Unmatched Security Content and Training Library


• • AI/Data Engineering Cloud Services
    
    • AWS Bedrock
    • AWS Lake Formation
    • AWS Sagemaker
    • Azure Data Lake Storage
    • Azure OpenAI
    • GCP Vertex AI
  • AI Use Cases
    
    • Fine-tuning
    • RAG (Retrieval-Augmented Generation)
    • Use of vector databases

• EU AI Act
• Implementation guidelines for AI Tools (TensorFlow, PyTorch, etc.)
• LLM-based Code Generation Security
• MITRE ATLAS
• ML Security
  • ENISA Security ML Algorithms
  • OWASP ML Security Top Ten
• Model Context Protocol (MCP) Clients and Servers
• NIST AI Risk Management Framework (RMF)
• OWASP Top 10 2025 for Large Language Model Applications
• Agentic AI: OWASP Agentic AI Threats and Mitigations
  • CSA MAESTRO Threat Modeling Framework
  • Model Context Protocol (MCP) Clients and Servers

• ISO/SAE 21434:2021 Road vehicles — Cybersecurity engineering
• UNECE WP29/R155

• Blockchain and Smart Contracts

• .NET 8
• Bash/Shell (Linux)
• C/C++ (POSIX and Microsoft)

• SAP/ABAP

• Hardware Weaknesses based on CWE 4.15 weaknesses
• CWE VIEW: Hardware Design (1194) – Compliance Report
• Hardware, firmware, and embedded device controls
• Hardware DMA, Access Control, Configuration, Debugging, Design, and Physical Protection

• ASD-STIG r6
• ASVS 4.0
• BIOS/FW
• Consumer IoT
  • ETSI EN 303 645
• CWE 4.16
• CWE Top 25, 2024
• CVSS 3
• DISA Control Correlation Identifier (CCI) Framework
• DoD Zero Trust Overlay for NIST 800-53 Controls
• EO14028
  • NIST Critical Software Req.
• MDS2-2013
• NIST 800-147/800-155
• NIST 800-171 Non-Federal Systems
• NIST 800-190 Containers

• NIST 800-218 SSDF
• NIST 800-53r4
• NIST 800-53r5
• NIST 800-82 Industrial Control Systems
• NIST 800-95 Web Services
• NISTIR 8397 (Verification Req.)
• OWASP API Top 10, 2023
• OWASP Low-Code/No-Code Top 10
• OWASP Top 10 2017
• OWASP Top 10 2021
• OWASP Top 10 2025
• OWASP Top 10 Privacy Risks v2.0
• PCI SSF: SSLC (1.1) & SSS (1.2.1)
• Secure Controls Framework (SCF)
• Web Content Accessibility Guidelines (WCAG)

• ASD-STIG 5
• ASVS 4.0
• CWE Top 25, 2023
• CWE 4.13
• CVSS 3
• MDS2-2013
• OWASP Top 10 2017
• OWASP Top 10 2021
• OWASP API Top 10, 2023
• OWASP Top 10 Privacy Risks v2.0
• Secure Controls Framework (SCF)
• PCI SSF: SSLC (1.1) & S3 (1.0)
• DISA Control Correlation Identifier (CCI) Framework

• NIST 800-147/800-155
• BIOS/FW
• NIST 800-171 Non-Federal Systems
• NIST 800-53r4
• NIST 800-53r5
• NIST 800-82 Industrial Control Systems
• NIST 800-95 Web Services
• NIST 800-190 Containers
• NIST 800-218 SSDF
• NISTIR 8397 (Verification Req.)
• EO14028
  
  • NIST Critical Software Req.
• Consumer IoT
  
  • ETSI EN 303 645

• Authentication and Access Control
• Availability and Systems DoS Protection
• Communication Protocols
  • AMQP
  • Bluetooth
  • HyperCat
  • MQTT
  • Pub/Sub
  • QUIC & HTTP/2 (falls under Communication Protocols)
  • Server Message Block Protocol (SMB)
  • Thread
  • WiFi
  • XMPP
  • Zigbee
• Consumer IoT: ETSI EN 303 645
• RFID Solutions
  • OWASP IoT Top 10 (OWASP IoT Attack Surface [Archived])

• Covers existing eLearning course library.
• Includes training on compliance and application security.
• Over 750 bite-sized training modules associated directly with specific Countermeasures, to teach developers about secure coding.

