How to systematically secure anything: a repository about security engineering

A Java library for parsing and programmatically using threat models

Vavr workshops.

This repository is a comprehensive collection of notes, insights, and structured information covering various facets of application security.

Secure enterprise architecture design covering segmentation, layered defense, IAM, logging, and zero trust principles.

Enterprise STRIDE threat modeling assessment with DFD analysis, trust boundaries, attack surface evaluation, and mitigation mapping.

Portable defensive application security and AI-agent security skill for Claude Code, Codex, Gemini, and ChatGPT. Covers OWASP, secure design, secure code review, MCP security, prompt injection, threat modeling, incident response, and hardening.

Reference design: payment gateway flows + risk review + localization.

Vavr Validation workshop.

HBN — Human Brain Net. An open protocol for safe, structured, and evolvable AI-assisted software engineering.

A structured, defense-focused security reference covering physical, cyber, human, and architectural security. Designed as a professional handbook and curriculum emphasizing architecture, procedure, and human behavior over tools.

"Practices for the development of secure software" is a project focused on implementing secure software development practices.

Security-focused auth and admin panel demo showing session-based auth, backend RBAC, CSRF protection, rate limiting, account lockout, and audit visibility.

Security engineering skill pack for threat surfaces, trust boundaries, secrets, validation, privilege, and secure defaults.