github
/
developer-roadmap
mirror of https://github.com/kamranahmedse/developer-roadmap.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chore: update roadmap content json (#8540)

Browse Source 
Co-authored-by: kamranahmedse <4921183+kamranahmedse@users.noreply.github.com>
refactor/red-teaming
github-actions[bot] 3 days ago committed by GitHub
parent 5f53b3ef1e
commit be1b041acb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 343 additions and 205 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 128
      public/roadmap-content/ai-red-teaming.json
  2. 385
      public/roadmap-content/cyber-security.json
  3. 35
      public/roadmap-content/react.json

128
public/roadmap-content/ai-red-teaming.json
Unescape View File

@ -1,322 +1,322 @@
{
"R9DQNc0AyAQ2HLpP4HOk6": {
"title": "AI Security Fundamentals",
"description": "",
"description": "This covers the foundational concepts essential for AI Red Teaming, bridging traditional cybersecurity with AI-specific threats. An AI Red Teamer must understand common vulnerabilities in ML models (like evasion or poisoning), security risks in the AI lifecycle (from data collection to deployment), and how AI capabilities can be misused. This knowledge forms the basis for designing effective tests against AI systems.\n\nLearn more from the following resources:\n\n* [@article@Building Trustworthy AI: Contending with Data Poisoning - Nisos](https://nisos.com/research/building-trustworthy-ai/) - Explores data poisoning threats in AI/ML.\n* [@article@What Is Adversarial AI in Machine Learning? - Palo Alto Networks](https://www.paloaltonetworks.co.uk/cyberpedia/what-are-adversarial-attacks-on-AI-Machine-Learning) - Overview of adversarial attacks targeting AI/ML systems.\n* [@course@AI Security | Coursera](https://www.coursera.org/learn/ai-security) - Foundational course covering AI risks, governance, security, and privacy.",
"links": []
},
"fNTb9y3zs1HPYclAmu_Wv": {
"title": "Why Red Team AI Systems?",
"description": "",
"description": "AI systems introduce novel risks beyond traditional software, such as emergent unintended capabilities, complex failure modes, susceptibility to subtle data manipulations, and potential for large-scale misuse (e.g., generating disinformation). AI Red Teaming is necessary because standard testing methods often fail to uncover these unique AI vulnerabilities. It provides critical, adversary-focused insights needed to build genuinely safe, reliable, and secure AI before deployment.\n\nLearn more from the following resources:\n\n@article@What's the Difference Between Traditional Red-Teaming and AI Red-Teaming? - Cranium AI - Compares objectives, techniques, expertise, and attack vectors to highlight why AI needs specialized red teaming. @article@What is AI Red Teaming? The Complete Guide - Mindgard - Details specific use cases like identifying bias, ensuring resilience against AI-specific attacks, testing data privacy, and aligning with regulations. @article@The Expanding Role of Red Teaming in Defending AI Systems - Protect AI - Explains why the dynamic, adaptive, and often opaque nature of AI necessitates red teaming beyond traditional approaches. @article@How red teaming helps safeguard the infrastructure behind AI models - IBM - Focuses on unique AI risks like model IP theft, open-source vulnerabilities, and excessive agency that red teaming addresses.",
"links": []
},
"HFJIYcI16OMyM77fAw9af": {
"title": "Introduction",
"description": "",
"description": "AI Red Teaming is the practice of simulating adversarial attacks against AI systems to proactively identify vulnerabilities, potential misuse scenarios, and failure modes before malicious actors do. Distinct from traditional cybersecurity red teaming, it focuses on the unique attack surfaces of AI models, such as prompt manipulation, data poisoning, model extraction, and evasion techniques. The primary goal for an AI Red Teamer is to test the robustness, safety, alignment, and fairness of AI systems, particularly complex ones like LLMs, by adopting an attacker's mindset to uncover hidden flaws and provide actionable feedback for improvement.\n\nLearn more from the following resources:\n\n* [@article@A Guide to AI Red Teaming - HiddenLayer](https://hiddenlayer.com/innovation-hub/a-guide-to-ai-red-teaming/) - Discusses AI red teaming concepts and contrasts with traditional methods.\n* [@article@What is AI Red Teaming? (Learn Prompting)](https://learnprompting.org/blog/what-is-ai-red-teaming) - Overview of AI red teaming, its history, and key challenges.\n* [@article@What is AI Red Teaming? The Complete Guide - Mindgard](https://mindgard.ai/blog/what-is-ai-red-teaming) - Guide covering AI red teaming processes, use cases, and benefits.\n* [@podcast@Red Team Podcast | AI Red Teaming Insights & Defense Strategies - Mindgard](https://mindgard.ai/podcast/red-team) - Podcast series covering AI red teaming trends and strategies.",
"links": []
},
"1gyuEV519LjN-KpROoVwv": {
"title": "Ethical Considerations",
"description": "",
"description": "Ethical conduct is crucial for AI Red Teamers. While simulating attacks, they must operate within strict legal and ethical boundaries defined by rules of engagement, focusing on improving safety without causing real harm or enabling misuse. This includes respecting data privacy, obtaining consent where necessary, responsibly disclosing vulnerabilities, and carefully considering the potential negative impacts of both the testing process and the AI capabilities being tested. The goal is discovery for defense, not exploitation.\n\nLearn more from the following resources:\n\n* [@article@Red-Teaming in AI Testing: Stress Testing - Labelvisor](https://www.labelvisor.com/red-teaming-abstract-competitive-testing-data-selection/) - Mentions balancing attack simulation with ethical constraints.\n* [@article@Responsible AI assessment - Responsible AI | Coursera](https://www.coursera.org/learn/ai-security) (Module within AI Security course)\n* [@guide@Responsible AI Principles (Microsoft)](https://www.microsoft.com/en-us/ai/responsible-ai) - Example of corporate responsible AI guidelines influencing ethical testing.\n* [@video@Questions to Guide AI Red-Teaming (CMU SEI)](https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=928382) - Key questions and ethical guidelines for AI red teaming activities (video talk).",
"links": []
},
"Irkc9DgBfqSn72WaJqXEt": {
"title": "Role of Red Teams",
"description": "",
"description": "The role of an AI Red Team is to rigorously challenge AI systems from an adversarial perspective. They design and execute tests to uncover vulnerabilities related to the model's logic, data dependencies, prompt interfaces, safety alignments, and interactions with surrounding infrastructure. They provide detailed reports on findings, potential impacts, and remediation advice, acting as a critical feedback loop for AI developers and stakeholders to improve system security and trustworthiness before and after deployment.\n\nLearn more from the following resources:\n\n* [@article@The Complete Guide to Red Teaming: Process, Benefits & More - Mindgard AI](https://mindgard.ai/blog/red-teaming) - Discusses the purpose and process of red teaming.\n* [@article@The Complete Red Teaming Checklist \\[PDF\\]: 5 Key Steps - Mindgard AI](https://mindgard.ai/blog/red-teaming-checklist) - Outlines typical red team roles and responsibilities.\n* [@article@What is AI Red Teaming? - Learn Prompting](https://learnprompting.org/docs/category/ai-red-teaming) - Defines the role and activities.",
"links": []
},
"NvOJIv36Utpm7_kOZyr79": {
"title": "Supervised Learning",
"description": "",
"description": "AI Red Teamers analyze systems built using supervised learning to probe for vulnerabilities like susceptibility to adversarial examples designed to cause misclassification, sensitivity to data distribution shifts, or potential for data leakage related to the labeled training data. Understanding how these models learn input-output mappings is key to devising tests that challenge their learned boundaries.\n\nLearn more from the following resources:\n\n* [@article@AI and cybersecurity: a love-hate revolution - Alter Solutions](https://www.alter-solutions.com/en-us/articles/ai-cybersecurity-love-hate-revolution) - Discusses supervised learning use in vulnerability scanning and potential exploits.\n* [@article@What Is Supervised Learning? | IBM](https://www.ibm.com/think/topics/supervised-learning) - Foundational explanation.\n* [@article@What is Supervised Learning? | Google Cloud](https://cloud.google.com/discover/what-is-supervised-learning) - Foundational explanation.",
"links": []
},
"ZC0yKsu-CJC-LZKKo2pLD": {
"title": "Unsupervised Learning",
"description": "",
"description": "When red teaming AI systems using unsupervised learning (e.g., clustering algorithms), focus areas include assessing whether the discovered patterns reveal sensitive information, if the model can be manipulated to group data incorrectly, or if dimensionality reduction techniques obscure security-relevant features. Understanding these models helps identify risks associated with pattern discovery on unlabeled data.\n\nLearn more from the following resources:\n\n* [@article@How Unsupervised Learning Works with Examples - Coursera](https://www.coursera.org/articles/unsupervised-learning) - Foundational explanation with examples.\n* [@article@Supervised vs. Unsupervised Learning: Which Approach is Best? - DigitalOcean](https://www.digitalocean.com/resources/articles/supervised-vs-unsupervised-learning) - Contrasts learning types, relevant for understanding different attack surfaces.",
"links": []
},
"Xqzc4mOKsVzwaUxLGjHya": {
"title": "Reinforcement Learning",
"description": "",
"description": "Red teaming RL-based AI systems involves testing for vulnerabilities such as reward hacking (exploiting the reward function to induce unintended behavior), unsafe exploration (agent takes harmful actions during learning), or susceptibility to adversarial perturbations in the environment's state. Understanding the agent's policy and value functions is crucial for designing effective tests against RL agents.\n\nLearn more from the following resources:\n\n* [@article@Best Resources to Learn Reinforcement Learning - Towards Data Science](https://towardsdatascience.com/best-free-courses-and-resources-to-learn-reinforcement-learning-ed6633608cb2/) - Curated list of RL learning resources.\n* [@article@What is reinforcement learning? - Blog - York Online Masters degrees](https://online.york.ac.uk/resources/what-is-reinforcement-learning/) - Foundational explanation.\n* [@course@Deep Reinforcement Learning Course by HuggingFace](https://huggingface.co/learn/deep-rl-course/unit0/introduction) - Comprehensive free course on Deep RL.\n* [@paper@Diverse and Effective Red Teaming with Auto-generated Rewards and Multi-step Reinforcement Learning - arXiv](https://arxiv.org/html/2412.18693v1) - Research on using RL for red teaming and generating attacks.",
"links": []
},
"RuKzVhd1nZphCrlW1wZGL": {
"title": "Neural Networks",
"description": "",
"description": "Understanding neural network architectures (layers, nodes, activation functions) is vital for AI Red Teamers. This knowledge allows for targeted testing, such as crafting adversarial examples that exploit specific activation functions or identifying potential vulnerabilities related to network depth or connectivity. It provides insight into the 'black box' for more effective white/grey-box testing.\n\nLearn more from the following resources:\n\n* [@guide@Neural Networks Explained: A Beginner's Guide - SkillCamper](https://www.skillcamper.com/blog/neural-networks-explained-a-beginners-guide) - Foundational guide.\n* [@guide@Neural networks | Machine Learning - Google for Developers](https://developers.google.com/machine-learning/crash-course/neural-networks) - Google's explanation within their ML crash course.\n* [@paper@Red Teaming with Artificial Intelligence-Driven Cyberattacks: A Scoping Review - arXiv](https://arxiv.org/html/2503.19626) - Review discussing AI methods like neural networks used in red teaming simulations.",
"links": []
},
"3XJ-g0KvHP75U18mxCqgw": {
"title": "Generative Models",
"description": "",
"description": "AI Red Teamers focus heavily on generative models (like GANs and LLMs) due to their widespread use and unique risks. Understanding how they generate content is key to testing for issues like generating harmful/biased outputs, deepfakes, prompt injection vulnerabilities, or leaking sensitive information from their vast training data.\n\nLearn more from the following resources:\n\n* [@article@An Introduction to Generative Models | MongoDB](https://www.mongodb.com/resources/basics/artificial-intelligence/generative-models) - Explains basics and contrasts with discriminative models.\n* [@course@Generative AI for Beginners - Microsoft Open Source](https://microsoft.github.io/generative-ai-for-beginners/) - Free course covering fundamentals.\n* [@guide@Generative AI beginner's guide | Generative AI on Vertex AI - Google Cloud](https://cloud.google.com/vertex-ai/generative-ai/docs/learn/overview) - Overview covering generative AI concepts and Google's platform context.",
"links": []
},
"8K-wCn2cLc7Vs_V4sC3sE": {
"title": "Large Language Models",
"description": "",
"description": "LLMs are a primary target for AI Red Teaming. Understanding their architecture (often Transformer-based), training processes (pre-training, fine-tuning), and capabilities (text generation, summarization, Q&A) is essential for identifying vulnerabilities like prompt injection, jailbreaking, data regurgitation, and emergent harmful behaviors specific to these large-scale models.\n\nLearn more from the following resources:\n\n* [@article@What is an LLM (large language model)? - Cloudflare](https://www.cloudflare.com/learning/ai/what-is-large-language-model/) - Concise explanation from Cloudflare.\n* [@guide@Introduction to Large Language Models - Learn Prompting](https://learnprompting.org/docs/intro_to_llms) - Learn Prompting's introduction.\n* [@guide@What Are Large Language Models? A Beginner's Guide for 2025 - KDnuggets](https://www.kdnuggets.com/large-language-models-beginners-guide-2025) - Overview of LLMs, how they work, strengths, and limitations.",
"links": []
},
"gx4KaFqKgJX9n9_ZGMqlZ": {
"title": "Prompt Engineering",
"description": "",
"description": "For AI Red Teamers, prompt engineering is both a tool and a target. It's a tool for crafting inputs to test model boundaries and vulnerabilities (e.g., creating jailbreak prompts). It's a target because understanding how prompts influence LLMs is key to identifying prompt injection vulnerabilities and designing defenses. Mastering prompt design is fundamental to effective LLM red teaming.\n\nLearn more from the following resources:\n\n* [@article@Introduction to Prompt Engineering - Datacamp](https://www.datacamp.com/tutorial/introduction-prompt-engineering) - Tutorial covering basics.\n* [@article@System Prompts - InjectPrompt](https://www.injectprompt.com/t/system-prompts) - Look at the system prompts of flagship LLMs.\n* [@course@Introduction to Prompt Engineering - Learn Prompting](https://learnprompting.org/courses/intro-to-prompt-engineering) - Foundational course from Learn Prompting.\n* [@guide@Prompt Engineering Guide - Learn Prompting](https://learnprompting.org/docs/prompt-engineering) - Comprehensive guide from Learn Prompting.\n* [@guide@The Ultimate Guide to Red Teaming LLMs and Adversarial Prompts (Kili Technology)](https://kili-technology.com/large-language-models-llms/red-teaming-llms-and-adversarial-prompts) - Connects prompt engineering directly to LLM red teaming concepts.",
"links": []
},
"WZkIHZkV2qDYbYF9KBBRi": {
"title": "Confidentiality, Integrity, Availability",
"description": "",
"description": "The CIA Triad is directly applicable in AI Red Teaming. Confidentiality tests focus on preventing leakage of training data or proprietary model details. Integrity tests probe for susceptibility to data poisoning or model manipulation. Availability tests assess resilience against denial-of-service attacks targeting the AI model or its supporting infrastructure.\n\nLearn more from the following resources:\n\n* [@article@Confidentiality, Integrity, Availability: Key Examples - DataSunrise](https://www.datasunrise.com/knowledge-center/confidentiality-integrity-availability-examples/) - Explains CIA triad with examples, mentioning AI/ML relevance.\n* [@article@The CIA Triad: Confidentiality, Integrity, Availability - Veeam](https://www.veeam.com/blog/cybersecurity-cia-triad-explained.html) - Breakdown of the three principles and how they apply.\n* [@article@What's The CIA Triad? Confidentiality, Integrity, & Availability, Explained | Splunk](https://www.splunk.com/en_us/blog/learn/cia-triad-confidentiality-integrity-availability.html) - Detailed explanation of the triad, mentioning modern updates and AI context.",
"links": []
},
"RDOaTBWP3aIJPUp_kcafm": {
"title": "Threat Modeling",
"description": "",
"description": "AI Red Teams apply threat modeling to identify unique attack surfaces in AI systems, such as manipulating training data, exploiting prompt interfaces, attacking the model inference process, or compromising connected tools/APIs. Before attacking an AI system, red teamers perform threat modeling to map out possible adversaries (from curious users to state actors) and attack vectors, prioritizing tests based on likely impact and adversary capability.\n\nLearn more from the following resources:\n\n* [@article@Core Components of AI Red Team Exercises (Learn Prompting)](https://learnprompting.org/blog/what-is-ai-red-teaming) - Describes threat modeling as the first phase of an AI red team engagement.\n* [@guide@Threat Modeling Process | OWASP Foundation](https://owasp.org/www-community/Threat_Modeling_Process) - More detailed process steps.\n* [@guide@Threat Modeling | OWASP Foundation](https://owasp.org/www-community/Threat_Modeling) - General threat modeling process applicable to AI context.\n* [@video@How Microsoft Approaches AI Red Teaming (MS Build)](https://learn.microsoft.com/en-us/events/build-may-2023/breakout-responsible-ai-red-teaming/) - Video on Microsoft’s AI red team process, including threat modeling specific to AI.",
"links": []
},
"MupRvk_8Io2Hn7yEvU663": {
"title": "Risk Management",
"description": "",
