Cybersecurity
Everything on SkillVeris tagged Cybersecurity — collected across the glossary, study notes, blog, and cheat sheets.
171 resources across 4 libraries
Glossary Terms(131)
OWASP
OWASP (Open Worldwide Application Security Project) is a nonprofit foundation dedicated to improving software security through open, community-driven resources…
Zero Trust
Zero Trust is a security model built on the principle 'never trust, always verify': no user, device, or network location is trusted by default, even inside a t…
Zero Trust Architecture
Zero Trust Architecture is a security model built on the principle of "never trust, always verify" — no user, device, or network segment is trusted by default,…
Firewall
A firewall is a network security system that monitors and controls incoming and outgoing traffic based on predetermined rules, acting as a barrier between a tr…
VPN
A VPN (Virtual Private Network) creates an encrypted tunnel between a device and a remote network or gateway over the public internet, making traffic appear as…
SSL
SSL (Secure Sockets Layer) is the original cryptographic protocol for encrypting communication between a client and a server over a network, developed by Netsc…
TLS
TLS (Transport Layer Security) is the standard cryptographic protocol for securing data in transit over a network, succeeding SSL. It provides encryption, data…
Authentication
Authentication is the process of verifying that a user, device, or system is who or what it claims to be, typically before granting access to a resource. It is…
Authorization
Authorization is the process of determining what an authenticated identity is permitted to do within a system — which resources it can read, modify, or delete.…
SQL Injection
SQL Injection is a web security vulnerability where an attacker inserts malicious SQL statements into an application's input fields, tricking the backend datab…
XSS
Cross-Site Scripting (XSS) is a web security vulnerability that lets an attacker inject malicious client-side scripts into pages viewed by other users. When un…
Zitadel
Zitadel is an open-source identity and access management (IAM) platform providing authentication, authorization, and user management via OIDC, OAuth 2.0, and S…
Chainguard
Chainguard is a software supply chain security company that produces minimal, hardened, and continuously rebuilt container images designed to eliminate known v…
Clerk
Clerk is a developer-first authentication and user management platform that provides pre-built, embeddable UI components and APIs for sign-up, sign-in, user pr…
Keycloak
Keycloak is an open-source identity and access management solution that provides single sign-on, user federation, and support for standards like OAuth2 and Ope…
Bitwarden
Bitwarden is an open-source password manager that lets individuals and teams securely generate, store, and share encrypted credentials across browsers and devi…
Burp Suite
Burp Suite is an integrated platform for web application security testing, widely used by penetration testers and security researchers to discover and exploit…
Vault
Vault is HashiCorp's secrets management tool for securely storing, accessing, and rotating sensitive data such as API tokens, database credentials, and TLS cer…
Auth0
Auth0 is an identity-as-a-service platform that provides drop-in authentication and authorization for applications, supporting social logins, single sign-on (S…
Autopsy
Autopsy is an open-source digital forensics platform providing a graphical interface over The Sleuth Kit, used to analyze disk images, recover deleted files, a…
Arkose Labs
Arkose Labs is a fraud-prevention and bot-mitigation platform that uses interactive, puzzle-based challenges and risk-based signals to detect and deter automat…
Let's Encrypt
Let's Encrypt is a free, automated certificate authority (CA) that issues domain-validated TLS/SSL certificates, making HTTPS encryption accessible to any webs…
Ory
Ory is an open-source identity infrastructure project providing components for authentication, authorization, and access control, including OAuth2/OpenID Conne…
Nessus
Nessus is a widely used vulnerability scanning tool developed by Tenable that identifies security weaknesses, misconfigurations, and missing patches across net…
Showing 24 of 131.
Blog Articles(8)
AWS Free Tier: Best Services to Try in 2026
Get hands-on with AWS without spending a dime. Explore the best free-tier services for beginners.
Cloud Computing for Beginners: A Complete Guide
A comprehensive guide to cloud computing for beginners: a complete guide — written for learners at every level.
AWS vs Azure vs Google Cloud: Which to Learn?
A comprehensive guide to aws vs azure vs google cloud: which to learn? — written for learners at every level.
