and firewalls to control network access and enforce security policies. + +Visit the following resources to learn more: + +- [@article@Access Control List: Definition, Types & Usages](https://www.okta.com/uk/identity-101/access-control-list/) +- [@video@Access Control Lists](https://www.youtube.com/watch?v=IwLyr0mKK1w) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/alert-types@-j1PH9_z-Eq3jxX6e8VmQ.md b/src/data/roadmaps/devsecops/content/alert-types@-j1PH9_z-Eq3jxX6e8VmQ.md index 95599fa8e07e..20c4e9ad91fa 100644 --- a/src/data/roadmaps/devsecops/content/alert-types@-j1PH9_z-Eq3jxX6e8VmQ.md +++ b/src/data/roadmaps/devsecops/content/alert-types@-j1PH9_z-Eq3jxX6e8VmQ.md @@ -1 +1,9 @@ -# Alert Types \ No newline at end of file +# Alert Types + +Alert types are the different categories or classifications of notifications generated by monitoring systems when specific events or conditions occur. These alerts signal potential issues, anomalies, or security threats within an application or infrastructure. They can range from simple notifications about resource utilization to complex warnings about potential security breaches, and are crucial for timely response and remediation. + +Visit the following resources to learn more: + +- [@article@Monitoring 101: Alerting on what matters](https://www.datadoghq.com/blog/monitoring-101-alerting/) +- [@article@Introduction to Metrics, Monitoring and Alerting](https://sematext.com/blog/monitoring-alerting/) +- [@video@Observability vs Monitoring vs APM vs Logging vs Alerting](https://www.youtube.com/watch?v=TYE2u7QZNVA) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/asymmetric@hz0WFG5ksaBFMpq7ypLgF.md b/src/data/roadmaps/devsecops/content/asymmetric@hz0WFG5ksaBFMpq7ypLgF.md index f503b96013c9..3756e1e2317a 100644 --- a/src/data/roadmaps/devsecops/content/asymmetric@hz0WFG5ksaBFMpq7ypLgF.md +++ b/src/data/roadmaps/devsecops/content/asymmetric@hz0WFG5ksaBFMpq7ypLgF.md @@ -1 +1,9 @@ -# Asymmetric \ No newline at end of file +# Asymmetric Encryption + +Asymmetric encryption, also known as public-key cryptography, uses a pair of keys: a public key for encryption and a private key for decryption. The public key can be freely distributed, allowing anyone to encrypt data intended for the owner of the private key. Only the corresponding private key, which is kept secret, can decrypt the data. This method enables secure communication without the need to exchange secret keys beforehand. + +Visit the following resources to learn more: + +- [@article@What is asymmetric encryption?](https://www.ibm.com/think/topics/asymmetric-encryption) +- [@video@Asymmetric Encryption - Simply explained](https://www.youtube.com/watch?v=AQDCe585Lnc) +- [@video@Symmetric vs. Asymmetric Encryption - CompTIA Security+ SY0-401: 6.1](https://www.youtube.com/watch?v=z2aueocJE8Q) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/attack-surface-mapping@JztcgG94qZ5trdhfDcRa6.md b/src/data/roadmaps/devsecops/content/attack-surface-mapping@JztcgG94qZ5trdhfDcRa6.md index 236e2fec59fb..eb439e365056 100644 --- a/src/data/roadmaps/devsecops/content/attack-surface-mapping@JztcgG94qZ5trdhfDcRa6.md +++ b/src/data/roadmaps/devsecops/content/attack-surface-mapping@JztcgG94qZ5trdhfDcRa6.md @@ -1 +1,11 @@ -# Attack Surface Mapping \ No newline at end of file +# Attack Surface Mapping + +Attack surface mapping is the process of identifying and documenting all the potential entry points or vulnerabilities that an attacker could exploit to gain unauthorized access to a system or application. This involves cataloging all assets, including hardware, software, network components, and data, and then analyzing them to determine their susceptibility to various threats. The resulting map provides a clear picture of the organization's security posture, enabling security teams to prioritize mitigation efforts and reduce the overall risk. + +Visit the following resources to learn more: + +- [@article@Attack Surface Analysis Cheat Sheet¶](https://cheatsheetseries.owasp.org/cheatsheets/Attack_Surface_Analysis_Cheat_Sheet.html) +- [@article@What is Attack Surface Mapping & Analysis in Cybersecurity?](https://jetpack.com/resources/attack-surface-mapping-and-analysis/) +- [@video@Attack Surface Mapping with Jeff Foley from OWASP Amass](https://www.youtube.com/watch?v=Ui35-YEbBiA) +- [@video@ASM and Vulnerability Management: Why you need both](https://www.youtube.com/watch?v=oMx9lgTtJnM) +- [@video@What is ASM (Attack Surface Management)?](https://www.youtube.com/watch?v=NqKid53v5x8) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/audit--compliance-mapping@04_UcLELHkqjBCwliCw7H.md b/src/data/roadmaps/devsecops/content/audit--compliance-mapping@04_UcLELHkqjBCwliCw7H.md index ef734071e35a..a70cd26b769e 100644 --- a/src/data/roadmaps/devsecops/content/audit--compliance-mapping@04_UcLELHkqjBCwliCw7H.md +++ b/src/data/roadmaps/devsecops/content/audit--compliance-mapping@04_UcLELHkqjBCwliCw7H.md @@ -1 +1,8 @@ -# Audit & Compliance Mapping \ No newline at end of file +# Audit & Compliance Mapping + +Audit & Compliance Mapping involves aligning an organization's security controls and practices with relevant regulatory requirements, industry standards, and internal policies. This process identifies which controls satisfy specific compliance obligations, creating a clear relationship between security efforts and the necessary frameworks for legal and operational adherence. The goal is to demonstrate that the organization is meeting its obligations and to streamline the audit process by providing a structured view of compliance. + +Visit the following resources to learn more: + +- [@article@How to Use Control Mapping Tools to Create a Cybersecurity Compliance Program](https://swimlane.com/blog/cybersecurity-compliance-with-control-mapping/) +- [@article@Compliance Audit: A Complete Checklist for Cybersecurity Audit Readiness](https://cynomi.com/learn/compliance-audit-checklist/) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/authentication@iiOWJ7KXyHp_ovVWNmDoc.md b/src/data/roadmaps/devsecops/content/authentication@iiOWJ7KXyHp_ovVWNmDoc.md index 66a783b302dc..2fe03b47aa55 100644 --- a/src/data/roadmaps/devsecops/content/authentication@iiOWJ7KXyHp_ovVWNmDoc.md +++ b/src/data/roadmaps/devsecops/content/authentication@iiOWJ7KXyHp_ovVWNmDoc.md @@ -1 +1,12 @@ -# Authentication \ No newline at end of file +# Authentication + +Authentication is the process of verifying the identity of a user, device, or application attempting to access a system or resource. It confirms that the entity is who or what it claims to be, typically by requiring them to provide credentials such as a username and password, a digital certificate, or biometric data. Successful authentication grants access based on pre-defined permissions and roles. + +Visit the following resources to learn more: + +- [@article@Basic Authentication](https://roadmap.sh/guides/basic-authentication) +- [@article@Session Based Authentication](https://roadmap.sh/guides/session-based-authentication) +- [@article@Token Based Authentication](https://roadmap.sh/guides/token-authentication) +- [@article@JWT Authentication](https://roadmap.sh/guides/jwt-authentication) +- [@article@Auth - Open Authorization](https://roadmap.sh/guides/oauth) +- [@article@SSO - Single Sign On](https://roadmap.sh/guides/sso) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/authorization@DYmh1MkmAuXUJOFqnFzWc.md b/src/data/roadmaps/devsecops/content/authorization@DYmh1MkmAuXUJOFqnFzWc.md index 02b25f227706..2ac55132cecf 100644 --- a/src/data/roadmaps/devsecops/content/authorization@DYmh1MkmAuXUJOFqnFzWc.md +++ b/src/data/roadmaps/devsecops/content/authorization@DYmh1MkmAuXUJOFqnFzWc.md @@ -1 +1,8 @@ -# Authorization \ No newline at end of file +# Authorization + +Authorization is the process of determining what a user or system is allowed to access or do. It verifies if a user, once authenticated, has the necessary permissions to perform a specific action on a particular resource. This involves checking access control policies and rules to ensure that only authorized entities can access sensitive data or functionalities. + +Visit the following resources to learn more: + +- [@article@What Is Authorization and How Does It Work?](https://www.descope.com/learn/post/authorization) +- [@video@Authentication vs Authorization Explained](https://www.youtube.com/watch?v=7ijBiXddB7w) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/automated-patching@HahTEhITEAGaoys1psZqV.md b/src/data/roadmaps/devsecops/content/automated-patching@HahTEhITEAGaoys1psZqV.md index 40f3df5c784d..2d558eb1c4ec 100644 --- a/src/data/roadmaps/devsecops/content/automated-patching@HahTEhITEAGaoys1psZqV.md +++ b/src/data/roadmaps/devsecops/content/automated-patching@HahTEhITEAGaoys1psZqV.md @@ -1 +1,10 @@ -# Automated Patching \ No newline at end of file +# Automated Patching + +Automated patching is the process of automatically applying software updates and security fixes to systems and applications. This involves using tools and scripts to identify missing patches, download them from a central repository, and install them on target machines without manual intervention. The goal is to quickly and efficiently address vulnerabilities and maintain the security and stability of the IT environment. + +Visit the following resources to learn more: + +- [@article@What is automated patch management?](https://www.pdq.com/blog/what-is-automated-patch-management/) +- [@article@What is Patch Management Automation and Why It Matters](https://blog.qualys.com/product-tech/patch-management/2025/11/18/what-is-patch-management-automation-guide) +- [@article@What is Patch Management?](https://www.ibm.com/topics/patch-management) +- [@video@What Is Patch Management, and Why Does Your Company Need It?](https://www.youtube.com/watch?v=O5XXlJear0w) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/bash@r3XBfcNtxSraF11YK_5d5.md b/src/data/roadmaps/devsecops/content/bash@r3XBfcNtxSraF11YK_5d5.md index 1af8b2c16218..3a585e6d8ba7 100644 --- a/src/data/roadmaps/devsecops/content/bash@r3XBfcNtxSraF11YK_5d5.md +++ b/src/data/roadmaps/devsecops/content/bash@r3XBfcNtxSraF11YK_5d5.md @@ -1 +1,10 @@ -# Bash \ No newline at end of file +# Bash Scripting + +Bash is a command-line interpreter and scripting language commonly used in Linux and macOS environments. It allows users to automate tasks, manage files, and execute programs through a series of commands written in a script. These scripts can range from simple one-liners to complex programs that perform system administration, software deployment, and other essential operations. + +Visit the following resources to learn more: + +- [@roadmap@Visit the Dedicated Bash Roadmap](https://roadmap.sh/shell-bash) +- [@article@Interactive Shell Scripting Tutorial](https://www.learnshell.org/en/Welcome) +- [@video@Bash Scripting Tutorial for Beginners](https://www.youtube.com/watch?v=tK9Oc6AEnR4) +- [@video@Bash in 100 Seconds](https://www.youtube.com/watch?v=I4EWvMFj37g) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/bcrypt@TqmbGC_Q_b3BkU7UkvE-S.md b/src/data/roadmaps/devsecops/content/bcrypt@TqmbGC_Q_b3BkU7UkvE-S.md index b318c90df290..d25cefed9336 100644 --- a/src/data/roadmaps/devsecops/content/bcrypt@TqmbGC_Q_b3BkU7UkvE-S.md +++ b/src/data/roadmaps/devsecops/content/bcrypt@TqmbGC_Q_b3BkU7UkvE-S.md @@ -1 +1,10 @@ -# bcrypt \ No newline at end of file +# bcrypt + +bcrypt is a password-hashing function designed to be computationally intensive and resistant to brute-force attacks. It incorporates a salt to protect against rainbow table attacks and uses an adaptive hashing algorithm, meaning the computational cost can be increased over time to keep pace with advancements in computing power. This makes it a strong choice for securely storing user passwords. + +Visit the following resources to learn more: + +- [@article@Hashing in Action: Understanding bcrypt](https://auth0.com/blog/hashing-in-action-understanding-bcrypt/) +- [@article@Password Hashing using bcrypt](https://medium.com/@bhupendra_Maurya/password-hashing-using-bcrypt-e36f5c655e09) +- [@article@BCrypt Explained](https://dev.to/sylviapap/bcrypt-explained-4k5c) +- [@video@Password Storage Tier List: encryption, hashing, salting, bcrypt, and beyond](https://www.youtube.com/watch?v=qgpsIBLvrGY) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/build-pipeline-hardening@nkPrYgpM5Mn6C_9u9yAyQ.md b/src/data/roadmaps/devsecops/content/build-pipeline-hardening@nkPrYgpM5Mn6C_9u9yAyQ.md index ddae8dd1d446..dccbdf76af88 100644 --- a/src/data/roadmaps/devsecops/content/build-pipeline-hardening@nkPrYgpM5Mn6C_9u9yAyQ.md +++ b/src/data/roadmaps/devsecops/content/build-pipeline-hardening@nkPrYgpM5Mn6C_9u9yAyQ.md @@ -1 +1,9 @@ -# Build Pipeline Hardening \ No newline at end of file +# Build Pipeline Hardening + +Pipeline hardening focuses on securing the automated process that transforms source code into deployable software. This involves implementing security measures at each stage of the pipeline, from code commit to artifact creation, to prevent vulnerabilities from being introduced or exploited. The goal is to ensure the integrity and confidentiality of the software being built and deployed. + +Visit the following resources to learn more: + +- [@article@Harden Your CI/CD Pipelines](https://www.paloaltonetworks.com/resources/datasheets/tip-sheet-ci-cd-security) +- [@article@Hardening - CI/CD Recommendations](https://docs.gitlab.com/security/hardening_cicd_recommendations/) +- [@video@Hardening Your CI/CD Pipelines with GitOps and Continuous Security](https://www.youtube.com/watch?v=OHly5mGdhNY) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/burp-suite@uAUg6mDDDq7ZyR0IEDxg5.md b/src/data/roadmaps/devsecops/content/burp-suite@uAUg6mDDDq7ZyR0IEDxg5.md index bf4402476901..ec43be134c6e 100644 --- a/src/data/roadmaps/devsecops/content/burp-suite@uAUg6mDDDq7ZyR0IEDxg5.md +++ b/src/data/roadmaps/devsecops/content/burp-suite@uAUg6mDDDq7ZyR0IEDxg5.md @@ -1 +1,11 @@ -# Burp Suite \ No newline at end of file +# Burp Suite + +Burp Suite is a platform used for performing security testing of web applications. It acts as a proxy, intercepting and analyzing traffic between a browser and a web server. This allows security professionals to identify vulnerabilities such as SQL injection, cross-site scripting (XSS), and other common web application flaws. + +Visit the following resources to learn more: + +- [@official@Burp](https://portswigger.net/burp) +- [@official@Getting started with Burp Suite](https://portswigger.net/burp/documentation/desktop/getting-started) +- [@article@What is Burp Suite?](https://www.scaler.com/topics/cyber-security/burp-suite/) +- [@video@How to use Burp Suite for Beginners](https://www.youtube.com/watch?v=GxvFqgCBW-8) +- [@video@Master Burp Suite Like A Pro In Just 1 Hour](https://www.youtube.com/watch?v=QiNLNDSLuJY) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/certificate-lifecycle@quUzTCnBnmJoSmIPBGjxk.md b/src/data/roadmaps/devsecops/content/certificate-lifecycle@quUzTCnBnmJoSmIPBGjxk.md index ab43f90b6f25..1de611e778e1 100644 --- a/src/data/roadmaps/devsecops/content/certificate-lifecycle@quUzTCnBnmJoSmIPBGjxk.md +++ b/src/data/roadmaps/devsecops/content/certificate-lifecycle@quUzTCnBnmJoSmIPBGjxk.md @@ -1 +1,9 @@ -# Certificate Lifecycle \ No newline at end of file +# Certificate Lifecycle + +Certificate lifecycle management encompasses all the processes involved in creating, deploying, managing, and eventually