"description": "AI Red Teamers contribute to the AI risk management process by identifying and demonstrating concrete vulnerabilities. Findings from red team exercises inform risk assessments, helping organizations understand the likelihood and potential impact of specific AI threats and prioritize resources for mitigation based on demonstrated exploitability.\n\nLearn more from the following resources:\n\n* [@framework@NIST AI Risk Management Framework](https://www.nist.gov/itl/ai-risk-management-framework) - Key framework for managing AI-specific risks.\n* [@guide@A Beginner's Guide to Cybersecurity Risks and Vulnerabilities - Champlain College Online](https://online.champlain.edu/blog/beginners-guide-cybersecurity-risk-management) - Foundational understanding of risk.\n* [@guide@Cybersecurity Risk Management: Frameworks, Plans, and Best Practices - Hyperproof](https://hyperproof.io/resource/cybersecurity-risk-management-process/) - General guide applicable to AI system context.",
"links": []
},
"887lc3tWCRH-sOHSxWgWJ": {
"title": "Vulnerability Assessment",
"description": "",
"description": "While general vulnerability assessment scans infrastructure, AI Red Teaming extends this to assess vulnerabilities specific to the AI model and its unique interactions. This includes probing for prompt injection flaws, testing for adversarial example robustness, checking for data privacy leaks, and evaluating safety alignment failures – weaknesses not typically found by standard IT vulnerability scanners.\n\nLearn more from the following resources:\n\n* [@article@AI red-teaming in critical infrastructure: Boosting security and trust in AI systems - DNV](https://www.dnv.com/article/ai-red-teaming-for-critical-infrastructure-industries/) - Discusses vulnerability assessment within AI red teaming for critical systems.\n* [@guide@The Ultimate Guide to Vulnerability Assessment - Strobes Security](https://strobes.co/blog/guide-vulnerability-assessment/) - Comprehensive guide on VA process (apply concepts to AI).\n* [@guide@Vulnerability Scanning Tools | OWASP Foundation](https://owasp.org/www-community/Vulnerability_Scanning_Tools) - List of tools useful in broader system assessment around AI.",
"links": []
},
"Ds8pqn4y9Npo7z6ubunvc": {
"title": "Jailbreak Techniques",
"description": "",
"description": "Jailbreaking is a specific category of prompt hacking where the AI Red Teamer aims to bypass the LLM's safety and alignment training. They use techniques like creating fictional scenarios, asking the model to simulate an unrestricted AI, or using complex instructions to trick the model into generating content that violates its own policies (e.g., generating harmful code, hate speech, or illegal instructions).\n\nLearn more from the following resources:\n\n* [@article@InjectPrompt (David Willis-Owen)](https://injectprompt.com) - Discusses jailbreaks for several LLMs\n* [@guide@Prompt Hacking Guide - Learn Prompting](https://learnprompting.org/docs/category/prompt-hacking) - Covers jailbreaking strategies.\n* [@paper@Jailbroken: How Does LLM Safety Training Fail? (arXiv)](https://arxiv.org/abs/2307.02483) - Research analyzing jailbreak failures.",
"links": []
},
"j7uLLpt8MkZ1rqM7UBPW4": {
"title": "Safety Filter Bypasses",
"description": "",
"description": "AI Red Teamers specifically target the safety mechanisms (filters, guardrails) implemented within or around an AI model. They test techniques like using synonyms for blocked words, employing different languages, embedding harmful requests within harmless text, or using character-level obfuscation to evade detection and induce the model to generate prohibited content, thereby assessing the robustness of the safety controls.\n\nLearn more from the following resources:\n\n* [@article@Bypassing AI Content Filters | Restackio](https://www.restack.io/p/ai-driven-content-moderation-answer-bypass-filters-cat-ai) - Discusses techniques for evasion.\n* [@article@How to Bypass Azure AI Content Safety Guardrails - Mindgard](https://mindgard.ai/blog/bypassing-azure-ai-content-safety-guardrails) - Case study on bypassing specific safety mechanisms.\n* [@article@The Best Methods to Bypass AI Detection: Tips and Techniques - PopAi](https://www.popai.pro/resources/the-best-methods-to-bypass-ai-detection-tips-and-techniques/) - Focuses on evasion, relevant for filter bypass testing.",
"links": []
},
"XOrAPDRhBvde9R-znEipH": {
"title": "Prompt Injection",
"description": "",
"description": "Prompt injection is a critical vulnerability tested by AI Red Teamers. They attempt to insert instructions into the LLM's input that override its intended system prompt or task, causing it to perform unauthorized actions, leak data, or generate malicious output. This tests the model's ability to distinguish trusted instructions from potentially harmful user/external input.\n\nLearn more from the following resources:\n\n* [@article@Prompt Injection & the Rise of Prompt Attacks: All You Need to Know | Lakera](https://www.lakera.ai/blog/guide-to-prompt-injection) - Guide covering different types of prompt attacks.\n* [@article@Prompt Injection (Learn Prompting)](https://learnprompting.org/docs/prompt_hacking/injection) - Learn Prompting article describing prompt injection with examples and mitigation strategies.\n* [@article@Prompt Injection Attack Explanation (IBM)](https://research.ibm.com/blog/prompt-injection-attacks-against-llms) - Explains what prompt injections are and how they work.\n* [@article@Prompt Injection: Impact, How It Works & 4 Defense Measures - Tigera](https://www.tigera.io/learn/guides/llm-security/prompt-injection/) - Overview of impact and defenses.\n* [@course@Advanced Prompt Hacking - Learn Prompting](https://learnprompting.org/courses/advanced-prompt-hacking) - Covers advanced injection techniques.",
"links": []
},
"1Xr7mxVekeAHzTL7G4eAZ": {
"title": "Prompt Hacking",
"description": "",
"description": "Prompt hacking is a core technique for AI Red Teamers targeting LLMs. It involves crafting inputs (prompts) to manipulate the model into bypassing safety controls, revealing hidden information, or performing unintended actions. Red teamers systematically test various prompt hacking methods (like jailbreaking, role-playing, or instruction manipulation) to assess the LLM's resilience against adversarial user input.\n\nLearn more from the following resources:\n\n* [@course@Introduction to Prompt Hacking - Learn Prompting](https://learnprompting.org/courses/intro-to-prompt-hacking) - Free introductory course.\n* [@guide@Prompt Hacking Guide - Learn Prompting](https://learnprompting.org/docs/category/prompt-hacking) - Detailed guide covering techniques.\n* [@paper@SoK: Prompt Hacking of LLMs (arXiv 2023)](https://arxiv.org/abs/2311.05544) - Comprehensive research overview of prompt hacking types and techniques.",
"links": []
},
"5zHow4KZVpfhch5Aabeft": {
"title": "Direct",
"description": "",
"description": "Direct injection attacks occur when malicious instructions are inserted directly into the prompt input field by the user interacting with the LLM. AI Red Teamers use this technique to assess if basic instructions like \"Ignore previous prompt\" can immediately compromise the model's safety or intended function, testing the robustness of the system prompt's influence.\n\nLearn more from the following resources:\n\n* [@article@Prompt Injection & the Rise of Prompt Attacks: All You Need to Know | Lakera](https://www.lakera.ai/blog/guide-to-prompt-injection) - Differentiates attack types.\n* [@article@Prompt Injection Cheat Sheet (FlowGPT)](https://flowgpt.com/p/prompt-injection-cheat-sheet) - Collection of prompt injection examples often used in direct attacks.\n* [@report@OpenAI GPT-4 System Card](https://openai.com/research/gpt-4-system-card) - Sections discuss how direct prompt attacks were tested during GPT-4 development.",
"links": []
},
"3_gJRtJSdm2iAfkwmcv0e": {
"title": "Indirect",
"description": "",
"description": "Indirect injection involves embedding malicious prompts within external data sources that the LLM processes, such as websites, documents, or emails. AI Red Teamers test this by poisoning data sources the AI might interact with (e.g., adding hidden instructions to a webpage summarized by the AI) to see if the AI executes unintended commands or leaks data when processing that source.\n\nLearn more from the following resources:\n\n* [@paper@The Practical Application of Indirect Prompt Injection Attacks - David Willis-Owen](https://www.researchgate.net/publication/382692833_The_Practical_Application_of_Indirect_Prompt_Injection_Attacks_From_Academia_to_Industry) - Discusses a standard methodology to test for indirect injection attacks.\n* [@article@How to Prevent Indirect Prompt Injection Attacks - Cobalt](https://www.cobalt.io/blog/how-to-prevent-indirect-prompt-injection-attacks) - Explains indirect injection via external sources and mitigation.\n* [@article@Jailbreaks via Indirect Injection (Practical AI Safety Newsletter)](https://newsletter.practicalai.safety/p/jailbreaks-via-indirect-injection) - Examples of indirect prompt injection impacting LLM agents.",
"links": []
},
"G1u_Kq4NeUsGX2qnUTuJU": {
"title": "Countermeasures",
"description": "",
"description": "AI Red Teamers must also understand and test defenses against prompt hacking. This includes evaluating the effectiveness of input sanitization, output filtering, instruction demarcation (e.g., XML tagging), contextual awareness checks, model fine-tuning for resistance, and applying the principle of least privilege to LLM capabilities and tool access.\n\nLearn more from the following resources:\n\n* [@article@Mitigating Prompt Injection Attacks (NCC Group Research)](https://research.nccgroup.com/2023/12/01/mitigating-prompt-injection-attacks/) - Discusses various mitigation strategies and their effectiveness.\n* [@article@Prompt Injection & the Rise of Prompt Attacks: All You Need to Know | Lakera](https://www.lakera.ai/blog/guide-to-prompt-injection) - Includes discussion on best practices for prevention.\n* [@article@Prompt Injection: Impact, How It Works & 4 Defense Measures - Tigera](https://www.tigera.io/learn/guides/llm-security/prompt-injection/) - Covers defensive measures.\n* [@guide@OpenAI Best Practices for Prompt Security](https://platform.openai.com/docs/guides/prompt-engineering/strategy-write-clear-instructions) - OpenAI’s recommendations to prevent prompt manipulation.",
"links": []
},
"vhBu5x8INTtqvx6vcYAhE": {
"title": "Code Injection",
"description": "",
"description": "AI Red Teamers test for code injection vulnerabilities specifically in the context of AI applications. This involves probing whether user input, potentially manipulated via prompts, can lead to the execution of unintended code (e.g., SQL, OS commands, or script execution via generated code) within the application layer or connected systems, using the AI as a potential vector.\n\nLearn more from the following resources:\n\n* [@article@Code Injection in LLM Applications - NeuralTrust](https://neuraltrust.ai/blog/code-injection-in-llms) - Specifically discusses code injection risks involving LLMs.\n* [@docs@Secure Plugin Sandboxing (OpenAI Plugins)](https://platform.openai.com/docs/plugins/production/security-requirements) - Context on preventing code injection via AI plugins.\n* [@guide@Code Injection - OWASP Foundation](https://owasp.org/www-community/attacks/Code_Injection) - Foundational knowledge on code injection attacks.",
"links": []
},
"uBXrri2bXVsNiM8fIHHOv": {
"title": "Model Vulnerabilities",
"description": "",
"description": "This category covers attacks and tests targeting the AI model itself, beyond the prompt interface. AI Red Teamers investigate inherent weaknesses in the model's architecture, training data artifacts, or prediction mechanisms, such as susceptibility to data extraction, poisoning, or adversarial manipulation.\n\nLearn more from the following resources:\n\n* [@article@AI Security Risks Uncovered: What You Must Know in 2025 - TTMS](https://ttms.com/uk/ai-security-risks-explained-what-you-need-to-know-in-2025/) - Discusses adversarial attacks, data poisoning, and prototype theft.\n* [@article@Attacking AI Models (Trail of Bits Blog Series)](https://blog.trailofbits.com/category/ai-security/) - Series discussing model-focused attacks.\n* [@report@AI and ML Vulnerabilities (CNAS Report)](https://www.cnas.org/publications/reports/understanding-and-mitigating-ai-vulnerabilities) - Overview of known machine learning vulnerabilities.",
"links": []
},
"QFzLx5nc4rCCD8WVc20mo": {
"title": "Model Weight Stealing",
"description": "",
"description": "AI Red Teamers assess the risk of attackers reconstructing or stealing the proprietary weights of a trained model, often through API query-based attacks. Testing involves simulating such attacks to understand how easily the model's functionality can be replicated, which informs defenses like query rate limiting, watermarking, or differential privacy.\n\nLearn more from the following resources:\n\n* [@article@A Playbook for Securing AI Model Weights - RAND](https://www.rand.org/pubs/research_briefs/RBA2849-1.html) - Discusses attack vectors and security levels for protecting model weights.\n* [@article@How to Steal a Machine Learning Model (SkyCryptor)](https://skycryptor.com/blog/how-to-steal-a-machine-learning-model) - Explains model weight extraction via query attacks.\n* [@paper@Defense Against Model Stealing (Microsoft Research)](https://www.microsoft.com/en-us/research/publication/defense-against-model-stealing-attacks/) - Research on detecting and defending against model stealing.\n* [@paper@On the Limitations of Model Stealing with Uncertainty Quantification Models - OpenReview](https://openreview.net/pdf?id=ONRFHoUzNk) - Research exploring model stealing techniques.",
"links": []
},
"DQeOavZCoXpF3k_qRDABs": {
"title": "Unauthorized Access",
"description": "",
"description": "AI Red Teamers test if vulnerabilities in the AI system or its interfaces allow attackers to gain unauthorized access to data, functionalities, or underlying infrastructure. This includes attempting privilege escalation via prompts, exploiting insecure API endpoints connected to the AI, or manipulating the AI to access restricted system resources.\n\nLearn more from the following resources:\n\n* [@article@Unauthorized Data Access via LLMs (Security Boulevard)](https://securityboulevard.com/2023/11/unauthorized-data-access-via-llms/) - Discusses risks of LLMs accessing unauthorized data.\n* [@guide@OWASP API Security Project](https://owasp.org/www-project-api-security/) - Covers API risks like broken access control relevant to AI systems.\n* [@paper@AI System Abuse Cases (Harvard Belfer Center)](https://www.belfercenter.org/publication/ai-system-abuse-cases) - Covers various ways AI systems can be abused, including access violations.",
"links": []
},
"nD0_64ELEeJSN-0aZiR7i": {
"title": "Data Poisoning",
"description": "",
"description": "AI Red Teamers simulate data poisoning attacks by evaluating how introducing manipulated or mislabeled data into potential training or fine-tuning datasets could compromise the model. They assess the impact on model accuracy, fairness, or the potential creation of exploitable backdoors, informing defenses around data validation and provenance.\n\nLearn more from the following resources:\n\n* [@article@AI Poisoning - Is It Really A Threat? - AIBlade](https://www.aiblade.net/p/ai-poisoning-is-it-really-a-threat) - Detailed exploration of data poisoning attacks and impacts.\n* [@article@Data Poisoning Attacks in ML (Towards Data Science)](https://towardsdatascience.com/data-poisoning-attacks-in-machine-learning-542169587b7f) - Overview of techniques.\n* [@paper@Detecting and Preventing Data Poisoning Attacks on AI Models - arXiv](https://arxiv.org/abs/2503.09302) - Research on detection and prevention techniques.\n* [@paper@Poisoning Web-Scale Training Data (arXiv)](https://arxiv.org/abs/2310.12818) - Analysis of poisoning risks in large datasets used for LLMs.",
"links": []
},
"xjlttOti-_laPRn8a2fVy": {
"title": "Adversarial Examples",
"description": "",
"description": "A core AI Red Teaming activity involves generating adversarial examples – inputs slightly perturbed to cause misclassification or bypass safety filters – to test model robustness. Red teamers use various techniques (gradient-based, optimization-based, or black-box methods) to find inputs that exploit model weaknesses, informing developers on how to harden the model.\n\nLearn more from the following resources:\n\n* [@article@Adversarial Examples Explained (OpenAI Blog)](https://openai.com/research/adversarial-examples) - Introduction by OpenAI.\n* [@guide@Adversarial Examples – Interpretable Machine Learning Book](https://christophm.github.io/interpretable-ml-book/adversarial.html) - In-depth explanation and examples.\n* [@guide@Adversarial Testing for Generative AI | Machine Learning - Google for Developers](https://developers.google.com/machine-learning/guides/adv-testing) - Google's guide on adversarial testing workflows.\n* [@video@How AI Can Be Tricked With Adversarial Attacks - Two Minute Papers](https://www.youtube.com/watch?v=J3X_JWQkvo8?v=MPcfoQBDY0w) - Short video demonstrating adversarial examples.",
"links": []
},
"iE5PcswBHnu_EBFIacib0": {
"title": "Model Inversion",
"description": "",
"description": "AI Red Teamers perform model inversion tests to assess if an attacker can reconstruct sensitive training data (like images, text snippets, or personal attributes) by repeatedly querying the model and analyzing its outputs. Success indicates privacy risks due to data memorization, requiring mitigation techniques like differential privacy or output filtering.\n\nLearn more from the following resources:\n\n* [@article@Model Inversion Attacks for ML (Medium)](https://medium.com/@ODSC/model-inversion-attacks-for-machine-learning-ff407a1b10d1) - Explanation with examples (e.g., face reconstruction).\n* [@article@Model inversion and membership inference: Understanding new AI security risks - Hogan Lovells](https://www.hoganlovells.com/en/publications/model-inversion-and-membership-inference-understanding-new-ai-security-risks-and-mitigating-vulnerabilities) - Discusses risks and mitigation.\n* [@paper@Extracting Training Data from LLMs (arXiv)](https://arxiv.org/abs/2012.07805) - Research demonstrating feasibility on LLMs.\n* [@paper@Model Inversion Attacks: A Survey of Approaches and Countermeasures - arXiv](https://arxiv.org/html/2411.10023v1) - Comprehensive survey of model inversion attacks and defenses.",
"links": []
},
"2Y0ZO-etpv3XIvunDLu-W": {
"title": "Adversarial Training",
"description": "",
"description": "AI Red Teamers evaluate the effectiveness of adversarial training as a defense. They test if models trained on adversarial examples are truly robust or if new, unseen adversarial attacks can still bypass the hardened defenses. This helps refine the adversarial training process itself.\n\nLearn more from the following resources:\n\n* [@article@Model Robustness: Building Reliable AI Models - Encord](https://encord.com/blog/model-robustness-machine-learning-strategies/) (Discusses adversarial robustness)\n* [@guide@Adversarial Testing for Generative AI | Google for Developers](https://developers.google.com/machine-learning/guides/adv-testing) - Covers the concept as part of testing.\n* [@paper@Detecting and Preventing Data Poisoning Attacks on AI Models - arXiv](https://arxiv.org/abs/2503.09302) (Mentions adversarial training as defense)",