CI/CD Explained: Build, Test, Deploy
CI/CD is how modern software teams ship code dozens of times a day without breaking things. This guide explains what continuous integration and continuous deli…
Infrastructure as Code Explained: Terraform Basics
Clicking through cloud consoles doesn't scale. Infrastructure as Code (IaC) lets you define, version, and automate your cloud resources in code. This guide exp…
AWS for Beginners: Cloud Computing Fundamentals
Amazon Web Services is the world's most widely used cloud platform. This guide covers the core services every developer needs — EC2 (virtual servers), S3 (stor…
Cybersecurity for Developers: The OWASP Top 10 Explained
The OWASP Top 10 is the industry standard list of critical web application security risks. This guide explains each vulnerability, shows what an attack looks l…
Terraform Basics: Infrastructure as Code on AWS
Terraform lets you define cloud infrastructure in code, version it in Git, and deploy it repeatably. This guide covers providers, resources, variables, outputs…
Cheat Sheets(31)
OWASP Security Cheat Sheet
OWASP Top 10 vulnerabilities, prevention strategies, and secure coding practices.
Network Security Fundamentals Cheat Sheet
Covers core network security concepts including segmentation, defense-in-depth, common attack vectors, and essential hardening practices.
Penetration Testing Basics Cheat Sheet
Introduces the penetration testing methodology, phases, common toolsets, and reporting practices used in authorized security assessments.
Nmap Cheat Sheet
Covers essential Nmap scan types, timing options, script engine usage, and output formats for network discovery and enumeration.
Metasploit Cheat Sheet
Covers the Metasploit Framework console workflow including module search, exploit configuration, payload selection, and session handling.
Wireshark Cheat Sheet
Covers Wireshark capture filters, display filters, and common workflows for analyzing network traffic and diagnosing security incidents.
Burp Suite Cheat Sheet
Covers Burp Suite's core web application testing workflow including proxy setup, Repeater, Intruder, and scanning best practices.
SQL Injection Prevention Cheat Sheet
Explains how SQL injection works and shows concrete, language-specific techniques to prevent it using parameterized queries and validation.
Cross-Site Scripting (XSS) Prevention Cheat Sheet
Covers the three main XSS variants and concrete output-encoding, sanitization, and CSP techniques to prevent script injection in web apps.
Cryptography Basics Cheat Sheet
Introduces symmetric and asymmetric encryption, hashing, and digital signatures with practical examples of correct algorithm usage.
Public Key Infrastructure (PKI) Cheat Sheet
Covers PKI components, certificate lifecycle, chain of trust, and common OpenSSL commands for generating and inspecting certificates.
SSL/TLS Deep Dive Cheat Sheet
Explains the TLS handshake, protocol versions, cipher suites, and practical OpenSSL commands for testing and hardening TLS configurations.
Firewall Configuration Cheat Sheet
Covers practical firewall rule syntax for iptables and cloud security groups, plus best practices for default-deny policies.
VPN Basics Cheat Sheet
Explains VPN protocol options, tunneling modes, and basic WireGuard/OpenVPN configuration for securing remote network access.
Zero Trust Architecture Cheat Sheet
Explains zero trust principles, core architectural components, and practical steps for shifting from perimeter-based to identity-based security.
Identity & Access Management (IAM) Cheat Sheet
Covers IAM core concepts including authentication protocols, RBAC/ABAC models, and provisioning lifecycle for enterprise access control.
Multi-Factor Authentication Cheat Sheet
Covers MFA factor types, common protocols like TOTP and WebAuthn, and implementation guidance for adding MFA to an application.
Security Incident Response Cheat Sheet
Covers the standard incident response lifecycle, containment strategies, and evidence handling for effectively managing security incidents.
Malware Analysis Basics Cheat Sheet
Introduces static and dynamic malware analysis techniques, common tools, and safe sandboxing practices for examining suspicious files.
Social Engineering Awareness Cheat Sheet
Covers common social engineering attack techniques, red-flag indicators, and practical verification steps to help employees resist manipulation.
Password Security Best Practices Cheat Sheet
Summarizes modern password hygiene, hashing standards, and multi-factor authentication practices for individuals and engineering teams.
GDPR Compliance Cheat Sheet
Outlines core GDPR principles, data subject rights, lawful bases for processing, and breach notification requirements for engineering teams.
SOC 2 Compliance Cheat Sheet
Explains the SOC 2 Trust Services Criteria, audit types, and common control evidence needed to prepare for a SOC 2 examination.
ISO 27001 Basics Cheat Sheet
Introduces the ISO/IEC 27001 information security management system framework, its structure, Annex A controls, and certification process.
Showing 24 of 31.