Modern Security¶
The Modern Security library provides technical guidance, architectural patterns, and regulatory reviews for securing digital systems. The emergence of autonomous AI agents, non-human identities, and containerised runtime environments requires moving beyond traditional firewalls and static access controls. These guides focus on active verification, identity sovereignty, and zero-trust engineering.
Security Domains¶
Select a category below to explore specific cybersecurity guides:
AI Agent & Systems Security¶
Transition from passive access control to active intent and systems verification:
-
Access Control vs. Intent Verification
Understand why traditional access control fails with autonomous systems and how to transition to intent verification.
-
Intent Verification in AI Agents
Technical frameworks for validating and constraining actions taken by autonomous language models.
-
Deterministic AI Verification
Explore mathematical and deterministic checks to secure AI-assisted systems programming and code delivery.
Compliance & Governance¶
Understand regulatory requirements and frameworks for organisational security:
-
Cybersecurity & Regulatory Compliance
An overview of modern regulatory landscapes, audits, and their operational implications.
-
NIS2 Directive EU Compliance
A deep-dive guide to implementing the European Union's NIS2 Directive for network and information system security.
-
Compliance Frameworks
A comparative study of security frameworks including ISO 27001, SOC2, and NIST, and how to apply them.
-
Modern Compliance & Zero Trust
Integrating zero-trust architectures to satisfy compliance constraints and reduce breach impact.
Identity & Secrets Infrastructure¶
Secure machine communications, non-human workflows, and runtime environments:
-
Identity Security as a Catalyst
How standardizing identity security across systems acts as a business driver and accelerator.
-
Non-Human Identities (NHI)
Operational guides for discovering, managing, and rotating machine credentials and non-human keys.
-
Secrets Management Best Practices
A reference manual for securely storing, accessing, and auditing API tokens, passwords, and private keys.
-
Infrastructure Identity Paradigm
Moving beyond IP-based authentication toward cryptographic workload identities.
-
Container & Runtime Security
Best practices for securing Docker configurations, container bases, and runtime kernels against exploits.
Security Strategy & Incident Case Studies¶
Learn from historical outages and build a systematic defense:
-
Cybersecurity Effective Implementation
Build and lead a proactive security organisation with a unified technical strategy.
-
Selecting the Right Security Tools
A framework for evaluating security vendors, scanners, and tools without inducing alert fatigue.
-
Famous Security Incidents
Case studies of major historical security breaches, detailing the root causes, blast radiuses, and SRE lessons.
-
OWASP Introduction
An introduction to the Open Web Application Security Project (OWASP) and its foundational standards.