Tags

"A journey of a thousand miles begins with a single step." -Chinese Proverb

Amazon Web Services (AWS) is a collection of web services for computing, storage, machine learning, security, and more There are over 200+ AWS services as of 2023.

Discussion threads targeting the whole community

This tag is for anything relating to careers! Job offers, workplace conflict, interviews, resumes, promotions, etc.

Expect to see announcements of new and updated products, services, and features for languages & frameworks. You also will find high-level news relevant to the tech and software development industry covered here.

Discussions on academic programs, online courses, and learning paths in security.

The dev.to tag for Microsoft Azure, the Cloud Computing Platform.

Security challenges and solutions for Internet of Things and embedded devices.

General discussion about all types of design software and hardware

A place to ask questions and provide answers. We're here to work things out together.

Security for container technologies like Docker and orchestration platforms like Kubernetes.

Discussions specific to Google Cloud Platform, its services, and best practices.

Strategies for managing risk in crypto portfolios and trading.

Integrating security practices into the DevOps lifecycle.

Identity and Access Management principles, technologies, and best practices.

Navigating compliance standards like PCI-DSS, HIPAA, GDPR, and SOX.

Showcasing and discussing personal lab setups for security practice and research.

Securing cloud environments like AWS, Azure, and GCP, including configurations and services.

Discussions on ethical considerations and responsibilities in design

Discussions on encryption, hashing, ciphers, and cryptographic protocols.

Capture The Flag competitions, challenges, writeups, and strategies.

Examining cyber laws, regulations, and the legal aspects of security work.

Application security topics beyond the web, including mobile and desktop applications.

Adversary emulation, advanced persistent threat simulation, and red team operations.

The process of responding to and managing security incidents and breaches.

Security of computer networks, including firewalls, IDS/IPS, and secure architecture.

Discussions related to Security Operations Centers, including tools, processes, and analyst life.

Discussions about security certifications, study guides, and exam experiences.

Usage, scripting, and advanced techniques for the Nmap network scanner.

Proactively searching through networks to detect and isolate advanced threats.

Governance, Risk, and Compliance frameworks, policies, and management.

Best practices for writing secure code and preventing common vulnerabilities.

Gathering, analyzing, and applying intelligence about threats and threat actors.

Defensive security strategies, threat detection, and incident response.

Security for mobile operating systems like Android and iOS, and mobile applications.

The psychological manipulation of people into performing actions or divulging information.

A place to talk about all things mentorship! Mentors and mentees can introduce themselves, share posts about their experiences, and connect with one another under this tag.

Discussions related to the OWASP Foundation, its projects, and Top 10 lists.

Using the Ghidra software reverse engineering suite for analysis and research.

Web application security, vulnerability analysis, and secure development for the web.

The study of malware to understand its behavior, origin, and purpose.

Digital Forensics and Incident Response procedures, tools, and case studies.

Discussions and resources for the CISSP management-focused certification.

Packet analysis, protocol dissection, and network troubleshooting with Wireshark.

Reverse engineering software, firmware, and hardware.

The art and science of exploit development and vulnerability research.

Modifying and exploiting physical hardware components.

Fostering collaboration between red and blue teams to maximize security effectiveness.

Implementing and discussing the Zero Trust security model and architecture.

Lockpicking, access control systems, and securing physical environments.

Using the MITRE ATT&CK framework for threat modeling and adversary emulation.

Sharing interview experiences, questions, and preparation strategies for security roles.

Tips, tricks, and extensions for the Burp Suite web vulnerability scanner.

Offensive security techniques and methodologies for penetration testing.

Techniques and tools for digital forensic investigation and evidence handling.

Security of wireless technologies including Wi-Fi, Bluetooth, RFID, and NFC.

Study guides, tips, and experiences related to the OSCP certification.

The business of security consulting, freelancing, and running an MSSP.

Study materials and discussion for the CompTIA Security+ certification.

Open-Source Intelligence gathering techniques, tools, and resources.