"links": []
},
"6gEHMhh6BGJI-ZYN27YPW": {
"title": "Robust Model Design",
"description": "",
"description": "AI Red Teamers assess whether choices made during model design (architecture selection, regularization techniques, ensemble methods) effectively contribute to robustness against anticipated attacks. They test if these design choices actually prevent common failure modes identified during threat modeling.\n\nLearn more from the following resources:\n\n* [@article@Model Robustness: Building Reliable AI Models - Encord](https://encord.com/blog/model-robustness-machine-learning-strategies/) - Discusses strategies for building robust models.\n* [@article@Understanding Robustness in Machine Learning - Alooba](https://www.alooba.com/skills/concepts/machine-learning/robustness/) - Explains the concept of ML robustness.\n* [@paper@Towards Evaluating the Robustness of Neural Networks (arXiv by Goodfellow et al.)](https://arxiv.org/abs/1608.04644) - Foundational paper on evaluating robustness.",
"links": []
},
"7Km0mFpHguHYPs5UhHTsM": {
"title": "Continuous Monitoring",
"description": "",
"description": "AI Red Teamers assess the effectiveness of continuous monitoring systems by attempting attacks and observing if detection mechanisms trigger appropriate alerts and responses. They test if monitoring covers AI-specific anomalies (like sudden shifts in output toxicity or unexpected resource consumption by the model) in addition to standard infrastructure monitoring.\n\nLearn more from the following resources:\n\n* [@article@Cyber Security Monitoring: 5 Key Components - BitSight Technologies](https://www.bitsight.com/blog/5-things-to-consider-building-continuous-security-monitoring-strategy) - Discusses key components of a monitoring strategy.\n* [@article@Cyber Security Monitoring: Definition and Best Practices - SentinelOne](https://www.sentinelone.com/cybersecurity-101/cybersecurity/cyber-security-monitoring/) - Overview of monitoring types and techniques.\n* [@article@Cybersecurity Monitoring: Definition, Tools & Best Practices - NordLayer](https://nordlayer.com/blog/cybersecurity-monitoring/) - General best practices adaptable to AI context.",
"links": []
},
"aKzai0A8J55-OBXTnQih1": {
"title": "Insecure Deserialization",
"description": "",
"description": "AI Red Teamers investigate if serialized objects used by the AI system (e.g., for saving model states, configurations, or transmitting data) can be manipulated by an attacker. They test if crafting malicious serialized objects could lead to remote code execution or other exploits when the application deserializes the untrusted data.\n\nLearn more from the following resources:\n\n* [@article@Lightboard Lessons: OWASP Top 10 - Insecure Deserialization - DevCentral](https://community.f5.com/kb/technicalarticles/lightboard-lessons-owasp-top-10---insecure-deserialization/281509) - Video explanation.\n* [@article@How Hugging Face Was Ethically Hacked](https://www.aiblade.net/p/how-hugging-face-was-ethically-hacked) - Hugging Face deserialization case study.\n* [@article@OWASP TOP 10: Insecure Deserialization - Detectify Blog](https://blog.detectify.com/best-practices/owasp-top-10-insecure-deserialization/) - Overview within OWASP Top 10 context.\n* [@guide@Insecure Deserialization - OWASP Foundation](https://owasp.org/www-community/vulnerabilities/Insecure_Deserialization) - Core explanation of the vulnerability.",
"links": []
},
"kgDsDlBk8W2aM6LyWpFY8": {
"title": "Remote Code Execution",
"description": "",
"description": "AI Red Teamers attempt to achieve RCE on systems hosting or interacting with AI models. This could involve exploiting vulnerabilities in the AI framework itself, the web server, connected APIs, or tricking an AI agent with code execution capabilities into running malicious commands provided via prompts. RCE is often the ultimate goal of exploiting other vulnerabilities like code injection or insecure deserialization.\n\nLearn more from the following resources:\n\n* [@article@Exploiting LLMs with Code Execution (GitHub Gist)](https://gist.github.com/coolaj86/6f4f7b30129b0251f61fa7baaa881516) - Example of achieving code execution via LLM manipulation.\n* [@article@What is remote code execution? - Cloudflare](https://www.cloudflare.com/learning/security/what-is-remote-code-execution/) - Definition and explanation of RCE.\n* [@video@DEFCON 31 - AI Village - Hacking an LLM embedded system (agent) - Johann Rehberger](https://www.google.com/search?q=https://www.youtube.com/watch%3Fv%3D6u04C1N69ks?v=1FfYnF2GXVU) - Demonstrates RCE risks with LLM agents.",
"links": []
},
"nhUKKWyBH80nyKfGT8ErC": {
"title": "Infrastructure Security",
"description": "",
"description": "AI Red Teamers assess the security posture of the infrastructure hosting AI models (cloud environments, servers, containers). They look for misconfigurations, unpatched systems, insecure network setups, or inadequate access controls that could allow compromise of the AI system or leakage of sensitive data/models.\n\nLearn more from the following resources:\n\n* [@article@AI Infrastructure Attacks (VentureBeat)](https://venturebeat.com/ai/understanding-ai-infrastructure-attacks/) - Discussion of attacks targeting AI infrastructure.\n* [@guide@Network Infrastructure Security - Best Practices and Strategies - DataGuard](https://www.dataguard.com/blog/network-infrastructure-security-best-practices-and-strategies/) - General infra security practices applicable here.\n* [@guide@Secure Deployment of ML Systems (NIST)](https://csrc.nist.gov/publications/detail/sp/800-218/final) - Guidelines including infrastructure security for ML.",
"links": []
},
"Tszl26iNBnQBdBEWOueDA": {
"title": "API Protection",
"description": "",
"description": "AI Red Teamers rigorously test the security of APIs providing access to AI models. They probe for OWASP API Top 10 vulnerabilities like broken authentication/authorization, injection flaws, security misconfigurations, and lack of rate limiting, specifically evaluating how these could lead to misuse or compromise of the AI model itself.\n\nLearn more from the following resources:\n\n* [@article@API Protection for AI Factories: The First Step to AI Security - F5](https://www.f5.com/company/blog/api-security-for-ai-factories) - Discusses the criticality of API security for AI applications.\n* [@article@Securing APIs with AI for Advanced Threat Protection | Adeva](https://adevait.com/artificial-intelligence/securing-apis-with-ai) - Discusses using AI for API security, implies testing these is needed.\n* [@article@Securing Machine Learning APIs (IBM)](https://developer.ibm.com/articles/se-securing-machine-learning-apis/) - Best practices for protecting ML APIs.\n* [@guide@OWASP API Security Project (Top 10 2023)](https://owasp.org/www-project-api-security/) - Essential checklist for API vulnerabilities.",
"links": []
},
"J7gjlt2MBx7lOkOnfGvPF": {
"title": "Authentication",
"description": "",
"description": "AI Red Teamers test the authentication mechanisms controlling access to AI systems and APIs. They attempt to bypass logins, steal or replay API keys/tokens, exploit weak password policies, or find flaws in MFA implementations to gain unauthorized access to the AI model or its management interfaces.\n\nLearn more from the following resources:\n\n* [@article@Red-Teaming in AI Testing: Stress Testing - Labelvisor](https://www.labelvisor.com/red-teaming-abstract-competitive-testing-data-selection/) - Mentions testing authentication mechanisms in AI red teaming.\n* [@article@What is Authentication vs Authorization? - Auth0](https://auth0.com/intro-to-iam/authentication-vs-authorization) - Foundational explanation.\n* [@video@How JWTs are used for Authentication (and how to bypass it) - LiveOverflow](https://www.google.com/search?q=https://www.youtube.com/watch%3Fv%3Dexample_video_panel_url?v=3OpQi65s_ME) - Covers common web authentication bypass techniques relevant to APIs.",
"links": []
},
"JQ3bR8odXJfd-1RCEf3-Q": {
"title": "Authentication",
"description": "",
"description": "AI Red Teamers test authorization controls to ensure that authenticated users can only access the AI features and data permitted by their roles/permissions. They attempt privilege escalation, try to access other users' data via the AI, or manipulate the AI to perform actions beyond its authorized scope.\n\nLearn more from the following resources:\n\n* [@article@What is Authentication vs Authorization? - Auth0](https://auth0.com/intro-to-iam/authentication-vs-authorization) - Foundational explanation.\n* [@guide@Identity and access management (IAM) fundamental concepts - Learn Microsoft](https://learn.microsoft.com/en-us/entra/fundamentals/identity-fundamental-concepts) - Explains roles and permissions.\n* [@guide@OWASP API Security Project](https://owasp.org/www-project-api-security/) (Covers Broken Object Level/Function Level Authorization)",
"links": []
},
"0bApnJTt-Z2IUf0X3OCYf": {
"title": "Black Box Testing",
"description": "",
"description": "In AI Red Teaming, black-box testing involves probing the AI system with inputs and observing outputs without any knowledge of the model's architecture, training data, or internal logic. This simulates an external attacker and is crucial for finding vulnerabilities exploitable through publicly accessible interfaces, such as prompt injection or safety bypasses discoverable via API interaction.\n\nLearn more from the following resources:\n\n* [@article@Black-Box, Gray Box, and White-Box Penetration Testing - EC-Council](https://www.eccouncil.org/cybersecurity-exchange/penetration-testing/black-box-gray-box-and-white-box-penetration-testing-importance-and-uses/) - Comparison of testing types.\n* [@article@What is Black Box Testing | Techniques & Examples - Imperva](https://www.imperva.com/learn/application-security/black-box-testing/) - General explanation.\n* [@guide@LLM red teaming guide (open source) - Promptfoo](https://www.promptfoo.dev/docs/red-team/) - Contrasts black-box and white-box approaches for LLM red teaming.",
"links": []
},
"Mrk_js5UVn4dRDw-Yco3Y": {
"title": "White Box Testing",
"description": "",
"description": "White-box testing in AI Red Teaming grants the tester full access to the model's internals (architecture, weights, training data, source code). This allows for highly targeted attacks, such as crafting precise adversarial examples using gradients, analyzing code for vulnerabilities, or directly examining training data for biases or PII leakage. It simulates insider threats or deep analysis scenarios.\n\nLearn more from the following resources:\n\n* [@article@Black-Box, Gray Box, and White-Box Penetration Testing - EC-Council](https://www.eccouncil.org/cybersecurity-exchange/penetration-testing/black-box-gray-box-and-white-box-penetration-testing-importance-and-uses/) - Comparison of testing types.\n* [@article@White-Box Adversarial Examples (OpenAI Blog)](https://openai.com/research/adversarial-robustness-toolbox) - Discusses generating attacks with full model knowledge.\n* [@guide@LLM red teaming guide (open source) - Promptfoo](https://www.promptfoo.dev/docs/red-team/) - Mentions white-box testing benefits for LLMs.",
"links": []
},
"ZVNAMCP68XKRXVxF2-hBc": {
"title": "Grey Box Testing",
"description": "",
"description": "Grey-box AI Red Teaming involves testing with partial knowledge of the system, such as knowing the model type (e.g., GPT-4), having access to some documentation, or understanding the general system architecture but not having full model weights or source code. This allows for more targeted testing than black-box while still simulating realistic external attacker scenarios where some information might be gleaned.\n\nLearn more from the following resources:\n\n* [@article@AI Transparency: Connecting AI Red Teaming and Compliance | SplxAI Blog](https://splx.ai/blog/ai-transparency-connecting-ai-red-teaming-and-compliance) - Discusses the value of moving towards gray-box testing in AI.\n* [@article@Black-Box, Gray Box, and White-Box Penetration Testing - EC-Council](https://www.eccouncil.org/cybersecurity-exchange/penetration-testing/black-box-gray-box-and-white-box-penetration-testing-importance-and-uses/) - Comparison of testing types.\n* [@article@Understanding Black Box, White Box, and Grey Box Testing - Frugal Testing](https://www.frugaltesting.com/blog/understanding-black-box-white-box-and-grey-box-testing-in-software-testing) - General definitions.",
"links": []
},
"LVdYN9hyCyNPYn2Lz1y9b": {
"title": "Automated vs Manual",
"description": "",
"description": "AI Red Teaming typically employs a blend of automated tools (for large-scale scanning, fuzzing prompts, generating basic adversarial examples) and manual human testing (for creative jailbreaking, complex multi-stage attacks, evaluating nuanced safety issues like bias). Automation provides scale, while manual testing provides depth and creativity needed to find novel vulnerabilities.\n\nLearn more from the following resources:\n\n* [@article@Automation Testing vs. Manual Testing: Which is the better approach? - Opkey](https://www.opkey.com/blog/automation-testing-vs-manual-testing-which-is-better) - General comparison.\n* [@article@Manual Testing vs Automated Testing: What's the Difference? - Leapwork](https://www.leapwork.com/blog/manual-vs-automated-testing) - General comparison.\n* [@guide@LLM red teaming guide (open source) - Promptfoo](https://www.promptfoo.dev/docs/red-team/) - Discusses using both automated generation and human ingenuity for red teaming.",
"links": []
},
"65Lo60JQS5YlvvQ6KevXt": {
"title": "Continuous Testing",
"description": "",
"description": "Applying continuous testing principles to AI security involves integrating automated red teaming checks into the development pipeline (CI/CD). This allows for regular, automated assessment of model safety, robustness, and alignment as the model or application code evolves, catching regressions or new vulnerabilities early. Tools facilitating Continuous Automated Red Teaming (CART) are emerging.\n\nLearn more from the following resources:\n\n* [@article@Continuous Automated Red Teaming (CART) - FireCompass](https://www.firecompass.com/continuous-automated-red-teaming/) - Explains the concept of CART.\n* [@article@What is Continuous Penetration Testing? Process and Benefits - Qualysec Technologies](https://qualysec.com/continuous-penetration-testing/) - Related concept applied to pen testing.\n* [@guide@What is Continuous Testing and How Does it Work? - Black Duck](https://www.blackduck.com/glossary/what-is-continuous-testing.html) - General definition and benefits.",
"links": []
},
"c8n8FcYKDOgPLQvV9xF5J": {
"title": "Testing Platforms",
"description": "",
"description": "Platforms used by AI Red Teamers range from general penetration testing OS distributions like Kali Linux to specific AI red teaming tools/frameworks like Microsoft's PyRIT or Promptfoo, and vulnerability scanners like OWASP ZAP adapted for API testing of AI services. These platforms provide the toolsets needed to conduct assessments.\n\nLearn more from the following resources:\n\n* [@tool@AI Red Teaming Agent - Azure AI Foundry | Microsoft Learn](https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/ai-red-teaming-agent) - Microsoft's tool leveraging PyRIT.\n* [@tool@Kali Linux](https://www.kali.org/) - Standard pentesting distribution.\n* [@tool@OWASP Zed Attack Proxy (ZAP)](https://owasp.org/www-project-zap/) - Widely used for web/API security testing.\n* [@tool@Promptfoo](https://www.promptfoo.dev/) - Open-source tool for testing and evaluating LLMs, includes red teaming features.\n* [@tool@PyRIT (Python Risk Identification Tool for generative AI) - GitHub](https://github.com/Azure/PyRIT) - Open-source framework from Microsoft.",
"links": []
},
"59lkLcoqV4gq7f8Zm0X2p": {
"title": "Monitoring Solutions",
"description": "",
"description": "AI Red Teamers interact with monitoring tools primarily to test their effectiveness (evasion) or potentially exploit vulnerabilities within them. Understanding tools like IDS (Snort, Suricata), network analyzers (Wireshark), and SIEMs helps red teamers simulate attacks that might bypass or target these defensive systems.\n\nLearn more from the following resources:\n\n* [@article@Open Source IDS Tools: Comparing Suricata, Snort, Bro (Zeek), Linux - LevelBlue](https://levelblue.com/blogs/security-essentials/open-source-intrusion-detection-tools-a-quick-overview) - Comparison of common open source monitoring tools.\n* [@tool@Snort](https://www.snort.org/) - Open source IDS/IPS.\n* [@tool@Suricata](https://suricata.io/) - Open source IDS/IPS/NSM.\n* [@tool@Wireshark](https://www.wireshark.org/) - Network protocol analyzer.\n* [@tool@Zeek (formerly Bro)](https://zeek.org/) - Network security monitoring framework.",
"links": []
},
"et1Xrr8ez-fmB0mAq8W_a": {
"title": "Benchmark Datasets",
"description": "",
"description": "AI Red Teamers may use or contribute to benchmark datasets specifically designed to evaluate AI security. These datasets (like SecBench, NYU CTF Bench, CySecBench) contain prompts or scenarios targeting vulnerabilities, safety issues, or specific cybersecurity capabilities, allowing for standardized testing of models.\n\nLearn more from the following resources:\n\n* [@dataset@CySecBench: Generative AI-based CyberSecurity-focused Prompt Dataset - GitHub](https://github.com/cysecbench/dataset) - Dataset of cybersecurity prompts for benchmarking LLMs.\n* [@dataset@NYU CTF Bench: A Scalable Open-Source Benchmark Dataset for Evaluating LLMs in Offensive Security](https://proceedings.neurips.cc/paper_files/paper/2024/hash/69d97a6493fbf016fff0a751f253ad18-Abstract-Datasets_and_Benchmarks_Track.html) - Using CTF challenges to evaluate LLMs.\n* [@dataset@SecBench: A Comprehensive Multi-Dimensional Benchmarking Dataset for LLMs in Cybersecurity - arXiv](https://arxiv.org/abs/2412.20787) - Benchmarking LLMs on cybersecurity tasks.",
"links": []
},
"C1zO2xC0AqyV53p2YEPWg": {
"title": "Custom Testing Scripts",
"description": "",
"description": "AI Red Teamers frequently write custom scripts (often in Python) to automate bespoke attacks, interact with specific AI APIs, generate complex prompt sequences, parse model outputs at scale, or implement novel exploit techniques not found in standard tools. Proficiency in scripting is essential for advanced AI red teaming.\n\nLearn more from the following resources:\n\n* [@guide@Python for Cybersecurity: Key Use Cases and Tools - Panther](https://panther.com/blog/python-for-cybersecurity-key-use-cases-and-tools) - Discusses Python's role in automation, pen testing, etc.\n* [@guide@Python for cybersecurity: use cases, tools and best practices - SoftTeco](https://softteco.com/blog/python-for-cybersecurity) - Covers using Python for various security tasks.\n* [@tool@Scapy](https://scapy.net/) - Powerful Python library for packet manipulation.",
