Skip to content

Resources

Tools landscape, technical glossary, and curated links for security and engineering.

Tools Landscape

Key tools across security, DevSecOps, data engineering, and cloud.

Security

Kali Linux Burp Suite Nessus Metasploit Wazuh OWASP ZAP ELK Stack

DevSecOps

GitLab CI/CD Trivy Snyk SonarQube ArgoCD Ansible

Data Engineering

Apache Airflow Apache Spark dbt PostgreSQL MinIO Metabase

Cloud & IaC

AWS GCP Terraform Kubernetes Helm Cloudflare

Technical Glossary

Plain-English definitions for terms used across this site.

Browse full glossary →
CVE A standardised identifier for a publicly disclosed cybersecurity vulnerability. DevSecOps The practice of integrating security tools and responsibilities throughout the software development lifecycle. Medallion Architecture A layered data lakehouse design with Bronze (raw), Silver (cleansed), and Gold (aggregated) tiers. SAST Static Application Security Testing — analysis of source code for vulnerabilities without executing it. SIEM Security Information and Event Management — a platform that aggregates logs and detects threats in real time. Zero Trust A security model that requires continuous verification for every user and device, regardless of network location.

Curated Links

Vetted external resources, grouped by discipline.

Security

OWASP Top Ten Free
The canonical standard for web application security risks. owasp.org ↗
MITRE ATT&CK Free
Knowledge base of adversary tactics, techniques, and procedures. attack.mitre.org ↗
NVD (NIST) Free
U.S. National Vulnerability Database — canonical CVE source. nvd.nist.gov ↗
CVE Details Free
CVE database with exploitability scores and vendor statistics. www.cvedetails.com ↗
CISA KEV Free
Known Exploited Vulnerabilities catalog maintained by CISA. www.cisa.gov ↗

DevSecOps

GitLab CI/CD Docs Free
Official reference documentation for GitLab pipelines. docs.gitlab.com ↗
Trivy Docs Free
Container, filesystem, and IaC vulnerability scanning. aquasecurity.github.io ↗
OWASP DevSecOps Guideline Free
Best practices for embedding security into CI/CD pipelines. owasp.org ↗

Data Engineering

Apache Airflow Docs Free
Workflow automation and scheduling platform documentation. airflow.apache.org ↗
dbt Docs Free
SQL-first data transformation framework reference. docs.getdbt.com ↗
Delta Lake Free
Open-source storage framework for lakehouse architecture. delta.io ↗

Cloud & IaC

AWS Well-Architected Free
Framework for building secure, reliable, and efficient cloud workloads. aws.amazon.com ↗
Cloudflare Developers Free
Workers, Pages, KV, D1 — complete developer documentation. developers.cloudflare.com ↗
Terraform Registry Free
Browse providers, modules, and policies for IaC. registry.terraform.io ↗

Learning

TryHackMe
Learn cybersecurity through guided hands-on virtual labs. tryhackme.com ↗
HackTheBox
Cybersecurity labs and CTF challenges for all skill levels. www.hackthebox.com ↗
roadmap.sh Free
Community-curated developer and DevOps learning roadmaps. roadmap.sh ↗