revoking digital certificates. This includes requesting certificates from a Certificate Authority (CA), securely storing private keys, distributing certificates to servers and applications, monitoring certificate expiration dates, and renewing or replacing certificates before they expire to maintain secure communication and authentication. + +Visit the following resources to learn more: + +- [@article@What Are the Five Stages of the Certificate Lifecycle?](https://www.digicert.com/faq/certificate-management/what-are-the-five-stages-in-the-certificate-lifecycle) +- [@article@What Are the 5 Stages in the Certificate Lifecycle?](https://www.keyfactor.com/blog/what-are-the-5-stages-in-the-certificate-lifecycle/) +- [@video@What is Certificate Management?](https://www.youtube.com/watch?v=wOeP0KbPUw0) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/cia-triad@k7AtVkkVavHjCVo1hqCc0.md b/src/data/roadmaps/devsecops/content/cia-triad@k7AtVkkVavHjCVo1hqCc0.md index 151db9333d2a..7ac912edff50 100644 --- a/src/data/roadmaps/devsecops/content/cia-triad@k7AtVkkVavHjCVo1hqCc0.md +++ b/src/data/roadmaps/devsecops/content/cia-triad@k7AtVkkVavHjCVo1hqCc0.md @@ -1 +1,8 @@ -# CIA Triad \ No newline at end of file +# CIA Triad + +The CIA Triad is a model designed to guide security policies for organizations. It consists of three fundamental principles: Confidentiality, ensuring that information is accessible only to authorized individuals; Integrity, maintaining the accuracy and completeness of data; and Availability, guaranteeing that authorized users have reliable access to information and resources when needed. + +Visit the following resources to learn more: + +- [@article@The CIA Triad](https://www.fortinet.com/resources/cyberglossary/cia-triad) +- [@video@The CIA Triad - Professor Messer](https://www.youtube.com/watch?v=SBcDGb9l6yo) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/cloud-security@ou2-KKBNyOxH_IW9s3eE9.md b/src/data/roadmaps/devsecops/content/cloud-security@ou2-KKBNyOxH_IW9s3eE9.md index aa7f297d7a49..09ef1efcfdfb 100644 --- a/src/data/roadmaps/devsecops/content/cloud-security@ou2-KKBNyOxH_IW9s3eE9.md +++ b/src/data/roadmaps/devsecops/content/cloud-security@ou2-KKBNyOxH_IW9s3eE9.md @@ -1 +1,8 @@ -# Cloud Security \ No newline at end of file +# Cloud Security + +Cloud security encompasses the policies, technologies, software, and practices that protect cloud-based systems, data, and infrastructure. It addresses the unique security challenges presented by cloud computing, such as shared responsibility models, data residency, and the dynamic nature of cloud environments. Effective cloud security strategies aim to maintain confidentiality, integrity, and availability of cloud resources while mitigating risks like data breaches, unauthorized access, and denial-of-service attacks. + +Visit the following resources to learn more: + +- [@article@What is cloud security?](https://www.ibm.com/think/topics/cloud-security) +- [@article@What is Cloud Security? Essential Tools, Best Practices and Strategies](https://www.crowdstrike.com/en-us/cybersecurity-101/cloud-security/) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/container-security@EnDqfr07RzNZmPIth6wSq.md b/src/data/roadmaps/devsecops/content/container-security@EnDqfr07RzNZmPIth6wSq.md index d50ae2971a7f..3eb3d7bd65f2 100644 --- a/src/data/roadmaps/devsecops/content/container-security@EnDqfr07RzNZmPIth6wSq.md +++ b/src/data/roadmaps/devsecops/content/container-security@EnDqfr07RzNZmPIth6wSq.md @@ -1 +1,8 @@ -# Container Security \ No newline at end of file +# Container Security + +Container security involves protecting containerized applications and the underlying infrastructure from vulnerabilities and threats. This includes securing the container image build process, managing container runtime environments, and implementing security measures to prevent unauthorized access, data breaches, and other security incidents. Effective container security practices are essential for ensuring the integrity, confidentiality, and availability of applications deployed in containerized environments. + +Visit the following resources to learn more: + +- [@article@What is Container Security? [Securing Containers 101]](https://www.wiz.io/academy/container-security/what-is-container-security) +- [@article@What Is Container Security?](https://www.paloaltonetworks.com/cyberpedia/what-is-container-security) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/containment@CUjGVwPvQytVYqy2zEPuw.md b/src/data/roadmaps/devsecops/content/containment@CUjGVwPvQytVYqy2zEPuw.md index cfc0d6f9104d..50c8d3e5dc50 100644 --- a/src/data/roadmaps/devsecops/content/containment@CUjGVwPvQytVYqy2zEPuw.md +++ b/src/data/roadmaps/devsecops/content/containment@CUjGVwPvQytVYqy2zEPuw.md @@ -1 +1,8 @@ -# Containment \ No newline at end of file +# Containment + +Containment in incident response refers to the actions taken to limit the scope and impact of a security incident. It involves isolating affected systems or networks to prevent the incident from spreading further, minimizing damage, and preserving evidence for investigation. This can include actions like disconnecting compromised machines from the network, shutting down vulnerable applications, or implementing temporary security controls. + +Visit the following resources to learn more: + +- [@article@Microsoft Security Incident Management: Containment, Eradication, and Recovery](https://learn.microsoft.com/en-us/compliance/assurance/assurance-sim-containment-eradication-recovery) +- [@article@Containment - AWS](https://docs.aws.amazon.com/whitepapers/latest/aws-security-incident-response-guide/containment.html) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/cryptographic-hashing@EqfPoveYajk61VH-ii_uE.md b/src/data/roadmaps/devsecops/content/cryptographic-hashing@EqfPoveYajk61VH-ii_uE.md index e4d9a7a051de..70015731e7cc 100644 --- a/src/data/roadmaps/devsecops/content/cryptographic-hashing@EqfPoveYajk61VH-ii_uE.md +++ b/src/data/roadmaps/devsecops/content/cryptographic-hashing@EqfPoveYajk61VH-ii_uE.md @@ -1 +1,10 @@ -# Cryptographic Hashing \ No newline at end of file +# Cryptographic Hashing + +Cryptographic hashing is a process that takes an input (or 'message') and produces a fixed-size string of characters, known as a hash. This hash acts as a unique fingerprint of the input data. Even a small change to the input will result in a drastically different hash value. Hashing algorithms are designed to be one-way functions, meaning it's computationally infeasible to reverse the process and derive the original input from the hash. + +Visit the following resources to learn more: + +- [@article@What is hashing and how does it work?](https://www.techtarget.com/searchdatamanagement/definition/hashing) +- [@article@Hashing Algorithm Overview: Types, Methodologies & Usage](https://www.okta.com/identity-101/hashing-algorithms/) +- [@article@Understanding Cryptography Types](https://geekflare.com/cybersecurity/cryptography-types/) +- [@video@Hashing Explained](https://www.youtube.com/watch?v=EOe1XUykdP4) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/cspm@eTOjfNSzlvbWsyX5an_5w.md b/src/data/roadmaps/devsecops/content/cspm@eTOjfNSzlvbWsyX5an_5w.md index ce503b68ee20..7f4fd4d75c2b 100644 --- a/src/data/roadmaps/devsecops/content/cspm@eTOjfNSzlvbWsyX5an_5w.md +++ b/src/data/roadmaps/devsecops/content/cspm@eTOjfNSzlvbWsyX5an_5w.md @@ -1 +1,10 @@ -# CSPM \ No newline at end of file +# Cloud Security Posture Management (CSPM) + +Cloud Security Posture Management (CSPM) involves continuously assessing and improving the security configuration of cloud resources. It helps organizations identify and remediate misconfigurations, compliance violations, and security risks across their cloud environments. CSPM tools automate security assessments, provide visibility into cloud security posture, and offer recommendations for improving security controls. + +Visit the following resources to learn more: + +- [@article@What is cloud security posture management (CSPM)?](https://www.ibm.com/think/topics/cspm) +- [@article@What is CSPM?](https://www.microsoft.com/en-us/security/business/security-101/what-is-cspm) +- [@video@What is CSPM (Cloud Security Posture Management)?](https://www.youtube.com/watch?v=V4wmb5KVmKM) +- [@video@What is Cloud Security Posture Management (CSPM)?](https://www.youtube.com/watch?v=dZLEngVpKME) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/ddos-miligation-strategy@ltpquwL_YEvbgMZ2OyNS4.md b/src/data/roadmaps/devsecops/content/ddos-miligation-strategy@ltpquwL_YEvbgMZ2OyNS4.md index 4fb928da6ef4..5402c1504a75 100644 --- a/src/data/roadmaps/devsecops/content/ddos-miligation-strategy@ltpquwL_YEvbgMZ2OyNS4.md +++ b/src/data/roadmaps/devsecops/content/ddos-miligation-strategy@ltpquwL_YEvbgMZ2OyNS4.md @@ -1 +1,11 @@ -# DDoS Miligation Strategy \ No newline at end of file +# DDoS Mitigation Strategy + +A DDoS (Distributed Denial of Service) mitigation strategy is a plan and set of techniques used to protect a system or network from being overwhelmed by malicious traffic. It involves identifying, analyzing, and filtering out illegitimate requests while allowing legitimate users to access the service. This often includes a combination of traffic filtering, rate limiting, content delivery networks (CDNs), and other security measures to maintain availability and performance during an attack. + +Visit the following resources to learn more: + +- [@article@10 Best Practices to Prevent DDoS Attacks](https://securityscorecard.com/blog/best-practices-to-prevent-ddos-attacks/) +- [@article@How to prevent DDoS attacks | Methods and tools](https://www.cloudflare.com/en-gb/learning/ddos/how-to-prevent-ddos-attacks/) +- [@article@DoS vs DDoS](https://www.fortinet.com/resources/cyberglossary/dos-vs-ddos) +- [@video@hat is Denial-of-Service attack?](https://www.youtube.com/watch?v=Z7xG3b0aL_I) +- [@video@What is a DDoS attack?](https://www.youtube.com/watch?v=z503nLsfe5s) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/defense-in-depth-concepts@a4dYHrx1KzhKRtarZT1iy.md b/src/data/roadmaps/devsecops/content/defense-in-depth-concepts@a4dYHrx1KzhKRtarZT1iy.md index a2e2e87dde8c..8a8cc02e7f60 100644 --- a/src/data/roadmaps/devsecops/content/defense-in-depth-concepts@a4dYHrx1KzhKRtarZT1iy.md +++ b/src/data/roadmaps/devsecops/content/defense-in-depth-concepts@a4dYHrx1KzhKRtarZT1iy.md @@ -1 +1,9 @@ -# Defense in Depth Concepts \ No newline at end of file +# Defense in Depth + +Defense in Depth is a security approach that uses multiple layers of security controls to protect assets. If one security measure fails, others are in place to provide continued protection. This layered approach reduces the risk of a single point of failure compromising the entire system. + +Visit the following resources to learn more: + +- [@article@What is Defense in Depth?](https://www.fortinet.com/resources/cyberglossary/defense-in-depth) +- [@article@What is Defense in Depth? Best Practices for Layered Security](https://www.wiz.io/academy/cloud-security/defense-in-depth) +- [@video@Defense-in-Depth - CompTIA Security+](https://www.youtube.com/watch?v=HLQ4wX8NxQY) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/dependency-risk-management@AAd_X7gI-WA7Jh9FKsuE_.md b/src/data/roadmaps/devsecops/content/dependency-risk-management@AAd_X7gI-WA7Jh9FKsuE_.md index 3046d9a0eb26..b6063a0346e0 100644 --- a/src/data/roadmaps/devsecops/content/dependency-risk-management@AAd_X7gI-WA7Jh9FKsuE_.md +++ b/src/data/roadmaps/devsecops/content/dependency-risk-management@AAd_X7gI-WA7Jh9FKsuE_.md @@ -1 +1,8 @@ -# Dependency Risk Management \ No newline at end of file +# Dependency Risk Management + +Dependency Risk Management involves identifying, assessing, and mitigating the risks associated with using third-party libraries, frameworks, and other external components in software development. This includes understanding the potential vulnerabilities, licensing issues, and maintenance status of these dependencies to ensure the security and stability of the application. Effective dependency management helps prevent the introduction of known security flaws and ensures compliance with licensing requirements. + +Visit the following resources to learn more: + +- [@article@Dependency Risk Analysis](https://www.launchnotes.com/glossary/dependency-risk-analysis-in-product-management-and-operations) +- [@article@OWASP Dependency-Track](https://owasp.org/www-project-dependency-track/) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/devsecops-vs-devops@SJa6UcRcgT08lF8Phnh0X.md b/src/data/roadmaps/devsecops/content/devsecops-vs-devops@SJa6UcRcgT08lF8Phnh0X.md index f09cbc01980b..affaf601b9ea 100644 --- a/src/data/roadmaps/devsecops/content/devsecops-vs-devops@SJa6UcRcgT08lF8Phnh0X.md +++ b/src/data/roadmaps/devsecops/content/devsecops-vs-devops@SJa6UcRcgT08lF8Phnh0X.md @@ -1 +1,9 @@ -# DevSecOps vs DevOps \ No newline at end of file +# DevSecOps vs. DevOps + +DevOps focuses on streamlining and automating the software development lifecycle, emphasizing collaboration between development and operations teams to deliver software faster and more efficiently. DevSecOps builds upon this foundation by integrating security practices and considerations throughout the entire DevOps pipeline, rather than treating security as a separate, end-of-cycle step. This means security is a shared responsibility from the initial planning stages to deployment and monitoring. + +Visit the following resources to learn more: + +- [@article@DevOps vs DevSecOps: Key Differences and Best Fit](https://roadmap.sh/devops/vs-devsecops) +- [@article@DevOps vs DevSecOps: Differences and Similarities](https://www.browserstack.com/guide/what-is-the-difference-between-devops-and-devsecops) +- [@video@What is DevSecOps? | DevOps vs DevSecOps | KodeKloud](https://www.youtube.com/watch?v=1XpUDV7PBFo) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/dns@TnDsOr1iJX3hY7vJRpp7S.md b/src/data/roadmaps/devsecops/content/dns@TnDsOr1iJX3hY7vJRpp7S.md index afee8c5f4524..5062ce0acf8f 100644 --- a/src/data/roadmaps/devsecops/content/dns@TnDsOr1iJX3hY7vJRpp7S.md +++ b/src/data/roadmaps/devsecops/content/dns@TnDsOr1iJX3hY7vJRpp7S.md @@ -1 +1,11 @@ -# DNS \ No newline at end of file +# DNS + +DNS, or Domain Name System, is essentially the phonebook of the internet. It translates human-readable domain names, like "example.com," into IP addresses, like "192.0.2.1," which computers use to identify each other on the network. Without DNS, we'd have to remember and type in these numerical IP addresses every time we wanted to visit a website. + +Visit the following resources to learn more: + +- [@article@What is DNS?](https://www.cloudflare.com/en-gb/learning/dns/what-is-dns/) +- [@article@Mess with DNS - DNS Playground](https://messwithdns.net/) +- [@article@How DNS works (comic)](https://howdns.works/) +- [@video@DNS and How does it Work?](](https://www.youtube.com/watch?v=Wj0od2ag5sk) +- [@feed@Explore top posts about DNS](https://app.daily.dev/tags/dns?ref=roadmapsh) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/docker@-OWtiqx4YbcOVhtYU0D69.md b/src/data/roadmaps/devsecops/content/docker@-OWtiqx4YbcOVhtYU0D69.md index 6871408360b2..8f7fb75fc2e2 100644 --- a/src/data/roadmaps/devsecops/content/docker@-OWtiqx4YbcOVhtYU0D69.md +++ b/src/data/roadmaps/devsecops/content/docker@-OWtiqx4YbcOVhtYU0D69.md @@ -1 +1,9 @@ -# Docker \ No newline at end of file +# Docker Security + +Docker security entails protecting