"links": []
},
"BLnfNlA0C4yzy1dvifjwx": {
"title": "Reporting Tools",
"description": "",
"description": "AI Red Teamers use reporting techniques and potentially tools to clearly document their findings, including discovered vulnerabilities, successful exploit steps (e.g., effective prompts), assessed impact, and actionable recommendations tailored to AI systems. Good reporting translates technical findings into understandable risks for stakeholders.\n\nLearn more from the following resources:\n\n* [@article@The Complete Red Teaming Checklist \\[PDF\\]: 5 Key Steps - Mindgard AI](https://mindgard.ai/blog/red-teaming-checklist) (Mentions reporting and templates)\n* [@guide@Penetration Testing Report: 6 Key Sections and 4 Best Practices - Bright Security](https://brightsec.com/blog/penetration-testing-report/) - General best practices for reporting security findings.\n* [@guide@Penetration testing best practices: Strategies for all test types - Strike Graph](https://www.strikegraph.com/blog/pen-testing-best-practices) - Includes tips on documentation.",
"links": []
},
"s1xKK8HL5-QGZpcutiuvj": {
"title": "Specialized Courses",
"description": "",
"description": "Targeted training is crucial for mastering AI Red Teaming. Look for courses covering adversarial ML, prompt hacking, LLM security, ethical hacking for AI, and specific red teaming methodologies applied to AI systems offered by platforms like Learn Prompting, Coursera, or security training providers.\n\nLearn more from the following resources:\n\n* [@course@AI Red Teaming Courses - Learn Prompting](https://learnprompting.org/blog/ai-red-teaming-courses) - Curated list including free and paid options.\n* [@course@AI Security | Coursera](https://www.coursera.org/learn/ai-security) - Covers AI security risks and governance.\n* [@course@Exploring Adversarial Machine Learning - NVIDIA](https://www.nvidia.com/en-us/training/instructor-led-workshops/exploring-adversarial-machine-learning/) - Focused training on adversarial ML (paid).\n* [@course@Free Online Cyber Security Courses with Certificates in 2025 - EC-Council](https://www.eccouncil.org/cybersecurity-exchange/cyber-novice/free-cybersecurity-courses-beginners/) - Offers foundational cybersecurity courses.",
"links": []
},
"HHjsFR6wRDqUd66PMDE_7": {
"title": "Industry Credentials",
"description": "",
"description": "Beyond formal certifications, recognition in the AI Red Teaming field comes from practical achievements like finding significant vulnerabilities (responsible disclosure), winning AI-focused CTFs or hackathons (like HackAPrompt), contributing to AI security research, or building open-source testing tools.\n\nLearn more from the following resources:\n\n* [@community@DEF CON - Wikipedia (Mentions Black Badge)](https://en.wikipedia.org/wiki/DEF_CON#Black_Badge) - Example of a high-prestige credential from CTFs.\n* [@community@HackAPrompt (Learn Prompting)](https://learnprompting.org/hackaprompt) - Example of a major AI Red Teaming competition.",
"links": []
},
"MmwwRK4I9aRH_ha7duPqf": {
"title": "Lab Environments",
"description": "",
"description": "AI Red Teamers need environments to practice attacking vulnerable systems safely. While traditional labs (HTB, THM, VulnHub) build general pentesting skills, platforms are emerging with labs specifically focused on AI/LLM vulnerabilities, prompt injection, or adversarial ML challenges.\n\nLearn more from the following resources:\n\n* [@platform@Gandalf AI Prompt Injection Lab](https://gandalf.lakera.ai/) - A popular web-based lab for prompt injection practice.\n* [@platform@Hack The Box: Hacking Labs](https://www.hackthebox.com/hacker/hacking-labs) - General pentesting labs.\n* [@platform@TryHackMe: Learn Cyber Security](https://tryhackme.com/) - Gamified cybersecurity training labs.\n* [@platform@VulnHub](https://www.vulnhub.com/) - Provides vulnerable VM images for practice.",
"links": []
},
"2Imb64Px3ZQcBpSQjdc_G": {
"title": "CTF Challenges",
"description": "",
"description": "Capture The Flag competitions increasingly include AI/ML security challenges. Participating in CTFs (tracked on CTFtime) or platforms like picoCTF helps AI Red Teamers hone skills in reverse engineering, web exploitation, and cryptography applied to AI systems, including specialized AI safety CTFs.\n\nLearn more from the following resources:\n\n* [@article@Capture the flag (cybersecurity) - Wikipedia](https://en.wikipedia.org/wiki/Capture_the_flag_\\(cybersecurity\\)) - Overview of CTFs.\n* [@article@Progress from our Frontier Red Team - Anthropic](https://www.anthropic.com/news/strategic-warning-for-ai-risk-progress-and-insights-from-our-frontier-red-team) - Mentions using CTFs (Cybench) for evaluating AI model security.\n* [@platform@CTFtime.org](https://ctftime.org/) - Global CTF event tracker.\n* [@platform@picoCTF](https://picoctf.org/) - Beginner-friendly CTF platform.",
"links": []
},
"DpYsL0du37n40toH33fIr": {
"title": "Red Team Simulations",
"description": "",
"description": "Participating in or conducting structured red team simulations against AI systems (or components) provides the most realistic practice. This involves applying methodologies, TTPs (Tactics, Techniques, and Procedures), reconnaissance, exploitation, and reporting within a defined scope and objective, specifically targeting AI vulnerabilities.\n\nLearn more from the following resources:\n\n* [@guide@A Simple Guide to Successful Red Teaming - Cobalt Strike](https://www.cobaltstrike.com/resources/guides/a-simple-guide-to-successful-red-teaming) - General guide adaptable to AI context.\n* [@guide@The Complete Guide to Red Teaming: Process, Benefits & More - Mindgard AI](https://mindgard.ai/blog/red-teaming) - Overview of red teaming process.\n* [@guide@The Complete Red Teaming Checklist \\[PDF\\]: 5 Key Steps - Mindgard AI](https://mindgard.ai/blog/red-teaming-checklist) - Checklist for planning engagements.",
"links": []
},
"LuKnmd9nSz9yLbTU_5Yp2": {
"title": "Conferences",
"description": "",
"description": "Attending major cybersecurity conferences (DEF CON, Black Hat, RSA) and increasingly specialized AI Safety/Security conferences allows AI Red Teamers to learn about cutting-edge research, network with peers, and discover new tools and attack/defense techniques.\n\nLearn more from the following resources:\n\n* [@conference@Black Hat Events](https://www.blackhat.com/) - Professional security conference with AI tracks.\n* [@conference@DEF CON Hacking Conference](https://defcon.org/) - Major hacking conference with relevant villages/talks.\n* [@conference@Global Conference on AI, Security and Ethics 2025 - UNIDIR](https://unidir.org/event/global-conference-on-ai-security-and-ethics-2025/) - Example of a specialized AI security/ethics conference.\n* [@conference@RSA Conference](https://www.rsaconference.com/) - Large industry conference covering AI security.",
"links": []
},
"ZlR03pM-sqVFZNhD1gMSJ": {
"title": "Research Groups",
"description": "",
"description": "Following and potentially contributing to research groups at universities (like CMU, Stanford, Oxford), non-profits (like OpenAI, Anthropic), or government bodies (like UK's AISI) focused on AI safety, security, and alignment provides deep insights into emerging threats and mitigation strategies relevant to AI Red Teaming.\n\nLearn more from the following resources:\n\n* [@group@AI Cybersecurity | Global Cyber Security Capacity Centre (Oxford)](https://gcscc.ox.ac.uk/ai-security) - Academic research center.\n* [@group@Anthropic Research](https://www.anthropic.com/research) - AI safety research lab.\n* [@group@Center for AI Safety](https://www.safe.ai/) - Non-profit research organization.\n* [@group@The AI Security Institute (AISI)](https://www.aisi.gov.uk/) - UK government institute focused on AI safety/security research.",
"links": []
},
"Smncq-n1OlnLAY27AFQOO": {
"title": "Forums",
"description": "",
"description": "Engaging in online forums, mailing lists, Discord servers, or subreddits dedicated to AI security, adversarial ML, prompt engineering, or general cybersecurity helps AI Red Teamers exchange knowledge, ask questions, learn about new tools/techniques, and find collaboration opportunities.\n\nLearn more from the following resources:\n\n* [@community@List of Cybersecurity Discord Servers - DFIR Training](https://www.dfir.training/dfir-groups/discord?category%5B0%5D=17&category_children=1) - List including relevant servers.\n* [@community@Reddit - r/MachineLearning](https://www.reddit.com/r/MachineLearning/) - ML specific discussion.\n* [@community@Reddit - r/artificial](https://www.reddit.com/r/artificial/) - General AI discussion.\n* [@community@Reddit - r/cybersecurity](https://www.reddit.com/r/cybersecurity/) - General cybersecurity forum.",
"links": []
},
"xJYTRbPxMn0Xs5ea0Ygn6": {
"title": "LLM Security Testing",
"description": "",
"description": "The core application area for many AI Red Teamers today involves specifically testing Large Language Models for vulnerabilities like prompt injection, jailbreaking, harmful content generation, bias, and data privacy issues using specialized prompts and evaluation frameworks.\n\nLearn more from the following resources:\n\n* [@course@AI Red Teaming Courses - Learn Prompting](https://learnprompting.org/blog/ai-red-teaming-courses) - Courses focused on testing LLMs.\n* [@dataset@SecBench: A Comprehensive Multi-Dimensional Benchmarking Dataset for LLMs in Cybersecurity - arXiv](https://arxiv.org/abs/2412.20787) - Dataset for evaluating LLMs on security tasks.\n* [@guide@The Ultimate Guide to Red Teaming LLMs and Adversarial Prompts (Kili Technology)](https://kili-technology.com/large-language-models-llms/red-teaming-llms-and-adversarial-prompts) - Guide specifically on red teaming LLMs.",
"links": []
},
"FVsKivsJrIb82B0lpPmgw": {
"title": "Agentic AI Security",
"description": "",
"description": "As AI agents capable of autonomous action become more common, AI Red Teamers must test their unique security implications. This involves assessing risks related to goal hijacking, unintended actions through tool use, exploitation of planning mechanisms, and ensuring agents operate safely within their designated boundaries.\n\nLearn more from the following resources:\n\n* [@article@AI Agents - Learn Prompting](https://learnprompting.org/docs/intermediate/ai_agents) (Background on agents)\n* [@article@Reasoning models don't always say what they think - Anthropic](https://www.anthropic.com/research/reasoning-models-dont-always-say-what-they-think) (Discusses agent alignment challenges)\n* [@course@Certified AI Red Team Operator – Autonomous Systems (CAIRTO-AS) from Tonex, Inc.](https://niccs.cisa.gov/education-training/catalog/tonex-inc/certified-ai-red-team-operator-autonomous-systems-cairto) - Certification focusing on autonomous AI security.",
"links": []
},
"KAcCZ3zcv25R6HwzAsfUG": {
"title": "Responsible Disclosure",
"description": "",
"description": "A critical practice for AI Red Teamers is responsible disclosure: privately reporting discovered AI vulnerabilities (e.g., a successful jailbreak, data leak method, or severe bias) to the model developers or system owners, allowing them time to remediate before any public discussion, thus preventing malicious exploitation.\n\nLearn more from the following resources:\n\n* [@guide@Responsible Disclosure of AI Vulnerabilities - Preamble AI](https://www.preamble.com/blog/responsible-disclosure-of-ai-vulnerabilities) - Discusses the process specifically for AI vulnerabilities.\n* [@guide@Vulnerability Disclosure Program | CISA](https://www.cisa.gov/resources-tools/programs/vulnerability-disclosure-program-vdp) - Government VDP example.\n* [@policy@Google Vulnerability Reward Program (VRP)](https://bughunters.google.com/) - Example of a major tech company's VDP/bug bounty program.",
"links": []
},
"-G8v_CNa8wO_g-46_RFQo": {
"title": "Emerging Threats",
"description": "",
"description": "AI Red Teamers must stay informed about potential future threats enabled by more advanced AI, such as highly autonomous attack agents, AI-generated malware that evades detection, sophisticated deepfakes for social engineering, or large-scale exploitation of interconnected AI systems. Anticipating these helps shape current testing priorities.\n\nLearn more from the following resources:\n\n* [@article@AI Security Risks Uncovered: What You Must Know in 2025 - TTMS](https://ttms.com/uk/ai-security-risks-explained-what-you-need-to-know-in-2025/) - Discusses future AI-driven cyberattacks.\n* [@article@Why Artificial Intelligence is the Future of Cybersecurity - Darktrace](https://www.darktrace.com/blog/why-artificial-intelligence-is-the-future-of-cybersecurity) - Covers AI misuse and the future threat landscape.\n* [@report@AI Index 2024 - Stanford University](https://aiindex.stanford.edu/report/) - Annual report tracking AI capabilities and societal implications, including risks.",
"links": []
},
"soC-kcem1ISbnCQMa6BIB": {
"title": "Advanced Techniques",
"description": "",
"description": "The practice of AI Red Teaming itself will evolve. Future techniques may involve using AI adversaries to automatically discover complex vulnerabilities, developing more sophisticated methods for testing AI alignment and safety properties, simulating multi-agent system failures, and creating novel metrics for evaluating AI robustness against unknown future attacks.\n\nLearn more from the following resources:\n\n* [@article@AI red-teaming in critical infrastructure: Boosting security and trust in AI systems - DNV](https://www.dnv.com/article/ai-red-teaming-for-critical-infrastructure-industries/) - Discusses applying red teaming to complex systems.\n* [@article@Advanced Techniques in AI Red Teaming for LLMs | NeuralTrust](https://neuraltrust.ai/blog/advanced-techniques-in-ai-red-teaming) - Discusses techniques like adversarial ML and automated threat intelligence for red teaming.\n* [@paper@Diverse and Effective Red Teaming with Auto-generated Rewards and Multi-step Reinforcement Learning - arXiv](https://arxiv.org/html/2412.18693v1) - Research on using RL for more advanced automated red teaming.",
"links": []
},
"VmaIHVsCpq2um_0cA33V3": {
"title": "Research Opportunities",
"description": "",
"description": "AI Red Teaming relies on ongoing research. Key areas needing further investigation include scalable methods for finding elusive vulnerabilities, understanding emergent behaviors in complex models, developing provable safety guarantees, creating better benchmarks for AI security, and exploring the socio-technical aspects of AI misuse and defense.\n\nLearn more from the following resources:\n\n* [@article@Cutting-Edge Research on AI Security bolstered with new Challenge Fund - GOV.UK](https://www.gov.uk/government/news/cutting-edge-research-on-ai-security-bolstered-with-new-challenge-fund-to-ramp-up-public-trust-and-adoption) - Highlights government funding for AI security research priorities.\n* [@research@Careers | The AI Security Institute (AISI)](https://www.aisi.gov.uk/careers) - Outlines research focus areas for the UK's AISI.\n* [@research@Research - Anthropic](https://www.anthropic.com/research) - Example of research areas at a leading AI safety lab.",
"links": []
},
"WePO66_4-gNcSdE00WKmw": {
"title": "Industry Standards",
"description": "",
"description": "As AI matures, AI Red Teamers will increasingly need to understand and test against emerging industry standards and regulations for AI safety, security, and risk management, such as the NIST AI RMF, ISO/IEC 42001, and sector-specific guidelines, ensuring AI systems meet compliance requirements.\n\nLearn more from the following resources:\n\n* [@article@ISO 42001: The New Compliance Standard for AI Management Systems - Bright Defense](https://www.brightdefense.com/resources/iso-42001-compliance/) - Overview of ISO 42001 requirements.\n* [@article@ISO 42001: What it is & why it matters for AI management - IT Governance](https://www.itgovernance.co.uk/iso-42001) - Explanation of the standard.\n* [@framework@NIST AI Risk Management Framework (AI RMF)](https://www.nist.gov/itl/ai-risk-management-framework) - Voluntary framework gaining wide adoption.\n* [@standard@ISO/IEC 42001: Information technology — Artificial intelligence — Management system](https://www.iso.org/standard/81230.html) - International standard for AI management systems.",
"links": []
}
}

385
public/roadmap-content/cyber-security.json
Unescape View File

@ -31,7 +31,7 @@
"description": "There are several types of network connections that enable communication between devices, each serving different functions based on speed, reliability, and purpose. **Ethernet** is a wired connection type commonly used in local area networks (LANs), providing high-speed, stable, and secure data transfer. Ethernet is ideal for businesses and environments where reliability is crucial, offering speeds from 100 Mbps to several Gbps.\n\n**Wi-Fi**, a wireless connection, enables devices to connect to a network without physical cables. It provides flexibility and mobility, making it popular in homes, offices, and public spaces. While Wi-Fi offers convenience, it can be less reliable and slower than Ethernet due to signal interference or distance from the access point.\n\n**Bluetooth** is a short-range wireless technology primarily used for connecting peripherals like headphones, keyboards, and other devices. It operates over shorter distances, typically up to 10 meters, and is useful for personal device communication rather than networking larger systems.\n\n**Fiber-optic connections** use light signals through glass or plastic fibers to transmit data at very high speeds over long distances, making them ideal for internet backbones or connecting data centers. Fiber is faster and more reliable than traditional copper cables, but it is also more expensive to implement.\n\n**Cellular connections**, such as 4G and 5G, allow mobile devices to connect to the internet via wireless cellular networks. These connections offer mobility, enabling internet access from almost anywhere, but their speeds and reliability can vary depending on network coverage.\n\nEach connection type plays a specific role, balancing factors like speed, distance, and convenience to meet the varying needs of users and organizations.\n\nLearn more from the following resources:",
"links": [
{
"title": "What is ethernet?",
"title": "What is Ethernet?",
"url": "https://www.techtarget.com/searchnetworking/definition/Ethernet",
"type": "article"
},
@ -52,14 +52,19 @@
