Yet Another Resource List.

This repository is to communicate and promote the Dragon1 Open Standard for Architecture Modeling, with the Dragon1 Modeling Language. This repository will specify the modeling language and interchange file format, provide 100 example models and diagrams to help architects and designers with their tasks. https://www.dragon1.com

Threat model and security analysis for STEVAL-SENSORTILEBOX product from ST Microelectronics

Dragon1 is an Enterprise Architecture Software Tool to design, analyze and generate maps, diagrams, visualizations with views, reports and animated scenarios (data driven) - UML, BPMN, ArchiMate, TOGAF and BizBok supported. https://www.dragon1.com

Notes and practice exam analysis I completed when preparing for my CompTIA Security+ exam

Repository containing best practices for securing cloud architectures using SCPs and OPCs, with sample policies and implementation scripts to enforce a holistic security posture

An Enterprise Security Network Architecture

Excalidraw library for threat modeling diagrams

The Server-based Security Architecture Model (SSAM) - OMNeT++ 4.1

A walkthrough of security controls for a serverless architecture via a demo application

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about The Open Group Architecture Framework (TOGAF) in Cybersecurity.

Medusa is a package that improves the overall security of the Linux OS by extending the standard Linux (Unix) security architecture while preserving backward compatibility.

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Security Assurance in Cybersecurity

An attempt at creating a unifying Threat Model Definition Language using a declarative syntax with cuelang

This projects brings the MontiSecArc language to the popular IntelliJ IDE. The plugin provides a deep integration of secure architecture files into the IDE. Allowing the fast creation of secure architectures and an plain learning curve.

Common (and Advanced) Information Security Questions. Questions you should know the answer to for your information security career.

Your internal mediocrity is the moment when you lost the faith of being excellent. Just do it.

《数据安全架构设计与实战》：本书系统性地介绍数据安全架构的设计与实践，融入了作者多年在安全领域积累的实践经验。全书分四大部分，共20章。 第一部分介绍安全架构的基础知识，内容包括安全、数据安全、安全架构、5A方法论、CIA等基本概念,为后续论述奠定基础。 第二部分介绍产品安全架构，内容包括：身份认证、授权、访问控制、审计、资产保护等，讲解如何从源头设计来保障数据安全和隐私安全，防患于未然。 第三部分介绍安全技术体系架构，内容包括：安全技术架构、网络和通信层安全架构、设备和主机层安全架构、应用和数据层安全架构、安全架构案例分析等。 第四部分介绍数据安全与隐私保护治理，内容包括：数据安全治理、数据安全政策文件体系、隐私保护基础与增强技术、GRC治理框架、数据安全与隐私保护的统一等。

How to systematically secure anything: a repository about security engineering