- Key Management Find out which algorithms are recommended, when to expire keys, etc.
- Kubernetes A high level guide of basic security needs for Kubernetes
- OpenSSH How to configure and use OpenSSH server and client securely
- Phishing A fraudulent practice of sending emails (or other communications) purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
- Web Security What headers, setup, etc. should you follow for your web site?
- Assessing Security Risk An open framework to assess security risk from an operational perspective
- Likelihood Indicators A model for determining how security controls affect risk
- Rapid Risk Assessment (RRA) A rapid methodology to perform risk analysis and create a lightweight threat model.
- Scoring and other levels Standardized scoring and other levels that aren't directly representing risk levels.
- Standard Levels Standardized levels for security risk, effort and other measurements.