"description": "Understanding Common Symptoms\n-----------------------------\n\nIn order to troubleshoot effectively, it is important to recognize and understand the common symptoms encountered in IT systems. These can range from hardware-related issues, such as overheating or physical damage, to software-related problems, such as slow performance or unresponsiveness.\n\nBasic Troubleshooting Process\n-----------------------------\n\nFollowing a systematic troubleshooting process is critical, regardless of the operating system. Here are the basic steps you might follow:\n\n* **Identify the problem**: Gather information on the issue and its symptoms, and attempt to reproduce the problem, if possible. Take note of any error messages or unusual behaviors.\n* **Research and analyze**: Search for potential causes and remedies on relevant forums, web resources, or vendor documentation.\n* **Develop a plan**: Formulate a strategy to resolve the issue, considering the least disruptive approach first, where possible.\n* **Test and implement**: Execute the proposed solution(s) and verify if the problem is resolved. If not, repeat the troubleshooting process with a new plan until the issue is fixed.\n* **Document the process and findings**: Record the steps taken, solutions implemented, and results to foster learning and improve future troubleshooting efforts.\n\nIsolating the Problem\n---------------------\n\nTo pinpoint the root cause of an issue, it's important to isolate the problem. You can perform this by:\n\n* **Disabling or isolating hardware components**: Disconnect any peripherals or external devices, then reconnect and test them one by one to identify the defective component(s).\n* **Checking resource usage**: Utilize built-in or third-party tools to monitor resource usage (e.g., CPU, memory, and disk) to determine whether a bottleneck is causing the problem.\n* **Verifying software configurations**: Analyze the configuration files or settings for any software or applications that could be contributing to the problem.\n\nNetworking and Connectivity Issues\n----------------------------------\n\nEffective troubleshooting of network-related issues requires an understanding of various protocols, tools, and devices involved in networking. Here are some basic steps you can follow:\n\n* **Verify physical connectivity**: Inspect cables, connectors, and devices to ensure all components are securely connected and functioning correctly.\n* **Confirm IP configurations**: Check the system's IP address and related settings to ensure it has a valid IP configuration.\n* **Test network services**: Use command-line tools, such as `ping` and `traceroute` (or `tracert` in Windows), to test network connections and diagnose potential problems.\n\nLog Analysis\n------------\n\nLogs are records of system events, application behavior, and user activity, which can be invaluable when troubleshooting issues. To effectively analyze logs, you should:\n\n* **Identify relevant logs**: Determine which log files contain information related to the problem under investigation.\n* **Analyze log content**: Examine events, error messages, or patterns that might shed light on the root cause of the issue.\n* **Leverage log-analysis tools**: Utilize specialized tools or scripts to help parse, filter, and analyze large or complex log files.\n\nLearn more from the following resources:",
"links": [
{
"title": "How to identify 9 signs of Operating System.",
"url": "https://bro4u.com/blog/how-to-identify-9-signs-of-operating-system",
"title": "@articleOS-Independent Troubleshooting Flashcards",
"url": "https://quizlet.com/ph/837474114/os-independent-troubleshooting-flash-cards/",
"type": "article"
},
{
"title": "Trouble shooting guide",
"title": "Troubleshooting Guide",
"url": "https://cdnsm5-ss6.sharpschool.com/userfiles/servers/server_20856499/file/teacher%20pages/lindsay%20dolezal/it%20essentials/5.6.pdf",
"type": "article"
},
{
"title": "Operating System Troubleshooting - CompTIA A+",
"url": "https://www.youtube.com/watch?v=6gainrNiypc",
"type": "video"
}
]
},
@ -238,7 +243,7 @@
"description": "TryHackMe is an online platform designed for cybersecurity training and learning through hands-on experience. It offers a wide range of virtual rooms and challenges covering various security topics, from basic to advanced levels. Users can access vulnerable machines, engage in capture-the-flag (CTF) style exercises, and learn practical skills in areas like penetration testing, web security, and network security. TryHackMe uses browser-based tools and virtual machines, making it accessible without requiring powerful hardware. The platform caters to beginners and experienced professionals alike, providing guided learning paths, real-world scenarios, and a supportive community. It's widely used for both individual skill development and corporate cybersecurity training.\n\nLearn more from the following resources:",
"links": [
{
"title": "TryHackMe Website",
"title": "TryHackMe",
"url": "https://tryhackme.com/",
"type": "article"
},
@ -254,7 +259,7 @@
"description": "VulnHub is an online platform that provides a collection of intentionally vulnerable virtual machines for cybersecurity enthusiasts, penetration testers, and ethical hackers to practice their skills. These virtual machines simulate various real-world scenarios with different vulnerabilities and security misconfigurations. Users can download and run these VMs in their own environments, attempting to exploit vulnerabilities and gain root access. VulnHub offers a hands-on approach to learning about cybersecurity, allowing users to explore different attack vectors, practice exploitation techniques, and understand common security flaws in a safe, legal environment. It's a valuable resource for both beginners and experienced professionals to enhance their offensive security skills and prepare for certifications.\n\nLearn more from the following resources:",
"links": [
{
"title": "Vulnhub Website",
"title": "Vulnhub",
"url": "https://www.vulnhub.com/",
"type": "article"
},
@ -270,7 +275,7 @@
"description": "**picoCTF** is an online cybersecurity competition designed to help students and beginners learn and practice hacking skills through capture-the-flag (CTF) challenges. Developed by Carnegie Mellon University, picoCTF features a series of progressively difficult puzzles that teach concepts such as reverse engineering, cryptography, web exploitation, forensics, and binary exploitation. It's an educational platform that offers hands-on experience in solving real-world cybersecurity problems, making it popular among both students and aspiring cybersecurity professionals for learning and improving their skills in a practical, interactive environment.\n\nLearn more from the following resources:",
"links": [
{
"title": "picoCTF Website",
"title": "picoCTF",
"url": "https://picoctf.org/",
"type": "article"
},
@ -286,7 +291,7 @@
"description": "The SANS Holiday Hack Challenge is an annual cybersecurity event that offers participants the opportunity to solve a series of themed cybersecurity puzzles and challenges. Designed to engage both beginners and experienced professionals, the challenge covers a wide range of topics including network forensics, penetration testing, reverse engineering, and more. It provides a fun, gamified learning experience that encourages participants to enhance their skills while collaborating with the global cybersecurity community. The event often features real-world security scenarios, creative storytelling, and interactive, hands-on tasks.\n\nLearn more from the following resources:",
"links": [
{
"title": "SANS Holiday Hack Website",
"title": "SANS Holiday Hack",
"url": "https://www.sans.org/mlp/holiday-hack-challenge-2023/",
"type": "article"
},
@ -302,14 +307,14 @@
"description": "CompTIA A+ is an entry-level certification for IT professionals that focuses on essential knowledge and skills in computer hardware, software, and troubleshooting. This certification is widely recognized in the IT industry and can serve as a stepping stone for individuals looking to start a career in the field of information technology.\n\nLearn more from the following resources:",
"links": [
{
"title": "Comptia A+ Course",
"url": "https://www.youtube.com/watch?v=1CZXXNKAY5o",
"type": "course"
},
{
"title": "Comptia A+ Website",
"title": "CompTIA A+",
"url": "https://www.comptia.org/certifications/a",
"type": "article"
},
{
"title": "CompTIA A+ Course",
"url": "https://www.youtube.com/watch?v=1CZXXNKAY5o",
"type": "video"
}
]
},
@ -318,7 +323,7 @@
"description": "The CompTIA Linux+ certification is an entry-level certification aimed at individuals who are seeking to learn and demonstrate their skills and knowledge of the Linux operating system. This certification is widely recognized in the IT industry as an essential qualification for entry-level Linux administrators and helps them gain a strong foundation in Linux system administration tasks.\n\nLearn more from the following resources:",
"links": [
{
"title": "Linux+ Website",
"title": "CompTIA Linux+",
"url": "https://www.comptia.org/certifications/linux",
"type": "article"
},
@ -331,17 +336,17 @@
},
"4RGbNOfMPDbBcvUFWTTCV": {
"title": "CompTIA Network+",
"description": "The CompTIA Network+ is a highly sought-after certification for IT professionals who aim to build a solid foundation in networking concepts and practices. This certification is vendor-neutral, meaning that it covers a broad range of knowledge that can be applied to various network technologies, products, and solutions. The Network+ certification is designed for beginners in the world of IT networking, and it is recommended that you first obtain the [CompTIA A+ certification](#) before moving on to Network+.\n\nLearn more from the following resources:",
"description": "The CompTIA Network+ is a highly sought-after certification for IT professionals who aim to build a solid foundation in networking concepts and practices. This certification is vendor-neutral, meaning that it covers a broad range of knowledge that can be applied to various network technologies, products, and solutions. The Network+ certification is designed for beginners in the world of IT networking, and it is recommended that you first obtain the CompTIA A+ certification before moving on to Network+.\n\nLearn more from the following resources:",
"links": [
{
"title": "CompTIA Network+ Course",
"url": "https://www.youtube.com/watch?v=xmpYfyNmWbw",
"type": "course"
},
{
"title": "CompTIA Network+ Website",
"title": "CompTIA Network+",
"url": "https://www.comptia.org/certifications/network",
"type": "article"
},
{
"title": "CompTIA Network+ Course",
"url": "https://www.youtube.com/watch?v=xmpYfyNmWbw",
"type": "video"
}
]
},
@ -350,14 +355,14 @@
"description": "The Cisco Certified Network Associate (CCNA) certification is an entry-level certification for IT professionals who want to specialize in networking, specifically within the realm of Cisco products. This certification validates an individual's ability to install, configure, operate, and troubleshoot medium-sized routed and switched networks. It also covers the essentials of network security and management.\n\nLearn more from the following resources:",
"links": [
{
"title": "@Network Chuck Free CCNA Course",
"url": "https://www.youtube.com/playlist?list=PLIhvC56v63IJVXv0GJcl9vO5Z6znCVb1P",
"title": "CCNA Certification",
"url": "https://www.cisco.com/site/us/en/learn/training-certifications/certifications/enterprise/ccna/index.html",
"type": "article"
},
{
"title": "CCNA Certification Website",
"url": "https://www.cisco.com/site/us/en/learn/training-certifications/certifications/enterprise/ccna/index.html",
"type": "article"
"title": "Network Chuck Free CCNA Course",
"url": "https://www.youtube.com/playlist?list=PLIhvC56v63IJVXv0GJcl9vO5Z6znCVb1P",
"type": "video"
}
]
},
@ -382,9 +387,14 @@
"description": "**Certified Ethical Hacker (CEH)** is an advanced certification focused on equipping cybersecurity professionals with the knowledge and skills required to defend against the continuously evolving landscape of cyber threats. This certification is facilitated by the EC-Council, an internationally recognized organization for information security certifications.\n\nLearn more from the following resources:",
"links": [
{
"title": "CEH Website",
"title": "CEH",
"url": "https://www.eccouncil.org/train-certify/certified-ethical-hacker-ceh/",
"type": "article"
},
{
"title": "Certified Ethical Hacker Online Training",
"url": "https://iclass.eccouncil.org/our-courses/certified-ethical-hacker-ceh/",
"type": "article"
}
]
},
@ -393,7 +403,7 @@
"description": "The **Certified Information Systems Auditor (CISA)** is a globally recognized certification for professionals who audit, control, monitor, and assess an organization's information technology and business systems.\n\nCISA was established by the Information Systems Audit and Control Association (ISACA) and is designed to demonstrate an individual's expertise in managing vulnerabilities, ensuring compliance with industry regulations, and instituting controls within the business environment.\n\nLearn more from the following resources:",
"links": [
{
"title": "CISA Website",
"title": "CISA",
"url": "https://www.isaca.org/credentialing/cisa",
"type": "article"
},
@ -409,7 +419,7 @@
"description": "The Certified Information Security Manager (CISM) is an advanced cybersecurity certification offered by ISACA that focuses on information security management. It is designed for professionals who have a strong understanding of information security and are responsible for overseeing, designing, and managing an organization's information security programs.\n\nLearn more from the following resources:",
"links": [
{
"title": "CISM Website",
"title": "CISM",
"url": "https://www.isaca.org/credentialing/cism",
"type": "article"
},
@ -474,23 +484,28 @@
"description": "**OSCP (Offensive Security Certified Professional)** is a widely recognized certification in cybersecurity that focuses on penetration testing and ethical hacking. Offered by Offensive Security, it requires candidates to complete a challenging exam that involves identifying and exploiting vulnerabilities in a controlled environment. The OSCP certification emphasizes hands-on skills, practical experience, and the ability to conduct comprehensive security assessments, making it highly valued by employers for its rigorous approach to real-world penetration testing techniques.\n\nLearn more from the following resources:",
"links": [
{
"title": "Offsec OSCP Site",
"title": "Offensive Security Certified Professional",
"url": "https://www.offsec.com/courses/pen-200/",
"type": "article"
},
{
"title": "How to prepare for the OSCP",
"title": "How to Prepare for OSCP Exam",
"url": "https://cybersecurityguide.org/programs/cybersecurity-certifications/oscp/",
"type": "article"
},
{
"title": "How to Become an OSCP [Full Guide] - Geekflare",
"url": "https://geekflare.com/cybersecurity/oscp-certification/",
"type": "article"
}
]
},
"rA1skdztev3-8VmAtIlmr": {
"title": "CREST",
"description": "CREST is a non-profit, accreditation and certification body that represents the technical information security industry. Established in 2008, its mission is to promote the development and professionalization of the cyber security sector. CREST provides certifications for individuals and accreditations for companies, helping customers find knowledgeable and experienced professionals in the field.\n\nLearn more from the following resources:",
"description": "CREST is a non-profit, accreditation and certification body that represents the technical information security industry. Established in 2008, its mission is to promote the development and professionalization of the cyber security sector. CREST provides certifications for individuals and accreditation for companies, helping customers find knowledgeable and experienced professionals in the field.\n\nLearn more from the following resources:",
"links": [
{
"title": "CREST Certifications Website",
"title": "CREST Certifications",
"url": "https://www.crest-approved.org/skills-certifications-careers/crest-certifications/",
"type": "article"
},
@ -506,14 +521,14 @@
"description": "The Certified Information Systems Security Professional (CISSP) is a globally recognized certification offered by the International Information System Security Certification Consortium (ISC)². It is designed for experienced security professionals to validate their knowledge and expertise in the field of information security.\n\nLearn more from the following resources:",
"links": [
{
"title": "CISSP Certification course",
"url": "https://www.youtube.com/watch?v=M1_v5HBVHWo",
"type": "course"
},
{
"title": "CISSP Certification Website",
"title": "CISSP Certification",
"url": "https://www.isc2.org/certifications/cissp",
"type": "article"
},
{
"title": "CISSP Certification Course",
"url": "https://www.youtube.com/watch?v=M1_v5HBVHWo",
"type": "video"
}
]
},
@ -521,6 +536,16 @@
"title": "Operating Systems",
"description": "**Operating systems (OS)** are software that manage computer hardware and provide a platform for applications to run. They handle essential functions such as managing memory, processing tasks, controlling input and output devices, and facilitating file management. Key examples include **Windows**, **macOS**, **Linux**, and **Unix**. Each operating system offers different features and interfaces, tailored to specific user needs or system requirements, from desktop computing to server management and embedded systems.\n\nLearn more from the following resources:",
"links": [
{
"title": "What is a Operating System?",
"url": "https://en.wikipedia.org/wiki/Operating_system",
"type": "article"
},
{
"title": "8 Different Types of Operating Systems With Examples",
"url": "https://techspirited.com/different-types-of-operating-systems",
"type": "article"
},
{
"title": "What is an operating system as fast as possible",
"url": "https://www.youtube.com/watch?v=pVzRTmdd9j0",
@ -537,15 +562,15 @@
"url": "https://learn.microsoft.com/en-us/windows/security/",
"type": "article"
},
{
"title": "Windows 11 Full Tutorial - A 2 Hour Course to Learn and Master Windows 11",
"url": "https://www.youtube.com/watch?v=UKn-r3X2CLk",
"type": "article"
},
{
"title": "Explore top posts about Windows",
"url": "https://app.daily.dev/tags/windows?ref=roadmapsh",
"type": "article"
},
{
"title": "Windows 11 Full Tutorial - A 2 Hour Course to Learn and Master Windows 11",
"url": "https://www.youtube.com/watch?v=UKn-r3X2CLk",
"type": "video"
}
]
},
@ -683,6 +708,11 @@
"title": "Common Commands",