your applications and data within Docker containers. Because containers share the host operating system's kernel, vulnerabilities in the kernel or container configurations can be exploited. Securing Docker involves practices like using minimal base images, regularly scanning images for vulnerabilities, implementing strong access controls, and properly configuring Docker daemon settings to prevent unauthorized access and ensure isolation. + +Visit the following resources to learn more: + +- [@roadmap@Visit the Dedicated Docker Roadmap](https://roadmap.sh/docker) +- [@official@Docker Security](https://docs.docker.com/engine/security/) +- [@article@Kubernetes Security Best Practices](https://www.aquasec.com/cloud-native-academy/kubernetes-in-production/kubernetes-security-best-practices-10-steps-to-securing-k8s/) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/edr-strategy@A67WShi92I-TX0iK7Fv0L.md b/src/data/roadmaps/devsecops/content/edr-strategy@A67WShi92I-TX0iK7Fv0L.md index efccb731d6b5..1b6790b0d81d 100644 --- a/src/data/roadmaps/devsecops/content/edr-strategy@A67WShi92I-TX0iK7Fv0L.md +++ b/src/data/roadmaps/devsecops/content/edr-strategy@A67WShi92I-TX0iK7Fv0L.md @@ -1 +1,3 @@ -# EDR Strategy \ No newline at end of file +# EDR Strategy + +Endpoint Detection and Response (EDR) strategy focuses on proactively identifying and mitigating threats on endpoint devices like laptops, servers, and workstations. It involves implementing tools and processes that continuously monitor these endpoints for suspicious activities, analyze the data to detect potential security incidents, and provide automated or manual response capabilities to contain and remediate threats. A well-defined EDR strategy helps organizations gain visibility into endpoint security posture and improve their ability to defend against advanced attacks. \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/encryption@0ey7Spq4DoZ-AfXOsMtag.md b/src/data/roadmaps/devsecops/content/encryption@0ey7Spq4DoZ-AfXOsMtag.md index b88f85ab7de6..38cd65c1a747 100644 --- a/src/data/roadmaps/devsecops/content/encryption@0ey7Spq4DoZ-AfXOsMtag.md +++ b/src/data/roadmaps/devsecops/content/encryption@0ey7Spq4DoZ-AfXOsMtag.md @@ -1 +1,8 @@ -# Encryption \ No newline at end of file +# Encryption + +Encryption is the process of converting readable data (plaintext) into an unreadable format (ciphertext) to protect its confidentiality. This is achieved using algorithms and cryptographic keys. Only authorized parties with the correct key can decrypt the ciphertext back into its original plaintext form, ensuring that sensitive information remains protected from unauthorized access or disclosure. + +Visit the following resources to learn more: + +- [@article@What is Encryption?](https://cloud.google.com/learn/what-is-encryption) +- [@video@What is Encryption?](https://www.youtube.com/watch?v=9chKCUQ8_VQ) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/endpoint-detection@E2jGo4HeKaeuXYa9-f-vy.md b/src/data/roadmaps/devsecops/content/endpoint-detection@E2jGo4HeKaeuXYa9-f-vy.md index c717bf9a5e77..550d20199997 100644 --- a/src/data/roadmaps/devsecops/content/endpoint-detection@E2jGo4HeKaeuXYa9-f-vy.md +++ b/src/data/roadmaps/devsecops/content/endpoint-detection@E2jGo4HeKaeuXYa9-f-vy.md @@ -1 +1,10 @@ -# Endpoint Detection \ No newline at end of file +# Endpoint Detection + +Endpoint detection involves monitoring and analyzing activities on devices like laptops, desktops, and servers to identify suspicious behavior that could indicate a security threat. This process typically uses software agents installed on these endpoints to collect data, which is then analyzed for patterns and anomalies that might signal malware, unauthorized access, or other malicious activities. When a threat is detected, the system alerts security teams and may automatically take actions to contain or remediate the issue. + +Visit the following resources to learn more: + +- [@article@What is endpoint detection and response (EDR)?](https://www.microsoft.com/en-us/security/business/security-101/what-is-edr-endpoint-detection-response) +- [@article@Endpoint Detection and Response](https://www.trendmicro.com/en_us/what-is/xdr/edr.html) +- [@video@What is Endpoint Detection and Response (EDR)?](https://www.youtube.com/watch?v=55GaIolVVqI) +- [@video@Cybersecurity Architecture: Endpoints Are the IT Front Door - Guard Them](https://www.youtube.com/watch?v=Njqid_JpqTs) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/enterprise-operations@68qVLExPlVrKJweTjd_S5.md b/src/data/roadmaps/devsecops/content/enterprise-operations@68qVLExPlVrKJweTjd_S5.md index 4b51ae178cf0..ee9d9b7098bd 100644 --- a/src/data/roadmaps/devsecops/content/enterprise-operations@68qVLExPlVrKJweTjd_S5.md +++ b/src/data/roadmaps/devsecops/content/enterprise-operations@68qVLExPlVrKJweTjd_S5.md @@ -1 +1,8 @@ -# Enterprise Operations \ No newline at end of file +# Enterprise Operations + +Enterprise Operations encompasses all the activities and processes required to manage and maintain an organization's IT infrastructure, applications, and services. This includes tasks like system administration, network management, database administration, incident response, and ensuring the overall stability and performance of the IT environment that supports the business. It focuses on keeping the lights on and ensuring that the business can function effectively. + +Visit the following resources to learn more: + +- [@article@What Is IT Governance and How Does Enterprise Architecture Support It?](https://www.ardoq.com/knowledge-hub/it-governance) +- [@article@What is IT Governance (ITG) and why does it matter?](https://blog.ifs.com/it-governance-itg/) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/firewalls@LV_uiNRdUi9OrmxQCdeGw.md b/src/data/roadmaps/devsecops/content/firewalls@LV_uiNRdUi9OrmxQCdeGw.md index 892d4c16d279..ac78d0799a16 100644 --- a/src/data/roadmaps/devsecops/content/firewalls@LV_uiNRdUi9OrmxQCdeGw.md +++ b/src/data/roadmaps/devsecops/content/firewalls@LV_uiNRdUi9OrmxQCdeGw.md @@ -1 +1,11 @@ -# Firewalls \ No newline at end of file +# Firewalls + +Firewalls are network security systems that monitor and control incoming and outgoing network traffic based on predetermined security rules. They act as a barrier between a trusted internal network and an untrusted external network, such as the internet. Firewalls analyze network packets and either allow or block them based on configured rules, helping to prevent unauthorized access to or from private networks. + +Visit the following resources to learn more: + +- [@article@What is Firewall?](https://www.checkpoint.com/cyber-hub/network-security/what-is-firewall/) +- [@article@Types of Firewall](https://www.cisco.com/c/en_in/products/security/firewalls/what-is-a-firewall.html) +- [@article@Uncomplicated Firewall (UFW)](https://dev.to/coder7475/uncomplicated-firewall-ufw-1638) +- [@article@Why do we need Firewalls?](https://www.tutorialspoint.com/what-is-a-firewall-and-why-do-you-need-one) +- [@video@Firewalls and Network Security - SimpliLearn](https://www.youtube.com/watch?v=9GZlVOafYTg) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/forensics@h_kjdN5uGNKLtJ3puQ9RH.md b/src/data/roadmaps/devsecops/content/forensics@h_kjdN5uGNKLtJ3puQ9RH.md index 2d76b55389c7..b3c981d8020c 100644 --- a/src/data/roadmaps/devsecops/content/forensics@h_kjdN5uGNKLtJ3puQ9RH.md +++ b/src/data/roadmaps/devsecops/content/forensics@h_kjdN5uGNKLtJ3puQ9RH.md @@ -1 +1,8 @@ -# Forensics \ No newline at end of file +# Forensics + +Forensics, in the context of incident response, involves the systematic investigation and analysis of security incidents to understand what happened, how it happened, and who was involved. It's about gathering and preserving digital evidence to reconstruct events, identify root causes, and support potential legal or disciplinary actions. This process helps organizations learn from incidents, improve their security posture, and prevent future occurrences. + +Visit the following resources to learn more: + +- [@article@Introduction to Digital Forensics (TryHackMe)](https://tryhackme.com/room/introdigitalforensics) +- [@video@Digital Forensics](https://www.youtube.com/watch?v=UtDWApdO8Zk) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/go@UcBt4BsvLDlsnVy3KKJ1y.md b/src/data/roadmaps/devsecops/content/go@UcBt4BsvLDlsnVy3KKJ1y.md index 59448b2167ee..b72e6821b1d8 100644 --- a/src/data/roadmaps/devsecops/content/go@UcBt4BsvLDlsnVy3KKJ1y.md +++ b/src/data/roadmaps/devsecops/content/go@UcBt4BsvLDlsnVy3KKJ1y.md @@ -1 +1,12 @@ -# Go \ No newline at end of file +# Go Programming Language + +Go, often referred to as Golang, is a statically typed, compiled programming language designed at Google. Its simple syntax, efficient performance, and built-in concurrency features make it well-suited for building reliable and scalable tools and infrastructure components often used in DevSecOps pipelines. This includes tasks like automating security checks, building network tools, and creating efficient deployment systems. + +Visit the following resources to learn more: + +- [@roadmap@Visit de Dedicated Rust Roadmap](https://roadmap.sh/golang) +- [@official@Go](https://go.dev/) +- [@official@Go Docs](https://go.dev/doc/) +- [@official@Getting Started with Go](https://go.dev/doc/tutorial/getting-started) +- [@article@Getting Started with Go and the Web](https://dev.to/markmunyaka/getting-started-with-go-and-the-web-hello-world-nal) +- [@video@Golang 101 Crash Course: Learn Go Programming Fundamentals!](https://www.youtube.com/watch?v=S65k7Tubbck) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/http@WamX-UieM8NxhK6P_bDCB.md b/src/data/roadmaps/devsecops/content/http@WamX-UieM8NxhK6P_bDCB.md index 3c3b0f25dde9..fe7c28d8b0b3 100644 --- a/src/data/roadmaps/devsecops/content/http@WamX-UieM8NxhK6P_bDCB.md +++ b/src/data/roadmaps/devsecops/content/http@WamX-UieM8NxhK6P_bDCB.md @@ -1 +1,11 @@ -# HTTP \ No newline at end of file +# HTTP + +HTTP (Hypertext Transfer Protocol) is the foundation of data communication on the World Wide Web. It's an application-layer protocol that defines how clients (like web browsers) and servers communicate by exchanging messages. These messages consist of requests from the client and responses from the server, enabling the transfer of resources like HTML documents, images, and other web content. + +Visit the following resources to learn more: + +- [@article@Everything you need to know about HTTP](https://cs.fyi/guide/http-in-depth) +- [@article@What is HTTP?](https://www.cloudflare.com/en-gb/learning/ddos/glossary/hypertext-transfer-protocol-http/) +- [@article@An overview of HTTP](https://developer.mozilla.org/en-US/docs/Web/HTTP/Overview) +- [@video@HTTP/1 to HTTP/2 to HTTP/3](https://www.youtube.com/watch?v=a-sBfyiXysI) +- [@video@HTTP Crash Course & Exploration](https://www.youtube.com/watch?v=iYM2zFP3Zn0) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/iam@-RORxEsNvIPSlnM2TWB3j.md b/src/data/roadmaps/devsecops/content/iam@-RORxEsNvIPSlnM2TWB3j.md index 54ea58db92c8..f6eee9226596 100644 --- a/src/data/roadmaps/devsecops/content/iam@-RORxEsNvIPSlnM2TWB3j.md +++ b/src/data/roadmaps/devsecops/content/iam@-RORxEsNvIPSlnM2TWB3j.md @@ -1 +1,11 @@ -# IAM \ No newline at end of file +# IAM + +Identity and Access Management (IAM) is a framework of policies and technologies that ensures the right individuals and services have appropriate access to resources. It defines and manages user identities, authenticates them, and authorizes their access to specific resources based on predefined roles and permissions. This helps organizations control who can access what, when, and how, thereby reducing the risk of unauthorized access and data breaches. + +Visit the following resources to learn more: + +- [@article@Introduction to Identity and Access Management (IAM)](https://auth0.com/docs/get-started/identity-fundamentals/identity-and-access-management) +- [@article@What is identity and access management (IAM)?](https://www.ibm.com/think/topics/identity-access-management) +- [@article@How to build an effective IAM architecture](https://www.techtarget.com/searchsecurity/feature/How-to-build-an-identity-and-access-management-architecture) +- [@video@Identity & Access Management (IAM)](https://www.youtube.com/watch?v=aNj36g7fSsU) +- [@video@Cybersecurity Architecture: Who Are You? Identity and Access Management](https://www.youtube.com/watch?v=5uNifnVlBy4) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/iam@JDglIowCyRjSoqCcNfkZr.md b/src/data/roadmaps/devsecops/content/iam@JDglIowCyRjSoqCcNfkZr.md index 54ea58db92c8..81fedb803864 100644 --- a/src/data/roadmaps/devsecops/content/iam@JDglIowCyRjSoqCcNfkZr.md +++ b/src/data/roadmaps/devsecops/content/iam@JDglIowCyRjSoqCcNfkZr.md @@ -1 +1,11 @@ -# IAM \ No newline at end of file +# Identity and Access Management (IAM) + +IAM in cloud providers like AWS and GCP controls who can access what resources within your cloud environment. It lets you define users, groups, and roles, and then assign permissions to those roles. These permissions determine what actions users and services can perform, such as reading data from a database, creating virtual machines, or managing network configurations. IAM helps you enforce the principle of least privilege, granting only the necessary access to perform specific tasks, thereby minimizing the potential impact of security breaches. + +Visit the following resources to learn more: + +- [@article@AWS Identity and Access Management](https://aws.amazon.com/es/iam/) +- [@article@What is IAM? - AWS](https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html) +- [@article@Identity and Access Management documentation - GCP](https://docs.cloud.google.com/iam/docs) +- [@video@AWS IAM Core Concepts You NEED to Know](https://www.youtube.com/watch?v=_ZCTvmaPgao) +- [@video@IAM Explained in Google Cloud: Manage Access and Permissions](https://www.youtube.com/watch?v=iTY64is1-qk) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/identity-basics@iONpD135a4kd3zR5ufoTx.md b/src/data/roadmaps/devsecops/content/identity-basics@iONpD135a4kd3zR5ufoTx.md index 60beda64c3a5..99fdbcdb48a0 100644 --- a/src/data/roadmaps/devsecops/content/identity-basics@iONpD135a4kd3zR5ufoTx.md +++ b/src/data/roadmaps/devsecops/content/identity-basics@iONpD135a4kd3zR5ufoTx.md @@ -1 +1,7 @@ -# Identity Basics \ No newline at end of file +# Identity Basics + +Identity basics involve establishing and managing digital identities for users, applications, and services within a system. This includes processes for authentication (verifying who someone is) and authorization (determining what they are allowed to access). Effective identity management ensures that only authorized entities can access specific resources, maintaining security and control over sensitive data and functionalities. + +Visit the following resources to learn more: + +- [@article@What is identity and access management (IAM)?](https://www.microsoft.com/en-us/security/business/security-101/what-is-identity-access-management-iam) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/ids@L3Mu6rCIu58VyhtxeyLXq.md b/src/data/roadmaps/devsecops/content/ids@L3Mu6rCIu58VyhtxeyLXq.md index 56997e6beae3..86b620d07f06 100644 --- a/src/data/roadmaps/devsecops/content/ids@L3Mu6rCIu58VyhtxeyLXq.md +++ b/src/data/roadmaps/devsecops/content/ids@L3Mu6rCIu58VyhtxeyLXq.md @@ -1 +1,9 @@ -# IDS \ No newline at end of file +# Intrusion Detection Systems + +An Intrusion Detection System (IDS) monitors a network or systems for malicious activity or policy violations. It analyzes network traffic, system logs, and other data sources to identify suspicious patterns that may indicate an attack or unauthorized access. When a threat is detected, the IDS alerts administrators, allowing them to investigate and respond to the incident. + +Visit the following resources to learn more: + +- [@article@What is Intrusion Detection Systems (IDS)](https://www.fortinet.com/resources/cyberglossary/intrusion-detection-system) +- [@video@What Is Intrusion Detection System? | Intrusion Detection System (IDS) | Cyber Security |Simplilearn](https://www.youtube.com/watch?v=dfVAi87BSEs) +- [@video@Intrusion Detection and Intrusion Prevention Systems](https://www.youtube.com/watch?v=_gHMkEKGwBM) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/image-scanning@bPmjX9IPL9Da0XUApY5UF.md b/src/data/roadmaps/devsecops/content/image-scanning@bPmjX9IPL9Da0XUApY5UF.md index 84c039ad079f..8a19e973f864 100644 --- a/src/data/roadmaps/devsecops/content/image-scanning@bPmjX9IPL9Da0XUApY5UF.md +++ b/src/data/roadmaps/devsecops/content/image-scanning@bPmjX9IPL9Da0XUApY5UF.md @@ -1 +1,9 @@ -# Image Scanning \ No newline at end of file +# Image Scanning + +Image scanning is the process of analyzing container images for known vulnerabilities, malware, and configuration issues. It involves examining the layers of the image, including the operating system, installed packages, and application code, against vulnerability databases and security policies. This helps identify potential risks before the image is deployed, ensuring a more secure container environment. + +Visit the following resources to learn more: + +- [@article@12 container image scanning best practices](https://www.sysdig.com/learn-cloud-native/12-container-image-scanning-best-practices) +- [@article@OWASP DevSecOps Guideline - v-0.2](https://owasp.org/www-project-devsecops-guideline/latest/02f-Container-Vulnerability-Scanning) +- [@article@Top 10 Container Scanning Tools for 2026](https://www.jit.io/resources/appsec-tools/container-scanning-tools-for-2023) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/incident-response@V5eQcby9FNcGv68KPj5rH.md b/src/data/roadmaps/devsecops/content/incident-response@V5eQcby9FNcGv68KPj5rH.md index 8e0c7a2f27e6..01415e5e937b 100644 --- a/src/data/roadmaps/devsecops/content/incident-response@V5eQcby9FNcGv68KPj5rH.md +++ b/src/data/roadmaps/devsecops/content/incident-response@V5eQcby9FNcGv68KPj5rH.md @@ -1 +1,10 @@ -# Incident Response \ No newline at end of file +# Incident Response + +Incident Response is the structured approach an organization takes to address and manage the aftermath of a security breach or cyberattack. It involves identifying, analyzing, containing, eradicating, and recovering from incidents to minimize damage and reduce recovery time and costs. The goal is to restore normal operations as quickly and efficiently as possible while preventing similar incidents from occurring in the future. + +Visit the following resources to learn more: + +- [@article@What is incident response?](https://www.ibm.com/think/topics/incident-response) +- [@article@What is Incident Response? Process, Frameworks, and Tools](https://www.bluevoyant.com/knowledge-center/what-is-incident-response-process-frameworks-and-tools) +- [@video@Cybersecurity IDR: Incident Detection & Response | Google Cybersecurity Certificate](https://www.youtube.com/watch?v=MsGl6lX-YaI) +- [@video@3 LEVELS of Cybersecurity Incident Response You NEED To Know](https://www.youtube.com/watch?v=vhCCo7ioDhA) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/input-validation-patterns@lq4nTMBniaxxwPvH5M77Z.md b/src/data/roadmaps/devsecops/content/input-validation-patterns@lq4nTMBniaxxwPvH5M77Z.md index 9eba342930b8..ca6e292dc562 100644 --- a/src/data/roadmaps/devsecops/content/input-validation-patterns@lq4nTMBniaxxwPvH5M77Z.md +++ b/src/data/roadmaps/devsecops/content/input-validation-patterns@lq4nTMBniaxxwPvH5M77Z.md @@ -1 +1,9 @@ -# Input Validation Patterns \ No newline at end of file +# Input Validation Patterns + +Input validation patterns are techniques used to ensure that data entered into an application conforms to expected formats and values. These patterns involve checking the length, type, format, and range of user-supplied data before it's processed by the application. By implementing these patterns, developers can prevent malicious or malformed data from causing errors, security vulnerabilities, or unexpected behavior within the system. + +Visit the following resources to learn more: + +- [@article@Input Validation Cheat Sheet¶](https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html) +- [@article@Input Validation Using Design Patterns](https://medium.com/henrydchan/input-validation-using-design-patterns-9d7b96f87702) +- [@article@Regular Expressions and Input Validation](https://blog.openreplay.com/regular-expressions-and-input-validations/) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/introduction@-X3GTFpg3kzm0cELAngjb.md b/src/data/roadmaps/devsecops/content/introduction@-X3GTFpg3kzm0cELAngjb.md index f6ecaa676cac..0dba95245747 100644 --- a/src/data/roadmaps/devsecops/content/introduction@-X3GTFpg3kzm0cELAngjb.md +++ b/src/data/roadmaps/devsecops/content/introduction@-X3GTFpg3kzm0cELAngjb.md @@ -1 +1,11 @@ -# Introduction \ No newline at end of file +# DevSecOps + +DevSecOps is an approach to software development that integrates security practices within the DevOps process. It emphasizes shared responsibility for security throughout the entire software lifecycle, from initial design to integration, testing, deployment, and software delivery. The goal is to build security into the development pipeline, rather than adding it as an afterthought, enabling faster and more secure software releases. + +Visit the following resources to learn more: + +- [@article@What is DevSecOps? - Red Hat](https://www.redhat.com/en/topics/devops/what-is-devsecops) +- [@article@What is DevSecOps? - AWS](https://aws.amazon.com/what-is/devsecops/) +- [@course@DevSecOps](https://www.skills.google/paths/76) +- [@video@DevSecOps Course for Beginners – API Security](https://www.youtube.com/watch?v=JfiWi8RjN-8) +- [@video@Everything you NEED to know about DevSecOps in 5 Minutes](https://www.youtube.com/watch?v=DTEaw2-Sa7I) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/ips@PYH_nc4bktIJoCJA6OC5E.md b/src/data/roadmaps/devsecops/content/ips@PYH_nc4bktIJoCJA6OC5E.md index e9c2f8c9a316..8e8712537878 100644 --- a/src/data/roadmaps/devsecops/content/ips@PYH_nc4bktIJoCJA6OC5E.md +++ b/src/data/roadmaps/devsecops/content/ips@PYH_nc4bktIJoCJA6OC5E.md @@ -1 +1,8 @@ -# IPS \ No newline at end of file +# Intrusion Prevention Systems + +An Intrusion Prevention System (IPS) is a network security tool that monitors network traffic for malicious activity. It actively works to block or prevent detected threats, going beyond simple detection to take automated action. This can include terminating malicious sessions, blocking specific IP addresses, or alerting administrators to potential security breaches. + +Visit the following resources to learn more: + +- [@article@What is an Intrusion Prevention System?](https://www.paloaltonetworks.com/cyberpedia/what-is-an-intrusion-prevention-system-ips) +- [@video@Intrusion Prevention System (IPS)](https://www.youtube.com/watch?v=7QuYupuic3Q) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/ir-lifecycle@X-pvSQnfB2W4992_3eOEy.md b/src/data/roadmaps/devsecops/content/ir-lifecycle@X-pvSQnfB2W4992_3eOEy.md index a057ea89379a..41cdea44b3a7 100644 --- a/src/data/roadmaps/devsecops/content/ir-lifecycle@X-pvSQnfB2W4992_3eOEy.md +++ b/src/data/roadmaps/devsecops/content/ir-lifecycle@X-pvSQnfB2W4992_3eOEy.md @@ -1 +1,10 @@ -# IR Lifecycle \ No newline at end of file +# IR Lifecycle + +The Incident Response (IR) Lifecycle is a structured approach to managing and resolving security incidents. It outlines the key phases involved, from initial preparation and detection to containment, eradication, recovery, and post-incident activity. This lifecycle ensures a consistent and effective response to security breaches, minimizing damage and restoring normal operations as quickly as possible. + +Visit the following resources to learn more: + +- [@article@Get to know the incident response lifecycle](https://www.atlassian.com/incident-management/incident-response/lifecycle#incident-response-lifecycle) +- [@article@What is incident response?](https://www.ibm.com/think/topics/incident-response) +- [@article@Incident Response Life Cycle](https://www.devo.com/threat-hunting-guide/incident-response-life-cycle/) +- [@video@Incident Response Lifecycle | IR Plan | NIST SP 800-61 Security Incident Handling| Cybersecurity](https://www.youtube.com/watch?v=IRSQEO0koYY) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/iso-27001@JBNiSzYD8DSnKfHoKRjMg.md b/src/data/roadmaps/devsecops/content/iso-27001@JBNiSzYD8DSnKfHoKRjMg.md index 58a0466c7007..ed7913857458 100644 --- a/src/data/roadmaps/devsecops/content/iso-27001@JBNiSzYD8DSnKfHoKRjMg.md +++ b/src/data/roadmaps/devsecops/content/iso-27001@JBNiSzYD8DSnKfHoKRjMg.md @@ -1 +1,8 @@ -# ISO 27001 \ No newline at end of file +# ISO 27001 + +ISO 27001 is an international standard that specifies the requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). It provides a framework of policies and procedures that includes all legal, physical, and technical controls involved in an organization's information risk management processes. The standard helps organizations protect their information assets through a systematic approach to security. + +Visit the following resources to learn more: + +- [@article@What is ISO/IEC 27001?](https://www.iso.org/standard/27001) +- [@article@What is ISO 27001? A quick and easy explanation](https://advisera.com/27001academy/what-is-iso-27001/) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/javascript--nodejs@BeUiBY18JHqCKVNtYAHH3.md b/src/data/roadmaps/devsecops/content/javascript--nodejs@BeUiBY18JHqCKVNtYAHH3.md index adbc31c60c6d..638c28875ab6 100644 --- a/src/data/roadmaps/devsecops/content/javascript--nodejs@BeUiBY18JHqCKVNtYAHH3.md +++ b/src/data/roadmaps/devsecops/content/javascript--nodejs@BeUiBY18JHqCKVNtYAHH3.md @@ -1 +1,14 @@ -# JavaScript / Node.js \ No newline at end of file +# JavaScript and Node.js + +JavaScript is a programming language primarily used for front-end web development, making websites interactive. Node.js, on the other hand, allows you to use JavaScript on the back-end, enabling server-side scripting and building scalable network applications. This means you can use JavaScript for both what the user sees and interacts with, and for the server logic that powers the application. + +Visit the following resources to learn more: + +- [@roadmap@Visit Dedicated JavaScript Roadmap](https://roadmap.sh/javascript) +- [@roadmap@Visit Dedicated Node.js Roadmap](https://roadmap.sh/nodejs) +- [@official@Introduction to Node.js](https://nodejs.org/en/learn/getting-started/introduction-to-nodejs) +- [@opensource@You Don't Know JS Yet (book series)](https://github.com/getify/You-Dont-Know-JS) +- [@article@The Modern JavaScript Tutorial](https://javascript.info/) +- [@article@JavaScript MDN Docs](https://developer.mozilla.org/en-US/docs/Web/JavaScript) +- [@book@Eloquent JavaScript textbook](https://eloquentjavascript.net/) +- [@video@JavaScript Crash Course for Beginners](https://www.youtube.com/watch?v=hdI2bqOjy3c) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/key-management-service@l76yFl4lSXnxg5DBbnnID.md b/src/data/roadmaps/devsecops/content/key-management-service@l76yFl4lSXnxg5DBbnnID.md index 9338144dbae0..afb9077131fe 100644 --- a/src/data/roadmaps/devsecops/content/key-management-service@l76yFl4lSXnxg5DBbnnID.md +++ b/src/data/roadmaps/devsecops/content/key-management-service@l76yFl4lSXnxg5DBbnnID.md @@ -1 +1,10 @@ -# Key Management Service \ No newline at end of file +# Key Management Service + +A Key Management Service (KMS) is a secure system for creating, storing, and managing cryptographic keys. It provides a centralized platform to control access to these keys, ensuring that sensitive data is protected through encryption. KMS solutions often include features like key rotation, auditing, and integration with other security tools to maintain the integrity and confidentiality of data. + +Visit the following resources to learn more: + +- [@article@AWS Key Management Service](https://docs.aws.amazon.com/kms/latest/developerguide/overview.html) +- [@article@Cloud Key Management](https://cloud.google.com/security/products/security-key-management?hl=en) +- [@video@What is AWS Key Management Service? | Amazon Web Services](https://www.youtube.com/watch?v=8Z0wsE2HoSo) +- [@video@Encryption with Cloud KMS Keys - GCP](https://www.youtube.com/watch?v=WKZC93y-aWI) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/kubernetes@YveqgdX6eNRFC1zU_q7r1.md b/src/data/roadmaps/devsecops/content/kubernetes@YveqgdX6eNRFC1zU_q7r1.md index ddf04c9b357a..ed41066c0423 100644 --- a/src/data/roadmaps/devsecops/content/kubernetes@YveqgdX6eNRFC1zU_q7r1.md +++ b/src/data/roadmaps/devsecops/content/kubernetes@YveqgdX6eNRFC1zU_q7r1.md @@ -1 +1,12 @@ -# Kubernetes \ No newline at end of file +# Kubernetes Security + +Kubernetes is a system for managing containerized applications. Securing Kubernetes involves protecting the cluster itself, the containers running within it, and the data they access. This includes controlling access to the Kubernetes API, securing network communication between pods, managing secrets and configurations safely, and ensuring the container images used are free from vulnerabilities. + +Visit the following resources to learn more: + +- [@roadmap@Visit the Dedicated Kubernetes Roadmap](https://roadmap.sh/kubernetes) +- [@official@Security](https://kubernetes.io/docs/concepts/security/) +- [@article@Kubernetes Security Cheat Sheet¶](https://cheatsheetseries.owasp.org/cheatsheets/Kubernetes_Security_Cheat_Sheet.html) +- [@article@7 Kubernetes Security Scanners to Use in Your DevSecOps Pipeline](https://thechief.io/c/editorial/7-kubernetes-security-scanners-to-use-in-your-devsecops-pipeline/) +- [@article@Starboard: Putting all the Kubernetes Security Pieces into One Place](https://thenewstack.io/starboard-putting-all-the-kubernetes-security-pieces-into-one-place/) +- [@article@Improve Security With Automated Image Scanning Through CI/CD](https://thenewstack.io/improve-security-with-automated-image-scanning-through-ci-cd/) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/large-scale-identity-strategy@XRnxOPVChkGLQSXX-kUmi.md b/src/data/roadmaps/devsecops/content/large-scale-identity-strategy@XRnxOPVChkGLQSXX-kUmi.md index 74a1cf94ddc2..4cd28daeb036 100644 --- a/src/data/roadmaps/devsecops/content/large-scale-identity-strategy@XRnxOPVChkGLQSXX-kUmi.md +++ b/src/data/roadmaps/devsecops/content/large-scale-identity-strategy@XRnxOPVChkGLQSXX-kUmi.md @@ -1 +1,10 @@ -# Large Scale Identity Strategy \ No newline at end of file +# Large Scale Identity Strategy + +A large-scale identity strategy defines how an organization manages and controls digital identities across a vast and complex environment. This includes defining policies, processes, and technologies for creating, managing, and authenticating users and devices, ensuring secure access to resources while maintaining scalability and usability. It