Useful Links
Computer Science
Cybersecurity
Cybersecurity and Information Security
1. Foundations of Information Security
2. Cryptography and Cryptographic Systems
3. Network Security Architecture
4. System and Endpoint Security
5. Application Security and Secure Development
6. Identity and Access Management
7. Security Operations and Incident Management
8. Governance, Risk Management, and Compliance
9. Offensive Security and Threat Intelligence
10. Emerging Technologies and Advanced Topics
Application Security and Secure Development
Secure Software Development Lifecycle
Security Requirements
Security Requirement Gathering
Threat Modeling
STRIDE Methodology
Attack Trees
Data Flow Diagrams
Risk Assessment
Secure Design Principles
Least Privilege Principle
Defense in Depth
Fail Secure Design
Complete Mediation
Open Design
Separation of Privilege
Least Common Mechanism
Psychological Acceptability
Secure Coding Practices
Input Validation
Data Type Validation
Range Checking
Format Validation
Output Encoding
Context-aware Encoding
Sanitization Techniques
Error Handling
Secure Error Messages
Logging Practices
Session Management
Session Token Generation
Session Timeout
Session Invalidation
Security Testing Integration
Unit Testing Security
Integration Testing
System Testing
Acceptance Testing
Web Application Security
Common Web Vulnerabilities
Injection Attacks
SQL Injection
NoSQL Injection
LDAP Injection
OS Command Injection
Code Injection
Authentication Vulnerabilities
Broken Authentication
Session Management Flaws
Credential Management Issues
Authorization Flaws
Broken Access Control
Insecure Direct Object References
Missing Function Level Access Control
Cross-Site Scripting
Reflected XSS
Stored XSS
DOM-based XSS
XSS Prevention
Cross-Site Request Forgery
CSRF Attack Vectors
CSRF Prevention
Security Misconfigurations
Default Configurations
Unnecessary Features
Error Handling
Sensitive Data Exposure
Data Classification
Encryption Requirements
Secure Storage
Web Application Security Testing
Static Application Security Testing
Source Code Analysis
Binary Analysis
Configuration Review
Dynamic Application Security Testing
Black Box Testing
Vulnerability Scanning
Penetration Testing
Interactive Application Security Testing
Gray Box Testing
Runtime Analysis
Manual Security Testing
Code Review
Architecture Review
Configuration Review
API Security
API Security Fundamentals
REST API Security
SOAP API Security
GraphQL Security
API Authentication and Authorization
API Key Management
OAuth Implementation
JWT Token Security
API Security Testing
API Vulnerability Assessment
API Penetration Testing
Database Security
Database Security Architecture
Database Access Controls
Network Security
Database Hardening
Data Protection
Encryption at Rest
Encryption in Transit
Key Management
Database Attack Prevention
SQL Injection Prevention
Privilege Escalation Prevention
Data Leakage Prevention
Previous
4. System and Endpoint Security
Go to top
Next
6. Identity and Access Management