Security Knowledge Collection

A general collection of knowledge, notes, and research related to software security.

Foundations

• Authentication
• Authorization
• Accountability (Logging)
• Confidentiality (Encryption)
• Software Design Fundamentals
• Defense in Depth
• CIA Triad (Cornerstones)
• Security Policies
• Exploitation Basics
• Fundamental Design Flaws (Strong Coupling / Shatter Attack)

Vulnerabilities

• Fundamentals
• Classification (Design, Implementation, Operational)
• Data Flow and Input
• Trust and Assumptions
• Environmental Security

Assessment

• Design Review
• Auditing Methodology

Ethics

• Principles and Decision Making
• Software and Open Source Ethics
• Digital Forensics Ethics

Hardware and IP

• Hardware and Intellectual Property

Endpoint Security

• Endpoint Protection

OWASP / Emerging Threats

• AI Agent Security

Legal & Compliance

• Data Protection Frameworks
• Computer Misuse Act 1990
• Legal Limitations for Security Professionals

ISO 27001

• Structure and Annex SL