"description": "Common operating system (OS) commands are essential for interacting with a system's shell or command-line interface (CLI). These commands allow users to perform a wide range of tasks, such as navigating the file system, managing files and directories, checking system status, and administering processes. Below are some commonly used commands across Unix/Linux and Windows operating systems:\n\n1. **Navigating the File System:**\n \n * Unix/Linux: `ls` (list files), `cd` (change directory), `pwd` (print working directory)\n * Windows: `dir` (list files), `cd` (change directory), `echo %cd%` (print working directory)\n2. **File and Directory Management:**\n \n * Unix/Linux: `cp` (copy files), `mv` (move/rename files), `rm` (remove files), `mkdir` (create directory)\n * Windows: `copy` (copy files), `move` (move/rename files), `del` (delete files), `mkdir` (create directory)\n3. **System Information and Processes:**\n \n * Unix/Linux: `top` or `htop` (view running processes), `ps` (list processes), `df` (disk usage), `uname` (system info)\n * Windows: `tasklist` (list processes), `taskkill` (kill process), `systeminfo` (system details)\n4. **File Permissions and Ownership:**\n \n * Unix/Linux: `chmod` (change file permissions), `chown` (change file ownership)\n * Windows: `icacls` (modify access control lists), `attrib` (change file attributes)\n5. **Network Commands:**\n \n * Unix/Linux: `ping` (test network connection), `ifconfig` or `ip` (network interface configuration), `netstat` (network statistics)\n * Windows: `ping` (test network connection), `ipconfig` (network configuration), `netstat` (network statistics)\n\nThese commands form the foundation of interacting with and managing an OS via the command line, providing greater control over system operations compared to graphical interfaces.\n\nLearn more from the following resources:",
"links": [
{
"title": "Essential Unix Commands",
"url": "https://www.geeksforgeeks.org/essential-linuxunix-commands/",
"type": "article"
},
{
"title": "60 Linux commands you must know",
"url": "https://www.youtube.com/watch?v=gd7BXuUQ91w",
@ -727,7 +757,7 @@
"description": "Networking protocols are essential for facilitating communication between devices and systems across networks. In cybersecurity, understanding these protocols is crucial for identifying potential vulnerabilities and securing data transmission. Common protocols include TCP/IP, the foundation of internet communication, which ensures reliable data delivery. HTTP and HTTPS are used for web browsing, with HTTPS providing encrypted connections. FTP and SFTP handle file transfers, while SMTP, POP3, and IMAP manage email services. DNS translates domain names to IP addresses, and DHCP automates IP address assignment. SSH enables secure remote access and management of systems. Other important protocols include TLS/SSL for encryption, SNMP for network management, and VPN protocols like IPsec and OpenVPN for secure remote connections. Cybersecurity professionals must be well-versed in these protocols to effectively monitor network traffic, implement security measures, and respond to potential threats targeting specific protocol vulnerabilities.\n\nLearn more from the following resources:",
"links": [
{
"title": "12 common network protocols",
"title": "12 Common Network Protocols",
"url": "https://www.techtarget.com/searchnetworking/feature/12-common-network-protocols-and-their-functions-explained",
"type": "article"
},
@ -748,7 +778,7 @@
"type": "article"
},
{
"title": "Common network ports",
"title": "Common Network Ports",
"url": "https://www.youtube.com/watch?v=dh8h-4u7Wak",
"type": "video"
}
@ -1046,7 +1076,7 @@
"type": "article"
},
{
"title": "What is a router and how does it work?",
"title": "What is a router and How does it work?",
"url": "https://www.youtube.com/watch?v=UIJzHLpG9bM",
"type": "video"
},
@ -1067,12 +1097,12 @@
"description": "A switch is a network device that operates at the data link layer (Layer 2) of the OSI model, connecting multiple devices within a local area network (LAN). It uses MAC addresses to forward data packets between devices, creating separate collision domains for each port. Switches improve network efficiency by sending packets only to their intended destinations, reducing unnecessary traffic. They support full-duplex communication, allowing simultaneous data transmission in both directions. Modern switches often include advanced features like VLANs, port mirroring, and Quality of Service (QoS) management. Switches are fundamental to creating efficient, segmented networks and are crucial components in both small office and large enterprise network infrastructures.\n\nLearn more from the following resources:",
"links": [
{
"title": "What is a network switch?",
"title": "What is a Network Switch?",
"url": "https://www.cloudflare.com/en-gb/learning/network-layer/what-is-a-network-switch/",
"type": "article"
},
{
"title": "What is a SWITCH?",
"title": "What is a Switch?",
"url": "https://www.youtube.com/watch?v=9eH16Fxeb9o",
"type": "video"
}
@ -1241,6 +1271,11 @@
"title": "Star",
"description": "A star network topology is a configuration where all devices (nodes) are connected directly to a central hub or switch. In this arrangement, each node has a dedicated point-to-point link to the central device, forming a star-like structure. This topology offers advantages such as easy installation and reconfiguration, centralized management, and fault isolation. If one connection fails, it doesn't affect others. However, the central hub is a single point of failure for the entire network. Star topologies are commonly used in local area networks (LANs) due to their reliability, scalability, and ease of maintenance, making them a popular choice in both small office and large enterprise environments.\n\nLearn more from the following resources:",
"links": [
{
"title": "Star Topology",
"url": "https://www.computerhope.com/jargon/s/startopo.htm",
"type": "article"
},
{
"title": "Star Topology",
"url": "https://www.youtube.com/watch?v=EQ3rW22-Py0",
@ -1253,7 +1288,7 @@
"description": "In a ring topology, each network device is connected in a circular fashion, where data travels through each node in one direction (or both in a bidirectional setup) until it reaches its destination. This structure simplifies wiring and ensures a predictable data path, but a failure in any single node or connection can disrupt the entire network unless redundant paths are used. Ring topology is known for its straightforward installation but is less common today due to its vulnerability to network interruptions.\n\nLearn more from the following resources:",
"links": [
{
"title": "What is ring topology?",
"title": "What is Ring Topology?",
"url": "https://www.lenovo.com/gb/en/glossary/what-is-ring-topology/",
"type": "article"
},
@ -1407,7 +1442,7 @@
"description": "VMware is a leading provider of virtualization and cloud computing software. Its core technology allows multiple virtual machines (VMs) to run on a single physical server, each with its own operating system and resources. VMware's product suite includes tools for server virtualization, desktop virtualization, cloud management, and network virtualization. Key products like vSphere and ESXi enable efficient resource utilization, improved scalability, and simplified IT management. VMware's solutions are widely used in enterprise environments for consolidating servers, enabling cloud computing, facilitating disaster recovery, and supporting development and testing environments. The company's technology plays a crucial role in modern data center operations and hybrid cloud strategies.\n\nLearn more from the following resources:",
"links": [
{
"title": "VMWare Website",
"title": "VMWare",
"url": "https://www.vmware.com/",
"type": "article"
},
@ -1423,10 +1458,15 @@
"description": "VirtualBox is a free, open-source virtualization software developed by Oracle. It allows users to run multiple operating systems simultaneously on a single physical machine. VirtualBox supports a wide range of guest operating systems, including various versions of Windows, Linux, macOS, and more. It provides features like snapshots for easy system state preservation, shared folders for file exchange between host and guest systems, and USB device support. VirtualBox is popular among developers, IT professionals, and enthusiasts for testing software, running legacy applications, and experimenting with different operating systems without the need for separate physical hardware.\n\nLearn more from the following resources:",
"links": [
{
"title": "VirtualBox Website",
"title": "VirtualBox",
"url": "https://www.virtualbox.org/",
"type": "article"
},
{
"title": "VirtualBox Documentation",
"url": "https://www.virtualbox.org/wiki/Documentation",
"type": "article"
},
{
"title": "How to use VirtualBox",
"url": "https://www.youtube.com/watch?v=nvdnQX9UkMY",
@ -1455,10 +1495,15 @@
"description": "**Proxmox** is an open-source virtualization management platform that integrates both **Proxmox Virtual Environment (Proxmox VE)** and **Proxmox Mail Gateway**. Proxmox VE combines virtualization technologies, including KVM for virtual machines and LXC for lightweight containers, into a unified web-based interface for managing and deploying virtualized environments. It offers features such as high availability, storage management, and backup solutions. Proxmox Mail Gateway provides email security and anti-spam solutions, protecting email systems from threats. Proxmox is valued for its flexibility, cost-effectiveness, and comprehensive management capabilities.\n\nLearn more from the following resources:",
"links": [
{
"title": "Proxmox Website",
"title": "Proxmox",
"url": "https://www.proxmox.com/en/",
"type": "article"
},
{
"title": "Proxmox Virtual Environment",
"url": "https://en.wikipedia.org/wiki/Proxmox_Virtual_Environment",
"type": "article"
},
{
"title": "What is Proxmox virtualization?",
"url": "https://www.youtube.com/watch?v=GMAvmHEWAMU",
@ -1620,12 +1665,12 @@
"description": "Port scanners are essential tools in the troubleshooting and cybersecurity landscape. They are designed to detect open or closed network ports on a target system. Network ports serve as communication endpoints for various applications and services running on a device, and knowing the status of these ports can help identify potential security vulnerabilities or confirm that specific services are running as intended.\n\nLearn more from the following resources:",
"links": [
{
"title": "Top 5 Best port scanners",
"title": "Top 5 Best Port Scanners",
"url": "https://securitytrails.com/blog/best-port-scanners",
"type": "article"
},
{
"title": "How To Use nmap To Scan For Open Ports",
"title": "How To Use Nmap To Scan For Open Ports",
"url": "https://www.youtube.com/watch?v=ifbwTt3_oCg",
"type": "video"
}
@ -1683,6 +1728,11 @@
"title": "Protocol Analyzers",
"description": "**Protocol analyzers**, also known as network analyzers or packet sniffers, are tools used to capture, inspect, and analyze network traffic. They help diagnose network issues, troubleshoot performance problems, and ensure security by providing detailed insights into the data packets transmitted across a network. Protocol analyzers decode and display various network protocols, such as TCP/IP, HTTP, and DNS, allowing users to understand communication patterns, detect anomalies, and identify potential vulnerabilities. Popular examples include Wireshark and tcpdump.\n\nLearn more from the following resources:",
"links": [
{
"title": "What is a Protocol Analyzer?",
"url": "https://www.liveaction.com/glossary/protocol-analyzer/",
"type": "article"
},
{
"title": "Protocol Analyzers",
"url": "https://www.youtube.com/watch?v=hTMhlB-o0Ow",
@ -1713,8 +1763,19 @@
},
"xFuWk7M-Vctk_xb7bHbWs": {
"title": "route",
"description": "The `route` command is a network utility used to view and manipulate the IP routing table on Unix-like and Windows systems. It allows users to display the current routes that data packets take, as well as add, modify, or delete routes for network traffic. This command is often used in network troubleshooting and configuration to control how data flows between different networks and subnets. By specifying routes manually, administrators can define specific paths for network traffic, bypassing default routes and optimizing performance or security.",
"links": []
"description": "The `route` command is a network utility used to view and manipulate the IP routing table on Unix-like and Windows systems. It allows users to display the current routes that data packets take, as well as add, modify, or delete routes for network traffic. This command is often used in network troubleshooting and configuration to control how data flows between different networks and subnets. By specifying routes manually, administrators can define specific paths for network traffic, bypassing default routes and optimizing performance or security.\n\nLearn more from the following resources:",
"links": [
{
"title": "route command",
"url": "https://www.man7.org/linux/man-pages/man8/route.8.html",
"type": "article"
},
{
"title": "route command explained",
"url": "https://www.youtube.com/watch?v=uOqBollh_x4",
"type": "video"
}
]
},
"y8GaUNpaCT1Ai88wPOk6d": {
"title": "tcpdump",
@ -1822,12 +1883,12 @@
"description": "Certificates, also known as digital certificates or SSL/TLS certificates, play a crucial role in the world of cybersecurity. They help secure communications between clients and servers over the internet, ensuring that sensitive data remains confidential and protected from prying eyes.\n\nDigital certificates provide a crucial layer of security and trust for online communications. Understanding their role in cybersecurity, the different types of certificates, and the importance of acquiring certificates from trusted CAs can greatly enhance your organization's online security posture and reputation.\n\nLearn more from the following resources:",
"links": [
{
"title": "What is an SSL certificate?",
"title": "What is an SSL Certificate?",
"url": "https://www.cloudflare.com/en-gb/learning/ssl/what-is-an-ssl-certificate/",
"type": "article"
},
{
"title": "What is a certificate authority",
"title": "What is a Certificate Authority",
"url": "https://www.ssl.com/article/what-is-a-certificate-authority-ca/",
"type": "article"
}
@ -1991,7 +2052,7 @@
"description": "**Penetration Testing Rules of Engagement** define the guidelines and boundaries for conducting a penetration test. They establish the scope, objectives, and constraints, including the systems and networks to be tested, the testing methods allowed, and the times during which testing can occur. These rules ensure that the testing is conducted ethically and legally, minimizing disruptions and protecting sensitive data. They also include communication protocols for reporting findings and any necessary approvals or permissions from stakeholders to ensure that the testing aligns with organizational policies and compliance requirements.\n\nLearn more from the following resources:",
"links": [
{
"title": "Why are rules of engagement important to a Penetration Test?",
"title": "Why are Rules of Engagement Important to a Penetration Test?",
"url": "https://www.triaxiomsecurity.com/rules-of-engagement-important-to-penetration-test/",
"type": "article"
},
@ -2023,12 +2084,12 @@
"description": "The core concepts of Zero Trust revolve around the principle of \"never trust, always verify,\" emphasizing the need to continuously validate every user, device, and application attempting to access resources, regardless of their location within or outside the network perimeter. Unlike traditional security models that rely on a strong perimeter defense, Zero Trust assumes that threats could already exist inside the network and that no entity should be trusted by default. Key principles include strict identity verification, least privilege access, micro-segmentation, and continuous monitoring. This approach limits access to resources based on user roles, enforces granular security policies, and continuously monitors for abnormal behavior, ensuring that security is maintained even if one segment of the network is compromised. Zero Trust is designed to protect modern IT environments from evolving threats by focusing on securing data and resources, rather than just the network perimeter.\n\nLearn more from the following resources:",
"links": [
{
"title": "What is a zero trust network?",
"title": "What is a Zero Trust Network?",
"url": "https://www.cloudflare.com/en-gb/learning/security/glossary/what-is-zero-trust/",
"type": "article"
},
{
"title": "Zero trust explained in 4 minutes",
"title": "Zero Trust Explained in 4 minutes",
"url": "https://www.youtube.com/watch?v=yn6CPQ9RioA",
"type": "video"
}
@ -2039,9 +2100,14 @@
"description": "Compliance officers ensure that an organization adheres to legal, regulatory, and internal policies by proactively implementing controls, training employees, and mitigating risks. Auditors, both internal and external, assess the effectiveness of these controls and the accuracy of financial reporting through periodic evaluations, providing independent assurance to management and stakeholders. While compliance focuses on prevention and day-to-day adherence, auditors focus on verifying and evaluating past performance to ensure integrity and identify areas for improvement. Both roles work together to manage risk and maintain organizational accountability.\n\nLearn more from the following resources:",
"links": [
{
"title": "What is a compliance audit?",
"title": "What is a Compliance Audit?",
"url": "https://www.auditboard.com/blog/compliance-audit/",
"type": "article"
},
{
"title": "Compliance Office and Internal Audit Roles and Responsibilities",
"url": "https://www.compliance.com/resources/compliance-office-and-internal-audit-roles-and-responsibilities/",
"type": "article"
}
]
},
@ -2084,7 +2150,7 @@
},
"H38Vb7xvuBJXVzgPBdRdT": {
"title": "Cyber Kill Chain",
"description": "The **Cyber Kill Chain** is a model that was developed by Lockheed Martin, a major aerospace, military support, and security company, to understand and prevent cyber intrusions in various networks and systems. It serves as a framework for breaking down the stages of a cyber attack, making it easier for security professionals to identify, mitigate, and prevent threats.\n\nThe concept is based on a military model, where the term \"kill chain\" represents a series of steps needed to successfully target and engage an adversary. In the context of cybersecurity, the model breaks down the stages of a cyber attack into seven distinct phases:\n\n* **Reconnaissance**: This initial phase involves gathering intelligence on the target, which may include researching public databases, performing network scans, or social engineering techniques.\n* **Weaponization**: In this stage, the attacker creates a weapon – such as a malware, virus, or exploit – and packages it with a delivery mechanism that can infiltrate the target's system.\n* **Delivery**: The attacker selects and deploys the delivery method to transmit the weapon to the target. Common methods include email attachments, malicious URLs, or infected software updates.\n* **Exploitation**: This is the phase where the weapon is activated, taking advantage of vulnerabilities in the target's systems or applications to execute the attacker's code.\n* **Installation**: Once the exploit is successful, the attacker installs the malware on the victim's system, setting the stage for further attacks or data exfiltration.\n* **Command and Control (C2)**: The attacker establishes a communication channel with the infected system, allowing them to remotely control the malware and conduct further actions.\n* **Actions on Objectives**: In this final phase, the attacker achieves their goal, which may involve stealing sensitive data, compromising systems, or disrupting services.\n\nLearn more from the following resources:",