• COBOL
• Secure Development Guidelines

• Android Framework (Java and Kotlin)
• Flutter / Dart
• iOS framework (Objective-C and Swift)

• OWASP Mobile ASVS
• OWASP Mobile Top 10

• Alibaba Cloud: [Foundation CIS Benchmark]

• IDM
• Logging and monitoring
• Networking
• VM
• Storage
• RDB
• Kubernetes
• Security Center

• Amazon Web Services (AWS) Foundations and 3-Tier CIS Benchmarks

• AMI
• API Gateway
• Aurora
• Auto Scaling
• CloudFront
• CloudWatch
• Cognito
• Config
• DynamoDB
• EBS
• EC2
• ECS
• EKS
• ELB
• IAM
• Kinesis Data Firehose
• Kinesis Data Streams
• KMS
• Lambda

• RDS
• Route53
• S3
• SageMaker
• SNS
• SQS
• VPC
• WAF
• Certificate Manager
• CloudFormation
• Elastic Container Registry
• Elastic File System
• ElastiCache
• Managed Streaming for
• Apache Kafka
• MQ
• OpenSearch Service
• RedShift
• Secrets Manager

• Simple Email Service
• Step Functions
• Systems Manager
• Transfer Family
• AWS CodePipeline
• CodeArtifact
• Elasticache
• X-Ray
• Athena
• Backup
• DataSync
• Direct Connect
• EventBridge
• Fargate
• AWS FSx
• GuardDuty
• Inspector
• Neptune
• Rekognition

• AMI
• API Gateway
• Athena Backup
• Aurora
• Auto Scaling
• AWS CodePipeline
• AWS FSx
• Certificate Manager
• CloudFormation
• CloudFront
• CloudWatch
• CodeArtifact
• Cognito
• Config
• DataSync
• Direct Connect
• DynamoDB
• EBS

• EC2
• ECS
• EKS
• Elastic Container Registry
• Elastic File System
• ElastiCache
• ELB
• EventBridge
• Fargate
• GuardDuty
• IAM
• Inspector
• Kinesis Data Firehose
• Kinesis Data Streams
• KMS
• Lambda
• Managed Streaming for Apache Kafka
• MQ

• Neptune
• OpenSearch Service
• RDS
• RedShift
• Rekognition
• Route53
• S3
• SageMaker
• Secrets Manager
• Simple Email Service
• SNS
• SQS
• Step Functions
• Systems Manager
• Transfer Family
• VPC
• WAF
• X-Ray

• Apache HTTP Server
• Apache Kafka
• Apache Tomcat Server
• CI/CD Tools
  • CircleCI
  • JFrog
• Containerization Tools

• ContainerD
• Docker
• Generic Containers
• Kubernetes

• OpenShift
• PodMan
• Singularity

• Data Platforms

• Snowflake

• Data Serailiztion Formats

• Protocol Buffers

• Databases

• Apache Cassandra
• CockroachDB
• Generic Database
• InfluxDB

• Neo4j
• MariaDB
• MarkLogic

• Oracle
• PostgreSQL
• SQLite

• GitHub
• Google Cloud Platform

• BigQuery
• Cloud Audit Logs
• Cloud DNS
• Cloud IAM

• Cloud Key Management Service
• Cloud Storage
• Cloud SQL
• Compute Engine

• Kubernetes Engine
• Stackdriver
• Vertex AI
• Virtual Private Cloud (VPC)

• • IaC Tools
    
    • Ansible
    • Azure Resource Manager (ARM)
    • Terraform

• • IBM Cloud
    • Activity Tracker
    • Block Storage
    • Cloudant
    • Container Registry
    • Database
    • Internet Services

• Key Management Services
• KeyProtect
• Kubernetes Service
• Object Storage
• VPC

• Microsoft Azure (Microsoft Cloud Security & Azure Security Benchmarks)

• Active Directory
• AKS
• Azure Active Directory External      Identities
• Azure AI Bot Service
• Azure Analysis Services
• Azure API Management
• Azure App Configuration
• Azure App Service
• Azure Application Gateway
• Azure Arc, Azure Stack Edge
• Azure Attestation
• Azure Automation
• Azure Backup
• Azure Bastion
• Azure Batch
• Azure Blob Storage
• Azure Cache for Redis
• Azure Cloud Shell
• Azure Communication Services
• Azure Communications Gateway
• Azure Container Apps
• Azure Container Instances
• Azure Container Registry
• Azure Content Delivery Network
• Azure Cosmos DB
• Azure Cost Management
• Azure CycleCloud
• Azure Data Box
• Azure Data Explorer
• Azure Data Factory
• Azure Data Lake Analytics
• Azure Data Lake Storage
• Azure Data Share
• Azure Database for MariaDB
• Azure Database for MySQL
• Azure Database Migration Service
• Azure Databricks

• Azure DDoS Protection
• Azure Dedicated HSM
• Azure Defender for Cloud
• Azure DevTest Labs
• Azure Digital Twins
• Azure DNS
• Azure Event Grid
• Azure Event Hubs
• Azure Firewall
• Azure Firewall Manager
• Azure Front Door
• Azure Functions
• Azure HPC Cache
• Azure Information Protection
• Azure IoT Central
• Azure IoT Hub
• Azure Key Vault Managed HSM
• Azure Lighthouse
• Azure Linux Virtual Machines
• Azure Load Balancer
• Azure Logic Apps
• Azure Machine Learning
• Azure Managed Applications
• Azure Managed Instance for      Apache Cassandra
• Azure Managed Lustre
• Azure Media Services
• Azure Migrate
• Azure NAT Gateway
• Azure NetApp Files
• Azure Network Watcher
• Azure Notification Hubs
• Azure OpenAI Service
• Azure Policy
• Azure PostgreSQL Database
• Azure Private Link
• Azure Purview

