How to systematically secure anything: a repository about security engineering

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

List of my talks and workshops: security engineering, applied cryptography, secure software development

Some good resources for getting started with application security

A privacy and security engineering toolkit: Discover, understand, pseudonymize, anonymize, encrypt and securely share sensitive and personal data: Privacy and security as code.

Code examples for the AWS Security Blog post: How to use CI/CD to deploy and configure AWS security services with Terraform

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about DevSecOps in Cybersecurity.

Cracking the Security Engineer Interviews

Script to generate a combined PDF for the Security Engineering 3rd edition book from the publicly available chapters under review.

FAANG (MANGA) Security Engineer Interview Collection. An ongoing & curated collection of awesome software, frameworks and libraries, learning tutorials and videos, technical guidelines and best practices, and cheatsheets in the world of Security Engineering Career.

My PhD thesis in Computer Science and related resources: "An Ontological Approach to Security Modeling" (Free University of Bozen-Bolzano)

Reference Ontology for Security Engineering (ROSE)

This repository serves as a comprehensive recap and detailed write-up showcasing the successful completion and in-depth understanding of TCM Security's course: Detection Engineering for Beginners.

Welcome to the Security Engineering Repository, a comprehensive collection of tools, resources, and best practices for enhancing the security posture of software systems.

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Security Assurance in Cybersecurity

This is my full CV of work.

This repository provides comprehensive guides, configurations, rules, and practical examples for Snort, the open-source intrusion detection system (IDS). Ideal for cybersecurity professionals and enthusiasts looking to enhance their network security skills.