"description": "The **Cyber Kill Chain** is a model that was developed by Lockheed Martin, a major aerospace, military support, and security company, to understand and prevent cyber intrusions in various networks and systems. It serves as a framework for breaking down the stages of a cyber attack, making it easier for security professionals to identify, mitigate, and prevent threats.\n\nLearn more from the following resources:",
"links": [
{
"title": "Cyber Kill Chain",
@ -2116,13 +2182,18 @@
},
"_S25EOGS3P8647zLM5i-g": {
"title": "Operating System Hardening",
"description": "**Operating system hardening** involves configuring and securing an OS to reduce vulnerabilities and improve its defense against attacks. This process includes disabling unnecessary services and ports, applying security patches and updates, configuring strong authentication mechanisms, enforcing least privilege principles, and enabling firewalls and intrusion detection systems. Hardening also involves setting up proper file permissions, securing system logs, and regularly auditing the system to ensure compliance with security policies and best practices. The goal is to minimize the attack surface and protect the OS from potential threats and exploits.\n\nLearn more from the following resources",
"description": "**Operating system hardening** involves configuring and securing an OS to reduce vulnerabilities and improve its defense against attacks. This process includes disabling unnecessary services and ports, applying security patches and updates, configuring strong authentication mechanisms, enforcing least privilege principles, and enabling firewalls and intrusion detection systems. Hardening also involves setting up proper file permissions, securing system logs, and regularly auditing the system to ensure compliance with security policies and best practices. The goal is to minimize the attack surface and protect the OS from potential threats and exploits.\n\nLearn more from the following resources:",
"links": [
{
"title": "OS Hardening: 15 Best Practices",
"url": "https://perception-point.io/guides/os-isolation/os-hardening-10-best-practices/",
"type": "article"
},
{
"title": "Operating System (OS) Hardening: Pros, Cons, and Importance",
"url": "https://linfordco.com/blog/operating-system-hardening/",
"type": "article"
},
{
"title": "Hardening Techniques",
"url": "https://www.youtube.com/watch?v=wXoC46Qr_9Q",
@ -2263,7 +2334,7 @@
},
"M6uwyD4ibguxytf1od-og": {
"title": "True Negative / True Positive",
"description": "True Negative / True Positive\n-----------------------------\n\nA True Positive occurs when a security system correctly identifies a genuine threat or malicious activity. It's an accurate alert that correctly detects an actual security incident. For example, an antivirus correctly flagging a file as malware. A True Negative is when a security system correctly identifies that there is no threat when indeed no threat exists. It's the system's accurate determination that normal, benign activity is not a security risk. For example, a firewall correctly allowing legitimate network traffic.\n\nBoth True Positives and True Negatives represent correct assessments by security systems, contributing to effective threat detection and minimizing false alarms. Balancing these with minimizing false positives and false negatives is crucial for optimal security system performance.\n\nLearn more from the following resources:",
"description": "A True Positive occurs when a security system correctly identifies a genuine threat or malicious activity. It's an accurate alert that correctly detects an actual security incident. For example, an antivirus correctly flagging a file as malware. A True Negative is when a security system correctly identifies that there is no threat when indeed no threat exists. It's the system's accurate determination that normal, benign activity is not a security risk. For example, a firewall correctly allowing legitimate network traffic.\n\nBoth True Positives and True Negatives represent correct assessments by security systems, contributing to effective threat detection and minimizing false alarms. Balancing these with minimizing false positives and false negatives is crucial for optimal security system performance.\n\nLearn more from the following resources:",
"links": [
{
"title": "False Positives and False Negatives in Information Security",
@ -2330,7 +2401,7 @@
"description": "Privilege escalation is a technique where an attacker increases their access level within a system, moving from lower to higher permissions, such as from a standard user to an administrator. This can be achieved by exploiting system vulnerabilities, misconfigurations, or security weaknesses. It is critical to implement strong access controls, adhere to the principle of least privilege, and regularly update and patch systems to defend against such attacks.\n\nVisit the following resources to learn more:",
"links": [
{
"title": "What is privilege escalation?",
"title": "What is Privilege Escalation?",
"url": "https://www.crowdstrike.com/cybersecurity-101/privilege-escalation/",
"type": "article"
},
@ -2417,7 +2488,7 @@
},
"W7iQUCjODGYgE4PjC5TZI": {
"title": "curl",
"description": "Curl is a versatile command-line tool primarily used for transferring data using various network protocols. It is widely used in cybersecurity and development for the purpose of testing and interacting with web services, APIs, and scrutinizing web application security. Curl supports various protocols such as HTTP, HTTPS, FTP, SCP, SFTP, and many more.\n\nLearn more from the following resources:",
"description": "cURL is a versatile command-line tool primarily used for transferring data using various network protocols. It is widely used in cybersecurity and development for the purpose of testing and interacting with web services, APIs, and scrutinizing web application security. Curl supports various protocols such as HTTP, HTTPS, FTP, SCP, SFTP, and many more.\n\nLearn more from the following resources:",
"links": [
{
"title": "What is the cURL command?",
@ -2483,6 +2554,11 @@
"title": "cat",
"description": "`cat` is a widely used command-line utility in UNIX and UNIX-like systems. It stands for \"concatenate\" which, as the name suggests, can be used to concatenate files, display file contents, or combine files. In the context of incident response and discovery tools, `cat` plays an essential role in quickly accessing and assessing the contents of various files that inform on security incidents and help users understand system data as well as potential threats.\n\nLearn more from the following resources:",
"links": [
{
"title": "Cat Command in Linux",
"url": "https://linuxize.com/post/linux-cat-command/",
"type": "article"
},
{
"title": "Linux cat command",
"url": "https://phoenixnap.com/kb/linux-cat-command",
@ -2548,7 +2624,7 @@
"description": "Wireshark is a powerful, open-source network protocol analyzer used for real-time packet capture and analysis. It allows users to examine network traffic at a microscopic level, capturing and interactively browsing the traffic running on a computer network. Wireshark can decode a wide variety of network protocols, making it an essential tool for network troubleshooting, security analysis, software and protocol development, and education. It provides a user-friendly graphical interface and offers features like deep inspection of hundreds of protocols, live capture and offline analysis, and the ability to read/write many different capture file formats. Wireshark is widely used by IT professionals, security experts, and developers for diagnosing network issues and understanding network communication.\n\nLearn more from the following resources:",
"links": [
{
"title": "Wireshark Website",
"title": "Wireshark",
"url": "https://www.wireshark.org/",
"type": "article"
},
@ -2569,7 +2645,7 @@
"description": "WinHex is a universal hexadecimal editor and disk editor primarily used for computer forensics and data recovery. It allows users to examine and edit the raw content of files, disks, or memory in hexadecimal and ASCII formats. WinHex provides advanced features for data analysis, including disk cloning, secure data erasure, and file system reconstruction. It supports various file systems and can work with physical disks, disk images, and RAM. Forensic experts use WinHex to investigate digital evidence, recover deleted files, and analyze data structures. While powerful, it requires careful use as it can directly manipulate raw data, potentially causing unintended changes to critical system files or data.\n\nLearn more from the following resources:",
"links": [
{
"title": "WinHex Website",
"title": "WinHex",
"url": "https://x-ways.net/winhex/",
"type": "article"
},
@ -2727,6 +2803,11 @@
"title": "What is PKI?",
"url": "https://cpl.thalesgroup.com/faq/public-key-infrastructure-pki/what-public-key-infrastructure-pki",
"type": "article"
},
{
"title": "What Is Public Key Infrastructure (PKI) & How Does It Work?",
"url": "https://www.okta.com/identity-101/public-key-infrastructure/",
"type": "article"
}
]
},
@ -2849,7 +2930,7 @@
},
"fjEdufrZAfW4Rl6yDU8Hk": {
"title": "RMF",
"description": "A **Risk Management Framework (RMF)** is a structured approach that organizations use to identify, assess, manage, and mitigate risks. It provides a systematic process to ensure that risks are effectively controlled and aligned with the organization's objectives. Key components include:\n\n1. **Risk Identification:** Identifying potential internal and external risks that could impact the organization.\n2. **Risk Assessment:** Evaluating the likelihood and impact of identified risks.\n3. **Risk Mitigation:** Developing strategies to reduce or eliminate risks, such as controls, policies, and contingency plans.\n4. **Risk Monitoring:** Continuously tracking risks and the effectiveness of mitigation measures.\n5. **Communication and Reporting:** Regularly updating stakeholders on the risk status and actions taken.\n6. **Review and Improvement:** Periodically reassessing the framework and adapting to changes in the business or regulatory environment.\n\nThe RMF ensures that risks are managed proactively and consistently across the organization, helping to safeguard assets and support strategic decision-making.\n\nLearn more from the following resources:",
"description": "A **Risk Management Framework (RMF)** is a structured approach that organizations use to identify, assess, manage, and mitigate risks. It provides a systematic process to ensure that risks are effectively controlled and aligned with the organization's objectives. Key components include:\n\n1. **Risk Identification:** Identifying potential internal and external risks that could impact the organization.\n2. **Risk Assessment:** Evaluating the likelihood and impact of identified risks.\n3. **Risk Mitigation:** Developing strategies to reduce or eliminate risks, such as controls, policies, and contingency plans.\n4. **Risk Monitoring:** Continuously tracking risks and the effectiveness of mitigation measures.\n5. **Communication and Reporting:** Regularly updating stakeholders on the risk status and actions taken.\n6. **Review and Improvement:** Periodically reassessing the framework and adapting to changes in the business or regulatory environment.\n\nLearn more from the following resources:",
"links": [
{
"title": "What is the Risk Management Framework?",
@ -2868,7 +2949,7 @@
"description": "The **Center for Internet Security (CIS)** is a non-profit organization that focuses on enhancing the cybersecurity posture of individuals, organizations, and governments around the world. CIS offers various tools, best practices, guidelines, and frameworks that help in defending against common cyber threats.\n\nLearn more from the following resources:",
"links": [
{
"title": "CIS Website",
"title": "CIS",
"url": "https://www.cisecurity.org/",
"type": "article"
},
@ -2950,6 +3031,16 @@
"title": "ParrotOS",
"url": "https://parrotsec.org/",
"type": "article"
},
{
"title": "ParrotOS Documentation",
"url": "https://parrotsec.org/docs",
"type": "article"
},
{
"title": "ParrotOS Downloads",
"url": "https://parrotsec.org/download",
"type": "article"
}
]
},
@ -3099,8 +3190,19 @@
},
"W7bcydXdwlubXF2PHKOuq": {
"title": "Port Blocking",
"description": "Port blocking is an essential practice in hardening the security of your network and devices. It involves restricting, filtering, or entirely denying access to specific network ports to minimize exposure to potential cyber threats. By limiting access to certain ports, you can effectively safeguard your systems against unauthorized access and reduce the likelihood of security breaches.",
"links": []
"description": "Port blocking is an essential practice in hardening the security of your network and devices. It involves restricting, filtering, or entirely denying access to specific network ports to minimize exposure to potential cyber threats. By limiting access to certain ports, you can effectively safeguard your systems against unauthorized access and reduce the likelihood of security breaches.\n\nLearn more from the following resources:",
"links": [
{
"title": "What is Port Blocking?",
"url": "https://cyberpedia.reasonlabs.com/EN/port%20blocking.html",
"type": "article"
},
{
"title": "Is Your Router Blocking Your Ports? Here's How to Find Out?",
"url": "https://softhandtech.com/how-can-i-tell-if-a-port-is-blocked-on-my-router/",
"type": "article"
}
]
},
"FxuMJmDoDkIsPFp2iocFg": {
"title": "Group Policy",
@ -3534,12 +3636,12 @@
"description": "The **Preparation** phase in incident response involves establishing and maintaining the tools, policies, and procedures necessary to handle security incidents effectively. This includes creating an incident response plan, defining roles and responsibilities, training staff, and ensuring that appropriate technologies, such as monitoring systems and logging tools, are in place to detect and respond to incidents. Preparation also involves conducting regular drills, threat intelligence gathering, and vulnerability assessments to enhance readiness, ensuring the organization is equipped to mitigate potential security threats quickly and efficiently.\n\nLearn more from the following resources:",
"links": [
{
"title": "",
"title": "What is Incident Response",
"url": "https://www.microsoft.com/en-gb/security/business/security-101/what-is-incident-response",
"type": "article"
},
{
"title": "",
"title": "Cyber Security Incident Response Explained",
"url": "https://www.youtube.com/watch?v=ePZGqlcB1O8",
"type": "video"
}
@ -3566,7 +3668,7 @@
"description": "Containment in cybersecurity refers to the process of limiting the impact of a security incident by isolating affected systems, networks, or data to prevent further spread or damage. When a breach or malware infection is detected, containment strategies are quickly implemented to halt the attack's progress, often by disconnecting compromised systems from the network, blocking malicious traffic, or restricting user access. Containment is a critical step in incident response, allowing security teams to control the situation while they investigate the root cause, assess the extent of the breach, and prepare for remediation. Effective containment minimizes the potential harm to the organization, preserving the integrity of unaffected systems and data.\n\nLearn more from the following resources:",
"links": [
{
"title": "Microsoft security incident management: Containment, eradication, and recovery",
"title": "Microsoft Security Incident Management: Containment, Eradication, and Recovery",
"url": "https://learn.microsoft.com/en-us/compliance/assurance/assurance-sim-containment-eradication-recovery",
"type": "article"
},
@ -3667,13 +3769,13 @@
"description": "VirusTotal's main feature is multi-scanning using over 70 antivirus scanners to generate a cumulative report on whether a file is malicious. It also stores file hashes, eliminating the need to rescan previously uploaded files. Researchers can comment in the community, sharing their analysis and insights into malware for others to benefit from. VirusTotal's aggregated data comes from various antivirus engines, website scanners, file and URL analysis tools, and user contributions. These tools serve diverse purposes, including heuristic engines, known-bad signatures, metadata extraction, and identification of malicious signals. Additionally, VirusTotal offers services to search by file hash, IP address, and URL, which are also scanned. For more comprehensive features, VirusTotal provides Premium services such as Intelligence & Hunting.\n\nVisit the following resources to learn more:",
"links": [
{
"title": "VirusTotal's Docs on how VirusTotal Works",
"url": "https://docs.virustotal.com/docs/how-it-works",
"title": "VirusTotal",
"url": "https://www.virustotal.com",
"type": "article"
},
{
"title": "VirusTotal's website",
"url": "https://www.virustotal.com",
"title": "How VirusTotal Works",
"url": "https://docs.virustotal.com/docs/how-it-works",
"type": "article"
},
{
@ -3863,7 +3965,7 @@
"description": "In a Shoulder Surfing Attack, an attacker tries to get information when you are unaware of where the attacker looks over your shoulder or from your back to see what you're doing on your device and obtain sensitive information. Shoulder Surfing attacks are accomplished by observing the content \"over the victim's shoulder\". It is a social engineering attack where the attackers physically view the device screen and keypad to obtain personal information. This attack is mostly done when you are in a public place or crowded area. Sometimes attackers attack when you are busy on your device and the attacker could be your friend, someone you know or it may be some stranger.\n\nVisit the following resources to learn more:",
"links": [
{
"title": "What is shoulder surfing, and how can you avoid it?",
"title": "What is Shoulder Surfing, and How can you avoid it?",
