security/

Security
Architecture

End-to-end security design: AuthN/AuthZ, encryption, and cloud controls.

5 topics in this section

security/appsec/

Application Security

Secure SDLC, threat modeling (STRIDE), OWASP Top 10, security champions program.

security/authn-authz/

Authentication & Authorization

OAuth 2.0, OIDC, SAML, RBAC, ABAC, fine-grained authorization, and identity federation patterns.

security/cloud/

Cloud security posture management (CSPM), CWPP, IAM least privilege, and guardrails-as-code.

security/encryption/

Encryption at rest, in transit, and in use. Key management, HSM integration, and TLS configuration.

security/vulnerability/

Vulnerability Management

SAST, DAST, SCA, container scanning, CVE triage, and patch management workflows.