• Azure Red Hat OpenShift
• Azure Remote Rendering
• Azure Resource Manager (ARM)
• Azure Resource Manager      Templates
• Azure Resource Mover
• Azure Sentinel
• Azure Service Bus
• Azure SignalR Service
• Azure Site Recovery
• Azure Spatial Anchors
• Azure Spring Apps
• Azure SQL
• Azure Static Web Apps
• Azure Stream Analytics
• Azure Subscriptions & Resources
• Azure Synapse Analytics
• Azure Traffic Manager
• Azure Virtual Desktop
• Azure Virtual Machine Scale Sets
• Azure Virtual WAN
• Azure VMware Solution
• Azure VPN Gateway
• Azure Web Application Firewall
• Azure Web PubSub
• Azure Windows Server
• Azure Windows Virtual Machines
• IBM DB2
• Key Vault
• Monitor
• Multi-Factor Authentication
• Network Watcher
• Security Center
• SQL Database
• SQL Managed Instance
• Storage
• Virtual Machines
• Virtual Network

• Microsoft IIS Server
• Microsoft SQL Server
• Microservices Infrastructure
• Micronaut (Microservices)
• MySQL
• Network

• 3G
• 4G/LTE
• 5G
• Advanced Message Queuing      Protocol (AMQP)
• Bluetooth
• Content Delivery Network (CDN)
• Directory Server
• DNS Server

• File Transfer Protocol (FTP)
• Firewall
• FTP
• FTP Server
• IDS/IPS
• Load Balancer
• LoRa
• Message Broker
• Modbus

• Proxy Server
• QUIC & HTTP/2
• Router
• Service Bus
• Virtual Private Network (VPN)
• Virtual Private Network (VPN)      Server
• WiFi

• Oracle Cloud Infrastructure CIS Benchmark [Computation instance, Object Storage, Block Volume, File Storage]
• Password Management and Access Control
• Hashicorp Vault
• Okta
• Process-level Cloud Security Guidelines
• Provider-agnostic Story-driven Cloud Content

• ANSSI/France Digital Signature and Encryption Requirements
• ANSI/ISA/IEC 62443-3-3
• ANSI/ISA/IEC 62443-4-1
• ANSI/ISA/IEC 62443-4-2
• BACEN (Banco Central do Brasil) Cybersecurity Regulations (CMN Resolution No. 4893/2021, BCB Resolution No. 85/2021, Joint Resolution No. 6,2023) and Securities and Exchange Commission of Brazil (CVM) Report based on Resolution 35/2021
• Certification (CMMC) [v1 and v2]
• Chinese Cybersecurity Law
• CNSSI 1253
• CSA Cloud Controls Matrix (CCM) v3 & v4
• Cybersecurity Maturity Model
• DIACAP
• EU Data Act

PRIVACY RELATED

• EU Digital Operational Resilience Act (DORA)
• EU Network and Information Security 2 (NIS2) Directive
• European Banking Authority (EBA) Security of Internet Payments
• EN 18031-1 to 3 (EU-Radio Equipment)
• FedRAMP
• GLBA
• HIPAA
• ISASecure CSA 311
• ISASecure SSA 311
• ISO 27001:2013 (SOX)
• ISO 27001:2022 (SOX)
• MAS-TRMG
• NIST Cybersecurity Framework
• NYDFS10

• Anti-Spam Guidelines/CASL
• Brazilian LGPD
• California Consumer Privacy Act (CCPA)
• California Online Privacy Protection Act (CalOPPA)
• California Privacy Right Act (CPRA) (California Civil Code)
• CNIL Cookie Guidelines
• COPPA
• EU Privacy and Cookie Laws
• GAPP
• GDPR (EU & UK)

• India Digital Personal Data Protection Act (DPDPA)
• New York Shield Act (S5575B)
• NIST 800-53 Privacy Controls
• PA-DSS 3.2
• PCI-DSS 4, PCI-DSS 3.2
• Personal Information Protection Law (PIPL) – China’s Privacy Law
• PIPEDA/ECPA/CAN-SPAM
• SOC2 (Based on AICPA TrustServices Criteria)
• U.S. states’ privacy law tracker

• Salesforce

• Angular
• Apex for Force.com
• C#/ASP.net (.NET 8, WCF, and Core 3)
• Django (Python)
• GoLang
• GraphQL
• HTML5 and CSP
• Java Libraries and Frameworks
  • Apache Wicket
  • ESAPI
  • Hibernate
  • Spring
  • Struts
• Java SE / EE
• JavaScript
• JSP, Servlets
• Low-Code/No-Code

• Microsoft Power Pages
• NGINX
• Node.js
• NoSQL / SQL
• OAuth and OIDC
• PHP
• Python
• Ruby on Rails
• Rust
• SOAP / REST
• TypeScript
• Vue.js
• Web servers
  • Apache
  • IIS
• XML and YAML Security