addresses challenges like diverse user populations, multiple applications and systems, and the need for consistent security controls across the entire organization. + +Visit the following resources to learn more: + +- [@article@Securing Identities in 2025 – The Future of Identity Governance](https://www.lumos.com/blog/future-of-identity-governance) +- [@article@How modern identity strategies shape enterprise security](https://www.okta.com/blog/industry-insights/how-modern-identity-strategies-shape-enterprise-security/) +- [@article@Identity Governance and Identity Management](https://identitymanagementinstitute.org/identity-governance-and-identity-management/) +- [@article@What is Identity Governance and Administration (IGA)?](https://www.sailpoint.com/identity-library/identity-governance) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/learn-a-programming-language@v5FGKQc-_7NYEsWjmTEuq.md b/src/data/roadmaps/devsecops/content/learn-a-programming-language@v5FGKQc-_7NYEsWjmTEuq.md index 254bb5012349..efcea3b4bd9a 100644 --- a/src/data/roadmaps/devsecops/content/learn-a-programming-language@v5FGKQc-_7NYEsWjmTEuq.md +++ b/src/data/roadmaps/devsecops/content/learn-a-programming-language@v5FGKQc-_7NYEsWjmTEuq.md @@ -1 +1,3 @@ -# Learn a Programming Language \ No newline at end of file +# Programming Languages + +Programming languages are the fundamental tools used to build and automate software systems. In DevSecOps, knowing how to code is important because it allows you to analyze code for vulnerabilities, automate security tasks, and integrate security checks directly into the development pipeline. Knowing the languages your applications are built with enables you to proactively identify and address security risks early in the software development lifecycle. \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/least-privilege@rK-RToN5JRcclYl23TyYz.md b/src/data/roadmaps/devsecops/content/least-privilege@rK-RToN5JRcclYl23TyYz.md index 245746f41680..aea5789c4bd3 100644 --- a/src/data/roadmaps/devsecops/content/least-privilege@rK-RToN5JRcclYl23TyYz.md +++ b/src/data/roadmaps/devsecops/content/least-privilege@rK-RToN5JRcclYl23TyYz.md @@ -1 +1,10 @@ -# Least Privilege \ No newline at end of file +# Least Privilege + +Least privilege is the concept of granting users or processes only the minimum level of access necessary to perform their required tasks. This means limiting access rights to only what is strictly needed, avoiding broad or unnecessary permissions. The goal is to reduce the potential damage that can result from accidental or malicious actions, such as data breaches or system compromises. + +Visit the following resources to learn more: + +- [@article@What Is the Principle of Least Privilege?](https://www.aquasec.com/cloud-native-academy/application-security/the-principle-of-least-privilege-polp/) +- [@article@Intro to The Principle of Least Privilege (POLP)](https://www.crowdstrike.com/en-us/cybersecurity-101/identity-protection/principle-of-least-privilege-polp/) +- [@article@Six ways to apply the principle of least privilege to your Active Directory](https://specopssoft.com/blog/six-ways-to-apply-the-principle-of-least-privilege-to-your-active-directory/) +- [@video@What is the Principle of Least Privilege?](https://www.youtube.com/watch?v=8GZ6516Kao4) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/log-analysis@_Kr2_N8021tsZfa0wZ3Vu.md b/src/data/roadmaps/devsecops/content/log-analysis@_Kr2_N8021tsZfa0wZ3Vu.md index de17386e9699..13bd832b09f4 100644 --- a/src/data/roadmaps/devsecops/content/log-analysis@_Kr2_N8021tsZfa0wZ3Vu.md +++ b/src/data/roadmaps/devsecops/content/log-analysis@_Kr2_N8021tsZfa0wZ3Vu.md @@ -1 +1,11 @@ -# Log Analysis \ No newline at end of file +# Log Analysis + +Log analysis involves collecting, reviewing, and interpreting computer-generated records (logs) to identify patterns, anomalies, and potential security threats. These logs contain information about system events, user activities, and application behavior, providing valuable insights into the overall health and security posture of an environment. By examining log data, organizations can detect suspicious activities, troubleshoot issues, and improve their security defenses. + +Visit the following resources to learn more: + +- [@article@What is log analysis?](https://www.ibm.com/think/topics/log-analysis) +- [@article@Log Analysis: A Complete Introduction](https://www.splunk.com/en_us/blog/learn/log-analysis.html) +- [@article@Log Management: What DevOps Teams Need to Know](https://devops.com/log-management-what-devops-teams-need-to-know/) +- [@article@Introduction to Logs Management](https://sematext.com/guides/log-management) +- [@video@How to MASTER Logs as a BEGINNER in Cybersecurity](https://www.youtube.com/watch?v=GpG19jOYQVo&t=66s) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/monitoring@MMTCo21ap15MrPV64vKka.md b/src/data/roadmaps/devsecops/content/monitoring@MMTCo21ap15MrPV64vKka.md index 2ddbe89cb91f..cee5a92808c2 100644 --- a/src/data/roadmaps/devsecops/content/monitoring@MMTCo21ap15MrPV64vKka.md +++ b/src/data/roadmaps/devsecops/content/monitoring@MMTCo21ap15MrPV64vKka.md @@ -1 +1,8 @@ -# Monitoring \ No newline at end of file +# Monitoring + +Monitoring involves the systematic collection and analysis of data to track the performance, health, and security of systems and applications. It provides real-time visibility into the operational state, allowing teams to identify anomalies, detect potential issues, and proactively address them before they impact users or the overall system stability. This process typically involves setting up alerts and dashboards to visualize key metrics and logs, enabling quick response and informed decision-making. + +Visit the following resources to learn more: + +- [@article@What’s IT Monitoring? IT Systems Monitoring Explained](https://www.splunk.com/en_us/blog/learn/it-monitoring.html) +- [@article@IT Monitoring: An Introductory Guide With 5 Monitoring Strategies](https://www.suse.com/c/observability-it-monitoring-an-introductory-guide-with-5-monitoring-strategies/) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/multi-region-security-planning@eALB73XbtnFF3-PYcLcZq.md b/src/data/roadmaps/devsecops/content/multi-region-security-planning@eALB73XbtnFF3-PYcLcZq.md index a522d72b6335..c7f788a8e09e 100644 --- a/src/data/roadmaps/devsecops/content/multi-region-security-planning@eALB73XbtnFF3-PYcLcZq.md +++ b/src/data/roadmaps/devsecops/content/multi-region-security-planning@eALB73XbtnFF3-PYcLcZq.md @@ -1 +1,10 @@ -# Multi Region Security Planning \ No newline at end of file +# Multi-Region Security Planning + +Multi-Region Security Planning involves designing and implementing security measures across multiple geographical locations where an application or service is deployed. This includes considering factors like data residency requirements, regional compliance regulations, and the potential for geographically isolated failures or attacks. The goal is to ensure consistent security posture and resilience, regardless of the region, while also optimizing for performance and cost. + +Visit the following resources to learn more: + +- [@article@7 Reasons to Have a Multi-Region Application Architecture](https://controlplane.com/community-blog/post/multi-region-application-architecture) +- [@article@Day 9 : System Design concept : Multi-Region Deployment](https://medium.com/@shivanimutke2501/multi-region-deployments-3ea97c59d326) +- [@article@How to build a multi-Region AWS Security Hub analytic pipeline and visualize Security Hub data](https://aws.amazon.com/blogs/security/how-to-build-a-multi-region-aws-security-hub-analytic-pipeline/) +- [@video@AWS re:Invent 2022 - Global security at maximum velocity: Multi-Region and hybrid DevSecOps (PRT090)](https://www.youtube.com/watch?v=l3jLJq8bt1E) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/nessus@EqbzAy56Tu8asKNFzuti_.md b/src/data/roadmaps/devsecops/content/nessus@EqbzAy56Tu8asKNFzuti_.md index 45f96e4dd81f..e72e5daf54c4 100644 --- a/src/data/roadmaps/devsecops/content/nessus@EqbzAy56Tu8asKNFzuti_.md +++ b/src/data/roadmaps/devsecops/content/nessus@EqbzAy56Tu8asKNFzuti_.md @@ -1 +1,11 @@ -# Nessus \ No newline at end of file +# Nessus + +Nessus is a widely used vulnerability scanner that helps identify security weaknesses in computer systems, networks, and applications. It works by performing a variety of tests, including port scanning, service enumeration, and vulnerability identification, to detect potential security flaws. Nessus provides detailed reports on identified vulnerabilities, along with recommendations for remediation. + +Visit the following resources to learn more: + +- [@official@Nessus](https://www.tenable.com/products/nessus) +- [@article@Get Started with Tenable Nessus](https://docs.tenable.com/nessus/Content/GetStarted.htm) +- [@article@Nessus vulnerability scanner: Beginner’s guide](https://www.hackercoolmagazine.com/nessus-vulnerability-scanner-beginners-guide/?srsltid=AfmBOooPg3-kiYjXCcYQ3uyz0AwmLHnUpJ4Bs2u77HmhoDrA4EJKe7Nz) +- [@article@Vulnerability Scanning with Nessus: A Practical Guide](https://www.infosectrain.com/blog/vulnerability-scanning-with-nessus-a-practical-guide/) +- [@video@Nessus Vulnerability Scanner Tutorial (Cyber Security Tools)](https://www.youtube.com/watch?v=x87gbgQD4eg) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/network-segmentation@Cr0VAtdu0ZYPOkUU_7vjR.md b/src/data/roadmaps/devsecops/content/network-segmentation@Cr0VAtdu0ZYPOkUU_7vjR.md index 8d6f0a930989..26936c1fe635 100644 --- a/src/data/roadmaps/devsecops/content/network-segmentation@Cr0VAtdu0ZYPOkUU_7vjR.md +++ b/src/data/roadmaps/devsecops/content/network-segmentation@Cr0VAtdu0ZYPOkUU_7vjR.md @@ -1 +1,9 @@ -# Network Segmentation \ No newline at end of file +# Network Segmentation + +Network segmentation divides a network into smaller, isolated segments or subnetworks. This is done to improve security, performance, and manageability. By isolating sensitive data and systems, segmentation limits the impact of security breaches, reduces the attack surface, and simplifies compliance efforts. + +Visit the following resources to learn more: + +- [@article@What Is Network Segmentation? - Cisco](https://www.cisco.com/site/us/en/learn/topics/security/what-is-network-segmentation.html) +- [@article@What Is Network Segmentation?](https://www.paloaltonetworks.com/cyberpedia/what-is-network-segmentation) +- [@video@What is Network Segmentation?](https://www.youtube.com/watch?v=ouvqTP3RajU) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/networking-basics@84HlHz8bHCDtAPGpq7LpX.md b/src/data/roadmaps/devsecops/content/networking-basics@84HlHz8bHCDtAPGpq7LpX.md index 327f2f18c123..82c7703f3e7b 100644 --- a/src/data/roadmaps/devsecops/content/networking-basics@84HlHz8bHCDtAPGpq7LpX.md +++ b/src/data/roadmaps/devsecops/content/networking-basics@84HlHz8bHCDtAPGpq7LpX.md @@ -1 +1,9 @@ -# Networking Basics \ No newline at end of file +# Networking Basics + +Networking involves understanding how devices communicate with each other over a network. This includes concepts like IP addresses, which uniquely identify devices; protocols like TCP/IP, which govern data transmission; and network topologies, which describe the physical or logical arrangement of network components. Understanding these fundamentals is crucial for configuring, troubleshooting, and securing network infrastructure. + +Visit the following resources to learn more: + +- [@article@Khan Academy - Networking](ttps://www.khanacademy.org/computing/code-org/computers-and-the-internet) +- [@video@Computer Networking Course - Network Engineering](https://www.youtube.com/watch?v=qiQR5rTSshw) +- [@video@Networking Video Series (21 videos)](https://www.youtube.com/playlist?list=PLEbnTDJUr_IegfoqO4iPnPYQui46QqT0j) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/nist@yMb0-A55r1KEsLntOmp5F.md b/src/data/roadmaps/devsecops/content/nist@yMb0-A55r1KEsLntOmp5F.md index ce8471b9951d..5bb4cc47fa55 100644 --- a/src/data/roadmaps/devsecops/content/nist@yMb0-A55r1KEsLntOmp5F.md +++ b/src/data/roadmaps/devsecops/content/nist@yMb0-A55r1KEsLntOmp5F.md @@ -1 +1,8 @@ -# NIST \ No newline at end of file +# NIST Cybersecurity Framework + +The NIST Cybersecurity Framework (CSF) is a voluntary framework primarily intended for organizations to manage and reduce cybersecurity risks. It provides a set of standards, guidelines, and best practices to help organizations assess their current cybersecurity posture, identify areas for improvement, and develop a roadmap for enhancing their security capabilities. The framework is structured around five core functions: Identify, Protect, Detect, Respond, and Recover, which are further broken down into categories and subcategories to provide a detailed and actionable approach to cybersecurity risk management. + +Visit the following resources to learn more: + +- [@article@NIST](https://www.nist.gov/) +- [@article@What is NIST?](https://www.encryptionconsulting.com/education-center/nist/) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/nmap-basics@JyXv5vPHCjSBc0J-PpUEV.md b/src/data/roadmaps/devsecops/content/nmap-basics@JyXv5vPHCjSBc0J-PpUEV.md index bc692e14bef0..2b3ec55c4834 100644 --- a/src/data/roadmaps/devsecops/content/nmap-basics@JyXv5vPHCjSBc0J-PpUEV.md +++ b/src/data/roadmaps/devsecops/content/nmap-basics@JyXv5vPHCjSBc0J-PpUEV.md @@ -1 +1,10 @@ -# Nmap basics \ No newline at end of file +# Nmap Basics + +Nmap (Network Mapper) is a free and open-source utility used for network discovery and security auditing. It's used to discover hosts and services on a computer network by sending packets and analyzing the responses. Nmap provides information about host availability, operating systems, firewall status, and other network characteristics. + +Visit the following resources to learn more: + +- [@official@NMAP](https://nmap.org/) +- [@article@NMAP Cheat Sheet](https://www.tutorialspoint.com/nmap-cheat-sheet) +- [@video@Nmap Tutorial to find Network Vulnerabilities](https://www.youtube.com/watch?v=4t4kBkMsDbQ) +- [@video@NMAP Full Guide (You will never ask about NMAP again)](https://www.youtube.com/watch?v=JHAMj2vN2oU&t=33s) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/nmap@0Tci_Ks8jXisin90VqB_D.md b/src/data/roadmaps/devsecops/content/nmap@0Tci_Ks8jXisin90VqB_D.md index 118a3277e424..150fb809454b 100644 --- a/src/data/roadmaps/devsecops/content/nmap@0Tci_Ks8jXisin90VqB_D.md +++ b/src/data/roadmaps/devsecops/content/nmap@0Tci_Ks8jXisin90VqB_D.md @@ -1 +1,9 @@ -# Nmap \ No newline at end of file +# Nmap + +Nmap (Network Mapper) is a free and open-source utility used for network discovery and security auditing. It's designed to scan networks to determine available hosts, the services they offer, the operating systems they run, packet filters/firewalls, and many other characteristics. Nmap works by sending packets to target hosts and analyzing the responses. + +Visit the following resources to learn more: + +- [@official@NMAP](https://nmap.org/) +- [@article@NMAP Cheat Sheet](https://www.tutorialspoint.com/nmap-cheat-sheet) +- [@video@Nmap Tutorial to find Network Vulnerabilities](https://www.youtube.com/watch?v=4t4kBkMsDbQ) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/openvas@mIcs0fp3T9IwwAvgYyKnY.md b/src/data/roadmaps/devsecops/content/openvas@mIcs0fp3T9IwwAvgYyKnY.md index 7631cc9c6eea..1b720f54d278 100644 --- a/src/data/roadmaps/devsecops/content/openvas@mIcs0fp3T9IwwAvgYyKnY.md +++ b/src/data/roadmaps/devsecops/content/openvas@mIcs0fp3T9IwwAvgYyKnY.md @@ -1 +1,10 @@ -# OpenVAS \ No newline at end of file +# OpenVAS + +OpenVAS (Open Vulnerability Assessment System) is a comprehensive vulnerability scanner. It's a framework of several services and tools offering vulnerability management. OpenVAS helps identify security weaknesses in systems and networks by performing tests against known vulnerabilities. It's often used for vulnerability assessments and penetration testing. + +Visit the following resources to learn more: + +- [@official@OpenVAS](https://www.openvas.org/) +- [@opensource@openvas](https://github.com/greenbone/openvas-scanner) +- [@article@OpenVAS Tutorial and Tips](https://hackertarget.com/openvas-tutorial-tips/) +- [@video@Complete Beginner OpenVAS Vulnerability Scanning Tutorial - Cyber Security // Kali Linux](https://www.youtube.com/watch?v=LGh2SetiKaY) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/owasp-top-10@igGASa7AknApWtq57v2Qx.md b/src/data/roadmaps/devsecops/content/owasp-top-10@igGASa7AknApWtq57v2Qx.md index f939211c3a40..7b595b682dca 100644 --- a/src/data/roadmaps/devsecops/content/owasp-top-10@igGASa7AknApWtq57v2Qx.md +++ b/src/data/roadmaps/devsecops/content/owasp-top-10@igGASa7AknApWtq57v2Qx.md @@ -1 +1,8 @@ -# OWASP Top 10 \ No newline at end of file +# OWASP Top 10 + +The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications. It's a list that is updated periodically to reflect the changing threat landscape and provides actionable guidance on how to mitigate these risks. The list includes vulnerabilities like injection flaws, broken authentication, and security misconfigurations. + +Visit the following resources to learn more: + +- [@article@OWASP Top 10](https://owasp.org/www-project-top-ten/) +- [@article@What is the OWASP Top 10?](https://www.cloudflare.com/learning/security/threats/owasp-top-10/) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/pasta@6A_3p3CzwxFVjJaXahEVr.md b/src/data/roadmaps/devsecops/content/pasta@6A_3p3CzwxFVjJaXahEVr.md index 9bc02a7240b8..853960595d4b 100644 --- a/src/data/roadmaps/devsecops/content/pasta@6A_3p3CzwxFVjJaXahEVr.md +++ b/src/data/roadmaps/devsecops/content/pasta@6A_3p3CzwxFVjJaXahEVr.md @@ -1 +1,9 @@ -# PASTA \ No newline at end of file +# PASTA + +PASTA (Process for Attack Simulation and Threat Analysis) is a risk-centric threat modeling methodology. It focuses on aligning security with business objectives by understanding the potential impact of threats on the organization's goals. It involves a seven-stage process that includes defining objectives, technical risk analysis, application decomposition, threat analysis, vulnerability analysis, attack modeling, and risk & impact analysis. + +Visit the following resources to learn more: + +- [@article@PASTA Threat Modeling](https://threat-modeling.com/pasta-threat-modeling/) +- [@article@Process for Attack Simulation & Threat Analysis](https://cdn2.hubspot.net/hubfs/4598121/Content%20PDFs/VerSprite-PASTA-Threat-Modeling-Process-for-Attack-Simulation-Threat-Analysis.pdf) +- [@video@PASTA Threat Modeling for Cybersecurity | Threat Modeling Example](https://www.youtube.com/watch?v=s21aI-jqIVM&t=144s) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/pki-design-and-failover@nEYMyTKfRDqA2Uc1tCwxv.md b/src/data/roadmaps/devsecops/content/pki-design-and-failover@nEYMyTKfRDqA2Uc1tCwxv.md index cbc8b537b056..c068da4d62da 100644 --- a/src/data/roadmaps/devsecops/content/pki-design-and-failover@nEYMyTKfRDqA2Uc1tCwxv.md +++ b/src/data/roadmaps/devsecops/content/pki-design-and-failover@nEYMyTKfRDqA2Uc1tCwxv.md @@ -1 +1,9 @@ -# PKI Design and Failover \ No newline at end of file +# PKI Design and Failover + +Public Key Infrastructure (PKI) is a system for creating, managing, distributing, using, storing, and revoking digital certificates. These certificates are used to verify the identity of users, devices, and services, enabling secure communication and data exchange. PKI design involves selecting appropriate certificate authorities, defining certificate policies, and establishing procedures for key management. Failover mechanisms ensure the continued availability of PKI services in the event of a system failure, preventing disruptions to security and operations. + +Visit the following resources to learn more: + +- [@article@What is PKI?](https://cpl.thalesgroup.com/faq/public-key-infrastructure-pki/what-public-key-infrastructure-pki) +- [@article@What Is Public Key Infrastructure (PKI) & How Does It Work?](https://www.okta.com/identity-101/public-key-infrastructure/) +- [@article@Fail Over Pattern - High Availability](https://www.filecloud.com/blog/2015/12/architectural-patterns-for-high-availability/) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/powershell@91lxZEOZ6KF3tY9id2Au8.md b/src/data/roadmaps/devsecops/content/powershell@91lxZEOZ6KF3tY9id2Au8.md index 9a2afc009b88..d506c3ac6005 100644 --- a/src/data/roadmaps/devsecops/content/powershell@91lxZEOZ6KF3tY9id2Au8.md +++ b/src/data/roadmaps/devsecops/content/powershell@91lxZEOZ6KF3tY9id2Au8.md @@ -1 +1,11 @@ -# PowerShell \ No newline at end of file +# PowerShell + +PowerShell is a cross-platform task automation and configuration management framework, consisting of a command-line shell and associated scripting language. It allows users to automate administrative tasks on both local and remote Windows, Linux, and macOS systems. PowerShell uses cmdlets (pronounced "command-lets") to perform specific actions, and these cmdlets can be combined into scripts to automate complex processes. + +Visit the following resources to learn more: + +- [@official@What is PowerShell?](https://learn.microsoft.com/en-us/powershell/scripting/overview?view=powershell-7.5) +- [@official@PowerShell Docs](https://learn.microsoft.com/en-us/powershell/) +- [@opensource@Powershell](https://github.com/PowerShell/PowerShell) +- [@video@Learn PowerShell in Less Than 2 Hours](https://www.youtube.com/watch?v=ZOoCaWyifmI) +- [@video@PowerShell Made Easy](https://www.youtube.com/watch?v=b7SGPchYRn0) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/python@txcfATz3k89CedFrSZMWj.md b/src/data/roadmaps/devsecops/content/python@txcfATz3k89CedFrSZMWj.md index 92106a8281ca..ae524cdc76cb 100644 --- a/src/data/roadmaps/devsecops/content/python@txcfATz3k89CedFrSZMWj.md +++ b/src/data/roadmaps/devsecops/content/python@txcfATz3k89CedFrSZMWj.md @@ -1 +1,12 @@ -# Python \ No newline at end of file +# Python in DevSecOps + +Python is a versatile programming language known for its readability and extensive libraries. It's used to automate tasks, build tools, and analyze data. Its simple syntax makes it easier to learn and use, while its powerful libraries allow for complex operations. This makes it a valuable asset for automating security tasks, integrating security tools, and analyzing security data within a DevSecOps environment. + +Visit the following resources to learn more: + +- [@roadmap@Visit the Dedicated Python Roadmap](https://roadmap.sh/python) +- [@official@Python Website](https://www.python.org/) +- [@article@Python - Wiki](https://en.wikipedia.org/wiki/Python_(programming_language)) +- [@article@Tutorial Series: How to Code in Python](https://www.digitalocean.com/community/tutorials/how-to-write-your-first-python-3-program) +- [@article@Google's Python Class](https://developers.google.com/edu/python) +- [@video@Learn Python - Full Course](https://www.youtube.com/watch?v=4M87qBgpafk) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/qualys@Pkud7rAzdV5asF5aGAq7z.md b/src/data/roadmaps/devsecops/content/qualys@Pkud7rAzdV5asF5aGAq7z.md index 9ca88750dd2e..d14fed627692 100644 --- a/src/data/roadmaps/devsecops/content/qualys@Pkud7rAzdV5asF5aGAq7z.md +++ b/src/data/roadmaps/devsecops/content/qualys@Pkud7rAzdV5asF5aGAq7z.md @@ -1 +1,11 @@ -# Qualys \ No newline at end of file +# Qualys + +Qualys is a cloud-based platform that provides a suite of security and compliance solutions. It helps organizations identify vulnerabilities in their IT infrastructure, including servers, applications, and networks. Qualys offers various scanning capabilities, such as vulnerability management, web application scanning, and compliance monitoring, all accessible through a centralized platform. + +Visit the following resources to learn more: + +- [@official@Qualys](https://www.qualys.com/) +- [@official@Qualys VMDR Getting Started Guide](https://docs.qualys.com/en/vmdr/getting-started-guide/vmdr/getting_started_guide.htm) +- [@official@Training Videos](https://docs.qualys.com/en/pm/latest/other_resources/training_videos.htm) +- [@video@Learn Qualys Vulnerability Management (Home Lab)](https://www.youtube.com/watch?v=l5At5WDj7v0&t=90s) +- [@video@Qualys File Integrity Monitoring (FIM) Overview](https://www.youtube.com/watch?v=533YWyWk8X8&list=PL86wiCAX5vmQIninZod7FzuGBWVbb0vFv) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/response-strategy@6Q2VIdeSuBZzo7c1qnYLG.md b/src/data/roadmaps/devsecops/content/response-strategy@6Q2VIdeSuBZzo7c1qnYLG.md index 12c68ad35466..26829958e395 100644 --- a/src/data/roadmaps/devsecops/content/response-strategy@6Q2VIdeSuBZzo7c1qnYLG.md +++ b/src/data/roadmaps/devsecops/content/response-strategy@6Q2VIdeSuBZzo7c1qnYLG.md @@ -1 +1,9 @@ -# Response Strategy \ No newline at end of file +# Response Strategy + +A response strategy outlines the planned actions an organization will take when a security incident occurs. It defines roles, responsibilities, communication channels, and procedures for identifying, containing, eradicating, and recovering from security breaches. A well-defined strategy ensures a coordinated and effective response, minimizing damage and restoring normal operations as quickly as possible. + +Visit the following resources to learn more: + +- [@article@How to Create a Cybersecurity Incident Response Plan](https://hyperproof.io/resource/cybersecurity-incident-response-plan/) +- [@article@10 Tips to Improve Incident Response Strategy](https://www.logsign.com/blog/10-tips-for-improving-your-incident-response-strategy/) +- [@article@Incident management for high-velocity teams](https://www.atlassian.com/incident-management/incident-response) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/risk-quantification@V97S_0PrVw3jjHnmcxDgJ.md b/src/data/roadmaps/devsecops/content/risk-quantification@V97S_0PrVw3jjHnmcxDgJ.md index 13685980b056..54d5ad5640a8 100644 --- a/src/data/roadmaps/devsecops/content/risk-quantification@V97S_0PrVw3jjHnmcxDgJ.md +++ b/src/data/roadmaps/devsecops/content/risk-quantification@V97S_0PrVw3jjHnmcxDgJ.md @@ -1 +1,9 @@ -# Risk Quantification \ No newline at end of file +# Risk Quantification + +Risk quantification is the process of assigning measurable values (often monetary) to the potential impact of identified risks. It involves analyzing the probability of a risk occurring and the potential damage it could cause to an organization's assets, operations, or reputation. This allows for a more objective comparison of different risks and helps prioritize mitigation efforts based on their potential financial or operational impact. + +Visit the following resources to learn more: + +- [@article@What is a cybersecurity risk assessment?](https://www.ibm.com/think/topics/cybersecurity-risk-assessment) +- [@article@What Is a Cybersecurity Risk Assessment?](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-risk-assessment) +- [@article@What is Risk Quantification – Fundamentals and Techniques](https://www.v-comply.com/blog/how-to-quantify-risks-in-financial-services/) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/role-based-access@9Tea1ge_l1fls0fyPxMPG.md b/src/data/roadmaps/devsecops/content/role-based-access@9Tea1ge_l1fls0fyPxMPG.md index 186a4ff5bd6a..7a28ca1d2d66 100644 --- a/src/data/roadmaps/devsecops/content/role-based-access@9Tea1ge_l1fls0fyPxMPG.md +++ b/src/data/roadmaps/devsecops/content/role-based-access@9Tea1ge_l1fls0fyPxMPG.md @@ -1 +1,9 @@ -# Role Based Access \ No newline at end of file +# Role-Based Access Control + +Role-Based Access Control (RBAC) is a method of regulating access to computer or network resources based on the roles of individual users within an organization. It assigns permissions and privileges to roles, and then assigns users to those roles, simplifying access management and improving security by ensuring users only have the access necessary to perform their job functions. + +Visit the following resources to learn more: + +- [@article@Role-Based Access Control](https://auth0.com/docs/manage-users/access-control/rbac) +- [@article@What is Role-based Access Control (RBAC)?](https://www.redhat.com/en/topics/security/what-is-role-based-access-control) +- [@video@Role-based Access Control (RBAC) vs. Attribute-based Access Control (ABAC)](https://www.youtube.com/watch?v=rvZ35YW4t5k) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/root-cause-analysis@VyzLkdcLgxfSSFuUS0xO_.md b/src/data/roadmaps/devsecops/content/root-cause-analysis@VyzLkdcLgxfSSFuUS0xO_.md index 7276feed1250..0f7740a4b2e9 100644 --- a/src/data/roadmaps/devsecops/content/root-cause-analysis@VyzLkdcLgxfSSFuUS0xO_.md +++ b/src/data/roadmaps/devsecops/content/root-cause-analysis@VyzLkdcLgxfSSFuUS0xO_.md @@ -1 +1,8 @@ -# Root Cause Analysis \ No newline at end of file +# Root Cause Analysis + +Root Cause Analysis (RCA) is a systematic process for identifying the fundamental reasons behind a problem or incident. It goes beyond addressing the immediate symptoms to uncover the underlying factors that led to the issue. The goal of RCA is to implement corrective actions that prevent the problem from recurring in the future. + +Visit the following resources to learn more: + +- [@article@What is root cause analysis (RCA) in software development?](https://www.elastic.co/what-is/root-cause-analysis) +- [@video@hat is Root Cause Analysis (RCA)?](https://www.youtube.com/watch?v=7t3lTYEd_PM) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/ruby@nKthK-OsFO0TGwptD-Dme.md b/src/data/roadmaps/devsecops/content/ruby@nKthK-OsFO0TGwptD-Dme.md index cf37b2083995..036b02e27b3a 100644 --- a/src/data/roadmaps/devsecops/content/ruby@nKthK-OsFO0TGwptD-Dme.md +++ b/src/data/roadmaps/devsecops/content/ruby@nKthK-OsFO0TGwptD-Dme.md @@ -1 +1,9 @@ -# Ruby \ No newline at end of file +# Ruby in DevSecOps + +Ruby is a dynamic, open-source programming language known for its simplicity and readability. Its flexible syntax and powerful features make it useful for automating tasks, building tools, and scripting, which are all valuable in a DevSecOps environment. Ruby's extensive ecosystem of gems (libraries) provides pre-built solutions for various security and automation needs, allowing teams to quickly implement and integrate security practices into their development pipelines. + +Visit the following resources to learn more: + +- [@official@Ruby](https://www.ruby-lang.org/en/) +- [@opensource@Ruby Lang](https://github.com/ruby/ruby) +- [@video@Ruby Programming Language - Full Course](https://www.youtube.com/watch?app=desktop&v=t_ispmWmdjY&t=0s) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/rust@V_-gY34XcyIqPcLKtDJZr.md b/src/data/roadmaps/devsecops/content/rust@V_-gY34XcyIqPcLKtDJZr.md index 8fc1f9db25f7..2ebc3d9a720f 100644 --- a/src/data/roadmaps/devsecops/content/rust@V_-gY34XcyIqPcLKtDJZr.md +++ b/src/data/roadmaps/devsecops/content/rust@V_-gY34XcyIqPcLKtDJZr.md @@ -1 +1,11 @@ -# Rust \ No newline at end of file +# Rust + +Rust is a systems programming