Tags

"A journey of a thousand miles begins with a single step." -Chinese Proverb

Discussion threads targeting the whole community

This tag is for anything relating to careers! Job offers, workplace conflict, interviews, resumes, promotions, etc.

Amazon Web Services (AWS) is a collection of web services for computing, storage, machine learning, security, and more There are over 200+ AWS services as of 2023.

Expect to see announcements of new and updated products, services, and features for languages & frameworks. You also will find high-level news relevant to the tech and software development industry covered here.

The dev.to tag for Microsoft Azure, the Cloud Computing Platform.

Discussions on academic programs, online courses, and learning paths in security.

General discussion about all types of design software and hardware

Security challenges and solutions for Internet of Things and embedded devices.

A place to ask questions and provide answers. We're here to work things out together.

Security for container technologies like Docker and orchestration platforms like Kubernetes.

Strategies for managing risk in crypto portfolios and trading.

Discussions specific to Google Cloud Platform, its services, and best practices.

Integrating security practices into the DevOps lifecycle.

Identity and Access Management principles, technologies, and best practices.

Discussions on ethical considerations and responsibilities in design

Navigating compliance standards like PCI-DSS, HIPAA, GDPR, and SOX.

Showcasing and discussing personal lab setups for security practice and research.

Securing cloud environments like AWS, Azure, and GCP, including configurations and services.

A place to talk about all things mentorship! Mentors and mentees can introduce themselves, share posts about their experiences, and connect with one another under this tag.

Discussions on encryption, hashing, ciphers, and cryptographic protocols.

Capture The Flag competitions, challenges, writeups, and strategies.

Examining cyber laws, regulations, and the legal aspects of security work.

Application security topics beyond the web, including mobile and desktop applications.

Adversary emulation, advanced persistent threat simulation, and red team operations.

The process of responding to and managing security incidents and breaches.

Discussions related to Security Operations Centers, including tools, processes, and analyst life.

Discussions about security certifications, study guides, and exam experiences.

Usage, scripting, and advanced techniques for the Nmap network scanner.

Proactively searching through networks to detect and isolate advanced threats.

Governance, Risk, and Compliance frameworks, policies, and management.

Best practices for writing secure code and preventing common vulnerabilities.

Fostering collaboration between red and blue teams to maximize security effectiveness.

Implementing and discussing the Zero Trust security model and architecture.

The art and science of exploit development and vulnerability research.

Reverse engineering software, firmware, and hardware.

Offensive security techniques and methodologies for penetration testing.

Packet analysis, protocol dissection, and network troubleshooting with Wireshark.

Discussions and resources for the CISSP management-focused certification.

Digital Forensics and Incident Response procedures, tools, and case studies.

Lockpicking, access control systems, and securing physical environments.

The study of malware to understand its behavior, origin, and purpose.

Security of computer networks, including firewalls, IDS/IPS, and secure architecture.

Defensive security strategies, threat detection, and incident response.

Modifying and exploiting physical hardware components.

Using the MITRE ATT&CK framework for threat modeling and adversary emulation.

Sharing interview experiences, questions, and preparation strategies for security roles.

Tips, tricks, and extensions for the Burp Suite web vulnerability scanner.

Web application security, vulnerability analysis, and secure development for the web.

Using the Ghidra software reverse engineering suite for analysis and research.

Discussions related to the OWASP Foundation, its projects, and Top 10 lists.

The psychological manipulation of people into performing actions or divulging information.

Gathering, analyzing, and applying intelligence about threats and threat actors.

Security for mobile operating systems like Android and iOS, and mobile applications.

Techniques and tools for digital forensic investigation and evidence handling.

Security of wireless technologies including Wi-Fi, Bluetooth, RFID, and NFC.

Study guides, tips, and experiences related to the OSCP certification.

The business of security consulting, freelancing, and running an MSSP.

Study materials and discussion for the CompTIA Security+ certification.

Open-Source Intelligence gathering techniques, tools, and resources.