Skip to content

Security Domain

Domain guide: browse all security content organized as a learning sequence.

Curated path through ops-focused security, hardening, secrets, and compliance content.

Topics

Resource Level Description
Security Basics (Ops-Focused) L0 Threat models, least privilege, defense in depth
Secrets Management L1 Vault, SOPS, sealed secrets, rotation patterns
TLS & PKI L1 Certificates, chains, mTLS, debugging handshakes
SELinux & AppArmor L1 Mandatory access control for Linux
SELinux & Linux Hardening L2 CIS benchmarks, sysctl tuning, audit logging
LDAP & Identity Management L2 Directory services, SSO, RBAC patterns
Compliance & Audit Automation L2 SOC2, PCI, automated evidence collection
Infrastructure Forensics L3 Post-breach investigation, timeline reconstruction
Disaster Recovery & Backup Engineering L2 RPO/RTO, backup verification, DR runbooks
Supply Chain Security L2 SBOM, Sigstore, provenance, SLSA
HashiCorp Vault L2 Vault architecture, policies, dynamic secrets

Runbooks

Resource Description
Certificate Renewal Failed When cert-manager or manual renewal breaks
Secret Rotation Rotating secrets without downtime

Practice

Resource Type
Security Cheatsheet Quick reference
TLS & PKI Cheatsheet Quick reference
Secrets Management Cheatsheet Quick reference
Skillcheck: Security Self-assessment
Skillcheck: TLS & PKI Self-assessment
Skillcheck: Secrets Management Self-assessment

Where to Start

Begin with Security Basics for the mental model, then Secrets Management and TLS & PKI for hands-on skills. The hardening and compliance topics assume Linux admin experience.