Cybersecurity is a constant, evolving battle.
Our vision is a world where (complex) environments are cyber secure by default, not by exception.
Our mission is to holistically improve the cyber security posture of companies around the globe through a vendor-independent and risk-based approach, combining high-quality security architecture with in-depth technical cyber security expertise.
This organization contains repositories that aid us in our job as cyber security architects.
These are repositories used throughout the web security courses we give.
| Name | Description | Info |
|---|---|---|
| NodeGoat | Our OWASP Nodegoat implementation. | Run node artifacts/db-reset.js to reset |
| Juice-Shop | Our OWASP Juice Shop implementation. | To reset, simply do a redeploy. |
| ModernACREST | Set of Docker containers used during various trainings about modern access control. The focus currently is on SAML and OpenID Connect, as well as policy-based authorization. | |
| Vulnerable .NET | A vulnerable .NET project which can be used to show different kinds of attacks and exploits | |
| API & API Secured | Two simple APIs with Node.js where the former doesn't have any security, and the latter uses authentication. | |
| SCS SRI | A small project used throughout the supply chain security (SCS) course to show how SRI prevents unexpected changes to some source code. |
| Name | Description | Info |
|---|---|---|
| Threat Modeling GitBook | A gitbook on the intersection between Enterprise Architecture and Threat Modeling | Read Online |