language focused on safety, speed, and concurrency. Its memory safety features, achieved through a borrow checker and ownership system, help prevent common vulnerabilities like buffer overflows and data races. This makes Rust a valuable tool for building secure and reliable software components within a DevSecOps environment, especially for performance-critical applications and infrastructure tools. + +Visit the following resources to learn more: + +- [@roadmap@Visit de Dedicated Rust Roadmap](https://roadmap.sh/rust) +- [@official@Rust Programming Language](https://rust-lang.org/) +- [@official@Rust by Example](https://doc.rust-lang.org/stable/rust-by-example/index.html#rust-by-example) +- [@opensource@Rust Book](https://edu.anarcho-copy.org/Programming%20Languages/Rust/rust-programming-language-steve-klabnik.pdf) +- [@opensource@Rust Book Interactive](https://rust-book.cs.brown.edu/experiment-intro.html) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/sboms@MF8AYjKun5SHtumTyuurJ.md b/src/data/roadmaps/devsecops/content/sboms@MF8AYjKun5SHtumTyuurJ.md index 9a156233f752..2d0ddecaed7e 100644 --- a/src/data/roadmaps/devsecops/content/sboms@MF8AYjKun5SHtumTyuurJ.md +++ b/src/data/roadmaps/devsecops/content/sboms@MF8AYjKun5SHtumTyuurJ.md @@ -1 +1,11 @@ -# SBOMS \ No newline at end of file +# SBOMs + +A Software Bill of Materials (SBOM) is a comprehensive inventory of all components, libraries, and dependencies used in building a software application. It's essentially a list that details the ingredients of your software, much like a nutrition label for food. This allows developers and security teams to understand the composition of their software and identify potential vulnerabilities or licensing issues associated with those components. + +Visit the following resources to learn more: + +- [@article@Software Bill of Materials (SBOM)](https://www.cisa.gov/sbom) +- [@article@The ultimate guide to SBOMs](https://about.gitlab.com/blog/the-ultimate-guide-to-sboms/) +- [@article@What Is a Software Bill of Materials (SBOM)?](https://www.paloaltonetworks.com/cyberpedia/what-is-software-bill-materials-sbom) +- [@video@Thinking Elixir Podcast 245: Supply Chain Security and SBoMs](https://www.youtube.com/watch?v=jYkV9n4WW-Y) +- [@video@The Rise of Software Bill of Materials (SBOMs) – A Growing Necessity](https://www.youtube.com/watch?v=Vqn9P6gEM5I) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/scripting-knowledge@wjJPzrFJBNYOD3SJLzW2M.md b/src/data/roadmaps/devsecops/content/scripting-knowledge@wjJPzrFJBNYOD3SJLzW2M.md index 40b3fdd96c91..22c369c2e4a1 100644 --- a/src/data/roadmaps/devsecops/content/scripting-knowledge@wjJPzrFJBNYOD3SJLzW2M.md +++ b/src/data/roadmaps/devsecops/content/scripting-knowledge@wjJPzrFJBNYOD3SJLzW2M.md @@ -1 +1,11 @@ -# Scripting Knowledge \ No newline at end of file +# Scripting Knowledge + +Scripting involves the ability to write and understand scripts, which are sets of instructions executed by a computer. These scripts automate tasks, configure systems, and manage infrastructure. They are typically written in languages like Python or shells like Bash or PowerShell. They allow for efficient and repeatable execution of complex operations. + +Visit the following resources to learn more: + +- [@article@Scripting language - Wikipedia](https://en.wikipedia.org/wiki/Scripting_language) +- [@article@What is scripting?](https://coralogix.com/blog/what-is-scripting/) +- [@video@What's the difference between Programming and Scripting?](https://www.youtube.com/watch?v=7-0iBZxNq74) +- [@video@ash Scripting Tutorial – Linux Shell Script and Command Line for Beginners](https://www.freecodecamp.org/news/bash-scripting-tutorial-linux-shell-script-and-command-line-for-beginners/) +- [@video@Bash Scripting on Linux](https://www.youtube.com/playlist?list=PLT98CRl2KxKGj-VKtApD8-zCqSaN2mD4w) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/secure-api-design@aMu0e6xQ3Rak44F_I7Ish.md b/src/data/roadmaps/devsecops/content/secure-api-design@aMu0e6xQ3Rak44F_I7Ish.md index 54231843a95b..f9fd47caaac1 100644 --- a/src/data/roadmaps/devsecops/content/secure-api-design@aMu0e6xQ3Rak44F_I7Ish.md +++ b/src/data/roadmaps/devsecops/content/secure-api-design@aMu0e6xQ3Rak44F_I7Ish.md @@ -1 +1,10 @@ -# Secure API Design \ No newline at end of file +# Secure API Design + +Secure API design focuses on building application programming interfaces (APIs) that are resilient to attacks and protect sensitive data. This involves implementing security measures throughout the API lifecycle, from initial design and development to deployment and maintenance. Key considerations include authentication, authorization, input validation, encryption, and rate limiting to prevent unauthorized access, data breaches, and other security vulnerabilities. + +Visit the following resources to learn more: + +- [@roadmap@Visit the Dedicated API Design Roadmap](https://roadmap.sh/api-design) +- [@roadmap@API Security Best Practices](https://roadmap.sh/api-security-best-practices) +- [@article@OWASP Project API Security](https://owasp.org/API-Security/editions/2023/en/0x00-toc/) +- [@video@API Security Fundamentals – Course for Beginners](https://www.youtube.com/watch?v=R-4_DbV1Su4) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/secure-coding@iHd6XNAUGXn3_d-I_YtTM.md b/src/data/roadmaps/devsecops/content/secure-coding@iHd6XNAUGXn3_d-I_YtTM.md index 8747001041f2..265db8c0ad8b 100644 --- a/src/data/roadmaps/devsecops/content/secure-coding@iHd6XNAUGXn3_d-I_YtTM.md +++ b/src/data/roadmaps/devsecops/content/secure-coding@iHd6XNAUGXn3_d-I_YtTM.md @@ -1 +1,9 @@ -# Secure Coding \ No newline at end of file +# Secure Coding + +Secure coding involves developing software applications in a way that prevents vulnerabilities and reduces the risk of security breaches. It encompasses a set of practices and guidelines that developers follow throughout the software development lifecycle to minimize potential flaws that attackers could exploit. This includes techniques like input validation, output encoding, and proper error handling to ensure the application is resilient against common security threats. + +Visit the following resources to learn more: + +- [@article@What Is Secure Coding? Best Practices and Techniques to Apply](https://www.legitsecurity.com/aspm-knowledge-base/what-is-secure-coding) +- [@article@What Is Secure Coding? Best Practices and Techniques to Apply](https://www.securecoding.org/) +- [@video@Secure Coding Techniques - SY0-601 CompTIA Security+ : 2.3](https://www.youtube.com/watch?v=IEIGEjy-W4Q) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/secure-network-zoning@ixiKWBp8m4tP55dBYFzRL.md b/src/data/roadmaps/devsecops/content/secure-network-zoning@ixiKWBp8m4tP55dBYFzRL.md index 4c6af6ea251a..12c98bc5c00d 100644 --- a/src/data/roadmaps/devsecops/content/secure-network-zoning@ixiKWBp8m4tP55dBYFzRL.md +++ b/src/data/roadmaps/devsecops/content/secure-network-zoning@ixiKWBp8m4tP55dBYFzRL.md @@ -1 +1,9 @@ -# Secure Network Zoning \ No newline at end of file +# Secure Network Zoning + +Secure network zoning involves dividing a network into distinct segments or zones, each with its own security policies and access controls. This segmentation limits the impact of a security breach by containing it within a specific zone, preventing attackers from easily moving laterally across the entire network. By implementing strict rules for traffic flow between zones, organizations can minimize the attack surface and protect sensitive data and systems. + +Visit the following resources to learn more: + +- [@article@Security zones](https://www.ibm.com/docs/en/storage-ceph/8.0.0?topic=management-security-zones) +- [@article@Network Segmentation: Secure Your Network, Contain Attacks](https://www.tufin.com/blog/network-segmentation-secure-your-network) +- [@article@Security Zoning in Network Architecture](https://medium.com/@aman.bansal93/security-zoning-in-network-architecture-ff7693b91556) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/sha-256@LKMBv-M9k71yrR2WzN4bK.md b/src/data/roadmaps/devsecops/content/sha-256@LKMBv-M9k71yrR2WzN4bK.md index a3334d6e5faa..7361eae16544 100644 --- a/src/data/roadmaps/devsecops/content/sha-256@LKMBv-M9k71yrR2WzN4bK.md +++ b/src/data/roadmaps/devsecops/content/sha-256@LKMBv-M9k71yrR2WzN4bK.md @@ -1 +1,11 @@ -# SHA 256 \ No newline at end of file +# SHA-256 + +SHA-256 (Secure Hash Algorithm 256-bit) is a cryptographic hash function that generates a nearly unique 256-bit (32-byte) hash from any input data. This hash acts as a digital fingerprint, meaning even a small change to the input will result in a drastically different hash value. It's primarily used for verifying data integrity, digital signatures, and password storage due to its one-way nature, making it computationally infeasible to reverse the process and derive the original input from the hash. + +Visit the following resources to learn more: + +- [@article@A Definitive Guide to Learn The SHA-256 (Secure Hash Algorithms)](https://www.simplilearn.com/tutorials/cyber-security-tutorial/sha-256-algorithm) +- [@article@What is the SHA-256 algorithm, and how does it work?](https://nordvpn.com/blog/sha-256/?srsltid=AfmBOoox3HKIBWzAYqvIp1Eio9jDh7ntzKnfEuJw79zF_h2NfuI2MsyA) +- [@article@Use cases for hash functions or what is SHA-256?](https://medium.com/@makhmud.islamov/use-cases-for-hash-functions-or-what-is-sha-256-83036de048b4) +- [@video@How secure is 256 bit security?](https://www.youtube.com/watch?v=S9JGmA5_unY) +- [@video@SHA-256 | COMPLETE Step-By-Step Explanation (W/ Example)](https://www.youtube.com/watch?v=orIgy2MjqrA) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/siem@hnroE_riXvw6BqYdirWBX.md b/src/data/roadmaps/devsecops/content/siem@hnroE_riXvw6BqYdirWBX.md index 354d1adb3353..97a572cd88c3 100644 --- a/src/data/roadmaps/devsecops/content/siem@hnroE_riXvw6BqYdirWBX.md +++ b/src/data/roadmaps/devsecops/content/siem@hnroE_riXvw6BqYdirWBX.md @@ -1 +1,11 @@ -# SIEM \ No newline at end of file +# SIEM + +SIEM (Security Information and Event Management) is a system that collects and analyzes security logs and event data from various sources across an organization's IT infrastructure. It helps security teams detect, analyze, and respond to security threats and incidents by providing a centralized view of security-related information and automating threat detection and incident response processes. SIEM systems typically include features such as log management, event correlation, threat intelligence integration, and reporting. + +Visit the following resources to learn more: + +- [@article@Security 101: What is a SIEM? - Microsoft](https://www.microsoft.com/security/business/security-101/what-is-siem) +- [@video@SIEM Explained - Professor Messer](https://www.youtube.com/watch?v=JEcETdy5WxU) +- [@video@Wazuh | Open source SIEM](https://www.youtube.com/watch?v=3CaG2GI1kn0) +- [@video@Splunk | The Complete Beginner Tutorial](https://www.youtube.com/playlist?list=PLY2f3p7xyMiTUbUo0A_lBFEwj6KdH0nFy) +- [@video@Elastic Security | Build a powerful home SIEM](https://www.youtube.com/watch?v=2XLzMb9oZBI) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/soar-automation@rXS1CIZHu7TA_o7L-vMtV.md b/src/data/roadmaps/devsecops/content/soar-automation@rXS1CIZHu7TA_o7L-vMtV.md index 905ac6d7d436..475fa51dae1c 100644 --- a/src/data/roadmaps/devsecops/content/soar-automation@rXS1CIZHu7TA_o7L-vMtV.md +++ b/src/data/roadmaps/devsecops/content/soar-automation@rXS1CIZHu7TA_o7L-vMtV.md @@ -1 +1,9 @@ -# SOAR Automation \ No newline at end of file +# SOAR Automation + +SOAR (Security Orchestration, Automation, and Response) automation involves using technologies to collect security data from various sources, analyze it, and then automate responses to security incidents. This includes tasks like threat intelligence gathering, vulnerability scanning, incident investigation, and remediation actions. The goal is to improve the efficiency and effectiveness of security operations by reducing manual effort and enabling faster response times to threats. + +Visit the following resources to learn more: + +- [@article@What is SOAR?](https://www.paloaltonetworks.co.uk/cyberpedia/what-is-soar) +- [@article@What is SOAR (security orchestration, automation and response)?](https://www.ibm.com/think/topics/security-orchestration-automation-response) +- [@video@What is SOAR (Security, Orchestration, Automation & Response)](https://www.youtube.com/watch?v=k7ju95jDxFA) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/soar-concepts@O0aVW37VhZInw9Z9Mghcg.md b/src/data/roadmaps/devsecops/content/soar-concepts@O0aVW37VhZInw9Z9Mghcg.md index bd1d5b06e8e7..3ef353167d52 100644 --- a/src/data/roadmaps/devsecops/content/soar-concepts@O0aVW37VhZInw9Z9Mghcg.md +++ b/src/data/roadmaps/devsecops/content/soar-concepts@O0aVW37VhZInw9Z9Mghcg.md @@ -1 +1,8 @@ -# SOAR Concepts \ No newline at end of file +# SOAR Concepts + +SOAR (Security Orchestration, Automation and Response) refers to a collection of technologies that enable organizations to automate and orchestrate security tasks and incident response processes. It integrates various security tools and data sources to streamline workflows, improve efficiency, and reduce the time it takes to detect, analyze, and respond to security threats. SOAR platforms typically include capabilities for threat intelligence, incident management, and automated remediation. + +Visit the following resources to learn more: + +- [@article@What is SOAR?](https://www.paloaltonetworks.co.uk/cyberpedia/what-is-soar) +- [@video@What is SOAR (Security, Orchestration, Automation & Response](https://www.youtube.com/watch?v=k7ju95jDxFA) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/soc-2@VmDslOmZANHpHmAInFa_j.md b/src/data/roadmaps/devsecops/content/soc-2@VmDslOmZANHpHmAInFa_j.md index 00d2c4095d8a..25df28288270 100644 --- a/src/data/roadmaps/devsecops/content/soc-2@VmDslOmZANHpHmAInFa_j.md +++ b/src/data/roadmaps/devsecops/content/soc-2@VmDslOmZANHpHmAInFa_j.md @@ -1 +1,8 @@ -# SOC 2 \ No newline at end of file +# SOC 2 + +SOC 2 (System and Organization Controls 2) is an auditing procedure that ensures service providers securely manage data to protect the interests of their organization and the privacy of its clients. It defines criteria for managing customer data based on five "trust service principles": security, availability, processing integrity, confidentiality, and privacy. A SOC 2 report assures customers that a service provider has implemented controls to protect their data. + +Visit the following resources to learn more: + +- [@article@What is SOC2 Compliance and How Does it Work | CyberSecurityTV](https://www.youtube.com/watch?v=2-czseg0DHg) +- [@article@SOC 2 Compliance](https://www.imperva.com/learn/data-security/soc-2-compliance/) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/sql-injection-prevention@VPBQh3CSsNA-esuvEHT3X.md b/src/data/roadmaps/devsecops/content/sql-injection-prevention@VPBQh3CSsNA-esuvEHT3X.md index 3227e6372639..7cbf3f4f3523 100644 --- a/src/data/roadmaps/devsecops/content/sql-injection-prevention@VPBQh3CSsNA-esuvEHT3X.md +++ b/src/data/roadmaps/devsecops/content/sql-injection-prevention@VPBQh3CSsNA-esuvEHT3X.md @@ -1 +1,9 @@ -# SQL Injection Prevention \ No newline at end of file +# SQL Injection Prevention + +SQL Injection is a type of security vulnerability that occurs when malicious SQL code is inserted into an application's database query. This can happen when user input is not properly validated or sanitized before being used in a SQL query. Successful exploitation can allow attackers to bypass security measures, gain unauthorized access to sensitive data, modify or delete data, or even execute arbitrary commands on the database server. + +Visit the following resources to learn more: + +- [@article@SQL Injection: How it Works and How to Prevent it](https://www.datacamp.com/tutorial/sql-injection) +- [@article@PortSwigger - SQL Injection](https://portswigger.net/web-security/sql-injection) +- [@video@SQL Injections are scary](https://www.youtube.com/watch?v=2OPVViV-GQk) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/stride@EZZsZHxu7__yM2l9tr95-.md b/src/data/roadmaps/devsecops/content/stride@EZZsZHxu7__yM2l9tr95-.md index a544daa77971..7b6206537c24 100644 --- a/src/data/roadmaps/devsecops/content/stride@EZZsZHxu7__yM2l9tr95-.md +++ b/src/data/roadmaps/devsecops/content/stride@EZZsZHxu7__yM2l9tr95-.md @@ -1 +1,10 @@ -# STRIDE \ No newline at end of file +# STRIDE + +STRIDE is a threat modeling methodology used to identify potential security threats in a system or application. It provides a framework for categorizing threats based on six key characteristics: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. By systematically analyzing these categories, security professionals can proactively identify vulnerabilities and design mitigations to reduce risk. + +Visit the following resources to learn more: + +- [@article@STRIDE](https://owasp.org/www-community/Threat_Modeling_Process#stride) +- [@article@What Is the STRIDE Threat Model? Beginner’s Guide – 2025](https://www.practical-devsecops.com/what-is-stride-threat-model/) +- [@article@STRIDE: A Guide to Threat Modeling and Secure Implementation](https://dzone.com/articles/stride-threat-modeling-guide-secure-implementation) +- [@article@Using the STRIDE Threat Model: Tutorial & Best Practices](https://drata.com/grc-central/risk/guide-stride-threat-model) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/supply-chain-security@qKHb2e9g_Xuo-nHepICTR.md b/src/data/roadmaps/devsecops/content/supply-chain-security@qKHb2e9g_Xuo-nHepICTR.md index 7f3bb2107c03..15301b2186c7 100644 --- a/src/data/roadmaps/devsecops/content/supply-chain-security@qKHb2e9g_Xuo-nHepICTR.md +++ b/src/data/roadmaps/devsecops/content/supply-chain-security@qKHb2e9g_Xuo-nHepICTR.md @@ -1 +1,11 @@ -# Supply Chain Security \ No newline at end of file +# Supply Chain Security + +Supply chain security focuses on protecting the integrity and security of all components, processes, and people involved in the development and delivery of software. It aims to prevent malicious actors from introducing vulnerabilities or malicious code into the software supply chain, ensuring that the final product is trustworthy and free from tampering. This includes securing everything from open-source libraries and third-party dependencies to build pipelines and deployment environments. + +Visit the following resources to learn more: + +- [@article@Software Supply Chain Security¶](https://cheatsheetseries.owasp.org/cheatsheets/Software_Supply_Chain_Security_Cheat_Sheet.html) +- [@article@What is supply chain security?](https://www.ibm.com/think/topics/supply-chain-security) +- [@article@The Ultimate Guide to Software Supply Chain Security](https://www.gitguardian.com/nhi-hub/software-supply-chain-security) +- [@video@Understanding software supply chain threats | Security Detail](https://www.youtube.com/watch?v=BqpWvESLW78) +- [@video@Securing your software supply chain](https://www.youtube.com/watch?v=Dg-hD4HHKT8) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/symmetric@mT1cKWZcKXwvopW6BeX-A.md b/src/data/roadmaps/devsecops/content/symmetric@mT1cKWZcKXwvopW6BeX-A.md index 9d7128a00286..d0684da1b755 100644 --- a/src/data/roadmaps/devsecops/content/symmetric@mT1cKWZcKXwvopW6BeX-A.md +++ b/src/data/roadmaps/devsecops/content/symmetric@mT1cKWZcKXwvopW6BeX-A.md @@ -1 +1,9 @@ -# Symmetric \ No newline at end of file +# Symmetric Encryption + +Symmetric encryption uses the same secret key for both encrypting and decrypting data. This means that the sender and receiver must both possess the same key before secure communication can begin. Algorithms like AES and DES are common examples, offering a balance between security and speed, making them suitable for encrypting large amounts of data. + +Visit the following resources to learn more: + +- [@article@What is symmetric encryption?](https://www.ibm.com/think/topics/symmetric-encryption) +- [@video@What is Symmetric Encryption? Simply Explained | CyberArk](https://www.youtube.com/watch?v=Wh9iC6uMv9s) +- [@video@What is symmetric encryption?](https://www.youtube.com/watch?v=8Ov4HyncJUU) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/threat-modeling-workflows@qfhpMprVX562UuktYN9BZ.md b/src/data/roadmaps/devsecops/content/threat-modeling-workflows@qfhpMprVX562UuktYN9BZ.md index 78a0790989d6..37c5b5c59e46 100644 --- a/src/data/roadmaps/devsecops/content/threat-modeling-workflows@qfhpMprVX562UuktYN9BZ.md +++ b/src/data/roadmaps/devsecops/content/threat-modeling-workflows@qfhpMprVX562UuktYN9BZ.md @@ -1 +1,9 @@ -# Threat Modeling Workflows \ No newline at end of file +# Threat Modeling Workflows + +Threat modeling workflows are structured, repeatable processes used to identify, assess, and mitigate potential security threats in a system or application. These workflows typically involve defining the system's scope, decomposing it into components, identifying potential threats and vulnerabilities, prioritizing those threats based on risk, and then developing and implementing mitigation strategies. The goal is to proactively address security concerns throughout the development lifecycle. + +Visit the following resources to learn more: + +- [@article@Threat Modeling Process](https://owasp.org/www-community/Threat_Modeling_Process) +- [@article@Top 12 Threat Modeling Methodologies and Techniques](https://www.securitycompass.com/blog/top-12-threat-modeling-methodologies-techniques/) +- [@article@Best Practices in the Threat Modeling Process](https://blog.secureflag.com/2025/04/03/threat-modeling-process/) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/threat-modeling@XA7JUF00B1locP0xY3T95.md b/src/data/roadmaps/devsecops/content/threat-modeling@XA7JUF00B1locP0xY3T95.md index 4d4e54d40ec4..d70c933a5adb 100644 --- a/src/data/roadmaps/devsecops/content/threat-modeling@XA7JUF00B1locP0xY3T95.md +++ b/src/data/roadmaps/devsecops/content/threat-modeling@XA7JUF00B1locP0xY3T95.md @@ -1 +1,10 @@ -# Threat Modeling \ No newline at end of file +# Threat Modeling + +Threat modeling is a structured process for identifying, evaluating, and mitigating potential security threats and vulnerabilities in a system or application. It involves understanding the system's architecture, identifying potential attackers and their motives, and analyzing the possible attack vectors they might use to compromise the system. The goal is to proactively identify weaknesses and design security controls to reduce the risk of successful attacks. + +Visit the following resources to learn more: + +- [@article@What Is Threat Modeling?](https://www.cisco.com/site/us/en/learn/topics/security/what-is-threat-modeling.html) +- [@article@Threat Modeling](https://owasp.org/www-community/Threat_Modeling) +- [@article@Threat Modeling Process](https://owasp.org/www-community/Threat_Modeling_Process) +- [@video@1. Introduction, Threat Models](https://www.youtube.com/watch?v=GqmQg-cszw4) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/tls@FvU310TuexCsp8QkvxJib.md b/src/data/roadmaps/devsecops/content/tls@FvU310TuexCsp8QkvxJib.md index 0175896e4e59..e0871ee94865 100644 --- a/src/data/roadmaps/devsecops/content/tls@FvU310TuexCsp8QkvxJib.md +++ b/src/data/roadmaps/devsecops/content/tls@FvU310TuexCsp8QkvxJib.md @@ -1 +1,10 @@ -# TLS \ No newline at end of file +# TLS + +TLS (Transport Layer Security) is a protocol that provides privacy and data integrity between two communicating applications. It's the successor to SSL (Secure Sockets Layer) and is used to encrypt the communication between a client (like a web browser) and a server, ensuring that data transmitted between them remains confidential and tamper-proof. TLS uses cryptographic algorithms to encrypt data, authenticate the server (and optionally the client), and ensure the integrity of the data being transmitted. + +Visit the following resources to learn more: + +- [@article@What is TLS & How Does it Work? - Internet Society](https://www.internetsociety.org/deploy360/tls/basics/) +- [@article@What is TLS (Transport Layer Security)? - Cloudflare](https://www.cloudflare.com/learning/ssl/transport-layer-security-tls/) +- [@video@SSL and HTTPS](https://www.youtube.com/watch?v=S2iBR2ZlZf0) +- [@video@SSL/TLS - Cristina Formaini](https://www.youtube.com/watch?v=Rp3iZUvXWlM) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/vim--nano--emacs@7MavDAydyrt0tOJ6a6xRQ.md b/src/data/roadmaps/devsecops/content/vim--nano--emacs@7MavDAydyrt0tOJ6a6xRQ.md index 06d9a53f5397..778b06505dd0 100644 --- a/src/data/roadmaps/devsecops/content/vim--nano--emacs@7MavDAydyrt0tOJ6a6xRQ.md +++ b/src/data/roadmaps/devsecops/content/vim--nano--emacs@7MavDAydyrt0tOJ6a6xRQ.md @@ -1 +1,13 @@ -# Vim / Nano / Emacs \ No newline at end of file +# Text Editors: Vim, Nano, and Emacs + +Vim, Nano, and Emacs are text editors used for creating, viewing, and modifying files, particularly configuration files and code. They provide different interfaces and functionalities, ranging from simple, beginner-friendly options to highly customizable and powerful environments for advanced users. These editors are essential tools for interacting with systems and automating tasks through scripting. + +Visit the following resources to learn more: + +- [@official@Vim](https://www.vim.org) +- [@official@GNU Nano](https://www.nano-editor.org/) +- [@official@GNU Emacs](https://www.gnu.org/software/emacs/) +- [@book@Practical Vim 2nd Edition](https://dokumen.pub/practical-vim-2nd-edition-2nd-edition-9781680501278.html) +- [@video@Vim Tutorial for Beginners](https://www.youtube.com/watch?v=RZ4p-saaQkc) +- [@video@Linux Crash Course - nano](https://www.youtube.com/watch?v=DLeATFgGM-A) +- [@video@The Absolute Beginner's Guide to Emacs](https://www.youtube.com/watch?v=48JlgiBpw_I) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/vlans@GPVN-nDitsY1bF_3huqnh.md b/src/data/roadmaps/devsecops/content/vlans@GPVN-nDitsY1bF_3huqnh.md index f3811aa47cc8..b111ec27ff00 100644 --- a/src/data/roadmaps/devsecops/content/vlans@GPVN-nDitsY1bF_3huqnh.md +++ b/src/data/roadmaps/devsecops/content/vlans@GPVN-nDitsY1bF_3huqnh.md @@ -1 +1,8 @@ -# VLANs \ No newline at end of file +# VLANs + +VLANs (Virtual Local Area Networks) are a way to logically segment a physical network into multiple broadcast domains. This allows you to group devices regardless of their physical location, improving network security, performance, and manageability by isolating traffic and reducing broadcast traffic within the network. + +Visit the following resources to learn more: + +- [@article@What is a VLAN?](https://www.solarwinds.com/resources/it-glossary/vlan) +- [@video@VLAN Explained](https://www.youtube.com/watch?v=jC6MJTh9fRE) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/wireshark-basics@iHhitN8zToXm4nK1m0OeR.md b/src/data/roadmaps/devsecops/content/wireshark-basics@iHhitN8zToXm4nK1m0OeR.md index 12544f3439e7..2b0163301dcf 100644 --- a/src/data/roadmaps/devsecops/content/wireshark-basics@iHhitN8zToXm4nK1m0OeR.md +++ b/src/data/roadmaps/devsecops/content/wireshark-basics@iHhitN8zToXm4nK1m0OeR.md @@ -1 +1,10 @@ -# Wireshark basics \ No newline at end of file +# Wireshark Basics + +Wireshark is a free and open-source packet analyzer. It captures network traffic in real-time and allows you to examine the data transmitted across a network. It can be used to troubleshoot network problems, analyze network protocols, examine security issues, and learn about network communication. Wireshark decodes the raw network data into a human-readable format, making it easier to understand the information being transmitted. + +Visit the following resources to learn more: + +- [@official@Wireshark](https://www.wireshark.org/)) +- [@article@How to Use Wireshark: Comprehensive Tutorial + Tips](https://www.varonis.com/blog/how-to-use-wireshark)) +- [@video@How to use Wireshark](https://www.youtube.com/watch?v=zWoHJ3oGRGY)) +- [@video@Wireshark Tutorial for BEGINNERS || How to Capture Network Traffic || Skilled Inspirational Academy](https://www.youtube.com/watch?v=byL8VMEMC0M&list=PL_o0Qzu-8MKhg6co37kssx6lRdQ4o1YpX) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/xss-prevention@ph7rFQFJffi_di133vm3Z.md b/src/data/roadmaps/devsecops/content/xss-prevention@ph7rFQFJffi_di133vm3Z.md index c6a51bcefe2f..ab06acc2a809 100644 --- a/src/data/roadmaps/devsecops/content/xss-prevention@ph7rFQFJffi_di133vm3Z.md +++ b/src/data/roadmaps/devsecops/content/xss-prevention@ph7rFQFJffi_di133vm3Z.md @@ -1 +1,11 @@ -# XSS Prevention \ No newline at end of file +# Cross-Site Scripting (XSS) Prevention + +Cross-Site Scripting (XSS) is a type of security vulnerability that allows attackers to inject malicious scripts into websites viewed by other users. These scripts can then execute in the user's browser, potentially stealing sensitive information like cookies, redirecting the user to malicious sites, or defacing the website. Preventing XSS involves sanitizing user inputs, encoding outputs, and implementing security policies to ensure that untrusted data cannot be executed as code. + +Visit the following resources to learn more: + +- [@article@Cross Site Scripting Prevention Cheat Sheet¶](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html) +- [@article@Cross-site scripting](https://portswigger.net/web-security/cross-site-scripting) +- [@article@Cross-site scripting (XSS)](https://developer.mozilla.org/en-US/docs/Web/Security/Attacks/XSS) +- [@video@Cross-Site Scripting: A 25-Year Threat That Is Still Going Strong](https://www.youtube.com/watch?v=z4LhLJnmoZ0) +- [@video@Cross-Site Scripting (XSS) Explained](https://www.youtube.com/watch?v=EoaDgUgS6QA&t=341s) \ No newline at end of file diff --git a/src/data/roadmaps/devsecops/content/zero-trust-concepts@3UAH70FkQlv5_VbYon4U9.md b/src/data/roadmaps/devsecops/content/zero-trust-concepts@3UAH70FkQlv5_VbYon4U9.md index 22db5d09d928..b6305817e77d 100644 --- a/src/data/roadmaps/devsecops/content/zero-trust-concepts@3UAH70FkQlv5_VbYon4U9.md +++ b/src/data/roadmaps/devsecops/content/zero-trust-concepts@3UAH70FkQlv5_VbYon4U9.md @@ -1 +1,8 @@ -# Zero Trust Concepts \ No newline at end of file +# Zero Trust Concepts + +Zero Trust is a security framework based on the principle of "never trust, always verify." It assumes that no user or device, whether inside or outside the network perimeter, should be automatically trusted. Instead, every access request is fully authenticated, authorized, and encrypted before granting access to resources. This approach minimizes the blast radius of potential breaches and enhances overall security posture by continuously validating trust at every stage of digital interaction. + +Visit the following resources to learn more: + +- [@article@What is a Zero Trust Network?](https://www.cloudflare.com/en-gb/learning/security/glossary/what-is-zero-trust/) +- [@video@ero Trust Explained in 4 minutes](https://www.youtube.com/watch?v=yn6CPQ9RioA) \ No newline at end of file