"url": "https://nordvpn.com/blog/shoulder-surfing/?srsltid=AfmBOorl5NPpW_Tnhas9gB2HiblorqwXyK0NJae7uaketrnDwbjJmiYV",
"type": "article"
},
@ -3945,12 +4047,17 @@
},
"UU_inxa8Y2lLP2BRhdLDT": {
"title": "Reconnaissance",
"description": "Reconnaissance is the first phase of a cyberattack, during which attackers gather as much information as possible about a target system, network, or organization. The goal of reconnaissance is to identify potential vulnerabilities, entry points, and other valuable details that can be exploited in subsequent attack phases.\n\nVisit the following resources to learn more:",
"description": "Reconnaissance is the first phase of a cyber-attack, during which attackers gather as much information as possible about a target system, network, or organization. The goal of reconnaissance is to identify potential vulnerabilities, entry points, and other valuable details that can be exploited in subsequent attack phases.\n\nVisit the following resources to learn more:",
"links": [
{
"title": "What is Cyber Reconnaissance",
"url": "https://www.sentinelone.com/cybersecurity-101/threat-intelligence/what-is-cyber-reconnaissance/",
"type": "article"
},
{
"title": "What is Cybersecurity Reconnaissance?",
"url": "https://cymulate.com/cybersecurity-glossary/cyber-reconnaissance/",
"type": "article"
}
]
},
@ -3970,7 +4077,7 @@
"description": "Watering Hole Attack is a type of cyberattack where the attacker targets a specific group of users by compromising a website or online resource that they are known to frequently visit. The name \"watering hole\" comes from the idea of predators waiting by a water source to attack prey, similar to how attackers wait for their targets to visit a compromised site.\n\nVisit the following resources to learn more:",
"links": [
{
"title": "What is a watering hole attack?",
"title": "What is a Watering Hole Attack?",
"url": "https://www.techtarget.com/searchsecurity/definition/watering-hole-attack",
"type": "article"
},
@ -4135,9 +4242,14 @@
"description": "A Rogue Access Point (Rogue AP) is an unauthorized wireless access point installed on a secure network without the network administrator's knowledge or consent. These devices can be set up by malicious actors to intercept, steal, or manipulate network traffic, or by employees who unintentionally compromise network security by setting up their own wireless access points.\n\nVisit the following resources to learn more:",
"links": [
{
"title": "Rogue access points",
"title": "Rogue Access Points",
"url": "https://www.khanacademy.org/computing/computers-and-internet/xcae6f4a7ff015e7d:online-data-security/xcae6f4a7ff015e7d:cyber-attacks/a/rogue-access-points-mitm-attacks",
"type": "article"
},
{
"title": "What is Rogue Access Point",
"url": "https://pentescope.com/rogue-access-point-detection-and-prevention/",
"type": "article"
}
]
},
@ -4384,7 +4496,7 @@
"type": "article"
},
{
"title": "What cloud skills are essential?",
"title": "What Cloud Skills are Essential?",
"url": "https://www.youtube.com/watch?v=udKBDRcj178",
"type": "video"
}
@ -4395,7 +4507,12 @@
"description": "Cloud security encompasses the measures, controls, policies, and technologies implemented to protect data, applications, and infrastructure associated with cloud computing environments. It involves securing data both in transit and at rest, managing access controls, ensuring compliance with regulations, and protecting against threats like data breaches, account hijacking, and DDoS attacks. Cloud security strategies often include encryption, multi-factor authentication, regular security audits, and shared responsibility models between cloud providers and customers. While cloud platforms offer advanced security features, organizations must also adapt their security practices to address the unique challenges of cloud environments, such as data sovereignty issues, shared infrastructure risks, and the need for continuous monitoring across distributed systems.\n\nLearn more from the following resources:",
"links": [
{
"title": "What is cloud security",
"title": "What Is Cloud Security? - Google Cloud",
"url": "https://cloud.google.com/learn/what-is-cloud-security",
"type": "article"
},
{
"title": "Cloud Security",
"url": "https://www.checkpoint.com/cyber-hub/cloud-security/what-is-cloud-security/",
"type": "article"
},
@ -4411,7 +4528,7 @@
"description": "Deploying to the cloud involves the process of making applications, services, or infrastructure available in cloud computing environments. It typically includes selecting a cloud provider (e.g., AWS, Azure, Google Cloud), configuring necessary resources (compute, storage, networking), and using deployment tools to push code or infrastructure definitions. Modern cloud deployments often leverage containerization, orchestration platforms like Kubernetes, and CI/CD pipelines for automated, consistent releases. Key considerations include scalability, security, cost optimization, and maintaining high availability. Cloud-native approaches, such as microservices architecture and serverless computing, are frequently employed to maximize cloud benefits. Effective cloud deployment strategies balance performance, reliability, and cost-efficiency while ensuring compliance with relevant regulations and organizational policies.\n\nLearn more from the following resources:",
"links": [
{
"title": "What is cloud deployment?",
"title": "What is Cloud Deployment?",
"url": "https://www.cognizant.com/us/en/glossary/cloud-deployment",
"type": "article"
},
@ -4443,9 +4560,24 @@
"description": "Infrastructure as Code (IaC) is a practice of managing and provisioning computing infrastructure through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. It treats infrastructure configuration as software, allowing it to be version-controlled, tested, and automatically deployed. IaC enables consistent, repeatable environment setups, reduces manual errors, facilitates rapid scaling and disaster recovery, and improves collaboration between development and operations teams. Popular IaC tools include Terraform, AWS CloudFormation, and Ansible, which use declarative or imperative approaches to define infrastructure states. This approach is fundamental to DevOps practices, cloud computing, and the efficient management of complex, dynamic IT environments.\n\nLearn more from the following resources:",
"links": [
{
"title": "Terraform Roadmap",
"title": "Visit Dedicated Terraform Roadmap",
"url": "https://roadmap.sh/terraform",
"type": "article"
},
{
"title": "Visit Dedicated AWS Roadmap",
"url": "https://roadmap.sh/aws",
"type": "article"
},
{
"title": "What is Infrastructure as Code? - IaC Explained - AWS",
"url": "https://aws.amazon.com/what-is/iac/",
"type": "article"
},
{
"title": "What is infrastructure as code (IaC)? - Azure DevOps",
"url": "https://learn.microsoft.com/en-us/devops/deliver/what-is-infrastructure-as-code",
"type": "article"
}
]
},
@ -4454,7 +4586,7 @@
"description": "Serverless computing is a cloud execution model where the cloud provider dynamically manages server allocation, allowing developers to focus solely on writing code. It offers automatic scaling, pay-per-use billing based on actual compute time, and typically operates through event-driven, stateless functions designed for quick execution. Popular platforms include AWS Lambda, Azure Functions, and Google Cloud Functions. While serverless computing provides reduced operational complexity and cost efficiency, particularly for microservices and event-driven applications, it may face challenges with long-running tasks, cold starts, and potential vendor lock-in. Despite its name, servers are still involved, but their management is abstracted away from the developer, simplifying the deployment and scaling of applications.\n\nLearn more from the following resources:",
"links": [
{
"title": "What is serverless computing?",
"title": "What is Serverless Computing?",
"url": "https://www.cloudflare.com/en-gb/learning/serverless/what-is-serverless/",
"type": "article"
},
@ -4470,7 +4602,7 @@
"description": "Software as a Service (SaaS) is a cloud-based model where software applications are delivered to users over the internet, eliminating the need for local installation or maintenance. SaaS providers manage infrastructure, security, and updates, allowing users to access the software on a subscription basis from any device with an internet connection. This model offers scalability, reduced upfront costs, and easy integration with other cloud services, making it a popular choice for businesses looking for flexibility and efficiency in software deployment.\n\nLearn more from the following resources:",
"links": [
{
"title": "iWhat is SaaS? Microsoft",
"title": "Software as a Service?",
"url": "https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-is-saas",
"type": "article"
},
@ -4518,12 +4650,12 @@
"description": "A **private cloud** is a cloud computing environment dedicated to a single organization, offering the same benefits as public clouds, such as scalability and self-service, but with greater control and customization. It is hosted either on-premises or by a third-party provider, and it ensures that the organization's data and applications are isolated from other entities. This setup enhances security and compliance, making it ideal for businesses with specific regulatory requirements or high-security needs.\n\nLearn more from the following resources:",
"links": [
{
"title": "What is a private cloud?",
"title": "What is a Private Cloud?",
"url": "https://aws.amazon.com/what-is/private-cloud/",
"type": "article"
},
{
"title": "Private cloud rules",
"title": "Private Cloud Rules",
"url": "https://www.youtube.com/watch?v=Tzqy8lW0bk4",
"type": "video"
}
@ -4534,12 +4666,12 @@
"description": "A **public cloud** is a computing service offered by third-party providers over the internet, where resources such as servers, storage, and applications are shared among multiple users or organizations. It is typically managed by the cloud service provider and offers scalability, cost-effectiveness, and ease of access, with users paying only for the resources they consume. Public clouds are ideal for businesses and individuals who need flexible, on-demand computing resources without the overhead of managing physical infrastructure. Popular examples include Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).\n\nLearn more from the following resources:",
"links": [
{
"title": "What is a public cloud? Microsoft",
"title": "A Public Cloud?",
"url": "https://azure.microsoft.com/en-gb/resources/cloud-computing-dictionary/what-is-a-public-cloud",
"type": "article"
},
{
"title": "What is a public cloud?",
"title": "What is a Public Cloud",
"url": "https://www.youtube.com/watch?v=KaCyfQ7luVY",
"type": "video"
}
@ -4634,8 +4766,13 @@
"description": "Amazon Simple Storage Service (S3) is a scalable, object-based cloud storage service provided by AWS. It allows users to store and retrieve large amounts of data, such as files, backups, or media content, with high durability and availability. S3 is designed for flexibility, enabling users to access data from anywhere via the internet while offering security features like encryption and access controls. It is widely used for data storage, content distribution, disaster recovery, and big data analytics, providing cost-effective, scalable storage for a variety of applications.\n\nLearn more from the following resources:",
"links": [
{
"title": "AWS S3 Website",
"url": "https://aws.amazon.com/pm/serv-s3/?gclid=Cj0KCQjwrp-3BhDgARIsAEWJ6SyhAtgc3NJbsxaAXVbWEOW5gG-XFH51jIc8SxahYSxNJ501l9soUA0aAnEjEALw_wcB&trk=777b3ec4-de01-41fb-aa63-cde3d034a89e&sc_channel=ps&ef_id=Cj0KCQjwrp-3BhDgARIsAEWJ6SyhAtgc3NJbsxaAXVbWEOW5gG-XFH51jIc8SxahYSxNJ501l9soUA0aAnEjEALw_wcB:G:s&s_kwcid=AL!4422!3!638364429346!e!!g!!aws%20s3!19096959014!142655567183",
"title": "Amazon Web Services S3",
"url": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html",
"type": "article"
},
{
"title": "Amazon Simple Storage Service Documentation",
"url": "https://docs.aws.amazon.com/s3/",
"type": "article"
},
{
@ -4677,7 +4814,7 @@
"description": "**OneDrive** is a cloud storage service provided by Microsoft that allows users to store, sync, and share files and folders online. It integrates seamlessly with Windows and Microsoft 365 applications, enabling users to access their data from any device with an internet connection. OneDrive offers features such as real-time collaboration, file versioning, and automatic backup, making it convenient for personal and professional use. It also provides options for sharing files with others and controlling access permissions, enhancing productivity and data management.\n\nLearn more from the following resources:",
"links": [
{
"title": "OneDrive Website",
"title": "Microsoft OneDrive",
"url": "https://onedrive.live.com",
"type": "article"
},
@ -4712,8 +4849,39 @@
},
"_RnuQ7952N8GWZfPD60sJ": {
"title": "Programming Skills",
"description": "Programming knowledge is a fundamental skill for professionals in the cybersecurity field, as it enables them to build, assess, and defend computer systems, networks, and applications. Having a strong foundation in programming languages, concepts, and techniques is essential for identifying potential security threats, writing secure code, and implementing robust security measures.\n\n* **Python**: As an easy-to-learn high-level language, Python is commonly used for tasks like automation, scripting, and data analysis. It also contains a plethora of libraries and frameworks for cybersecurity, making it highly valuable for security professionals.\n* **C/C++**: These two languages are foundational for understanding system and application-level vulnerabilities since most operating systems are written in C and C++. Knowledge of these languages allows cybersecurity experts to analyze source code, identify potential exploits, and create secure software.\n* **Java**: As a popular and versatile programming language, Java is often used in web applications and enterprise environments. Java knowledge equips cybersecurity professionals to understand and mitigate potential security flaws in Java-based applications.\n* **JavaScript**: With its ubiquity in modern web browsers, JavaScript is crucial for understanding and protecting against web security vulnerabilities, such as Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) attacks.\n* **Ruby**: Ruby has a strong foothold in web application development and is utilized for scripting and automation, just like Python. Familiarity with Ruby may give cybersecurity professionals an edge in certain environments.\n\nAcquiring programming knowledge in cybersecurity can help you stay on top of the latest threats, develop secure software, and implement effective countermeasures. As you progress in your cybersecurity career, you'll find that your programming skills will continually evolve and your understanding of various languages, concepts, and techniques will expand.",
"links": []
"description": "Programming knowledge is a fundamental skill for professionals in the cybersecurity field, as it enables them to build, assess, and defend computer systems, networks, and applications. Having a strong foundation in programming languages, concepts, and techniques is essential for identifying potential security threats, writing secure code, and implementing robust security measures.\n\n* **Python**: As an easy-to-learn high-level language, Python is commonly used for tasks like automation, scripting, and data analysis. It also contains a plethora of libraries and frameworks for cybersecurity, making it highly valuable for security professionals.\n* **C/C++**: These two languages are foundational for understanding system and application-level vulnerabilities since most operating systems are written in C and C++. Knowledge of these languages allows cybersecurity experts to analyze source code, identify potential exploits, and create secure software.\n* **Java**: As a popular and versatile programming language, Java is often used in web applications and enterprise environments. Java knowledge equips cybersecurity professionals to understand and mitigate potential security flaws in Java-based applications.\n* **JavaScript**: With its ubiquity in modern web browsers, JavaScript is crucial for understanding and protecting against web security vulnerabilities, such as Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) attacks.\n* **Ruby**: Ruby has a strong foothold in web application development and is utilized for scripting and automation, just like Python. Familiarity with Ruby may give cybersecurity professionals an edge in certain environments.\n\nVisit the following resources to learn more:",
"links": [
{
"title": "Visit Linux Roadmap",
"url": "https://roadmap.sh/linux",
"type": "article"
},
{
"title": "Visit Python Roadmap",
"url": "https://roadmap.sh/python",
"type": "article"
},
{
"title": "Visit C++ Roadmap",
"url": "https://roadmap.sh/cpp",
"type": "article"
},
{
"title": "Visit Java Roadmap",
"url": "https://roadmap.sh/java",
"type": "article"
},
{
"title": "Visit JavaScript Roadmap",
"url": "https://roadmap.sh/javascript",
"type": "article"
},
{
"title": "Visit Typescript Roadmap",
"url": "https://roadmap.sh/typescript",
"type": "article"
}
]
},
"XiHvGy--OkPFfJeKA6-LP": {
"title": "Python",
@ -4725,7 +4893,7 @@
"type": "course"
},
{
"title": "Python Roadmap",
"title": "Visit Dedicated Python Roadmap",
"url": "https://roadmap.sh/python",
"type": "article"
},
@ -4783,14 +4951,19 @@
"description": "C++ is a widely-used, high-level programming language that evolved from the earlier C programming language. Developed by Bjarne Stroustrup in 1985 at Bell Labs, C++ provides object-oriented features and low-level memory manipulation, making it an essential language for many fields, including game development, high-performance systems, and cybersecurity.\n\nLearn more form the following resources:",
"links": [
{
"title": "C++ Full Course - BroCode",
"url": "https://www.youtube.com/watch?v=-TkoO8Z07hI",
"type": "course"
"title": "Visit Dedicated C++ Roadmap",
"url": "https://roadmap.sh/cpp",
"type": "article"
},
{
"title": "C++ Introduction",
"url": "https://www.w3schools.com/cpp/cpp_intro.asp",
"type": "article"
},
{
"title": "C++ Full Course - BroCode",
"url": "https://www.youtube.com/watch?v=-TkoO8Z07hI",
"type": "video"
}
]
},
@ -4835,7 +5008,7 @@
"type": "article"
},
{
"title": "Microsoft's Official PowerShell Documentation",
"title": "Microsoft's PowerShell Documentation",
"url": "https://docs.microsoft.com/en-us/powershell/",
"type": "article"
},

35
public/roadmap-content/react.json
Unescape View File

@ -674,41 +674,6 @@
"title": "React Router — Official Website",
"url": "https://reactrouter.com/",
"type": "article"
},
{
"title": "Getting Started Guide",
"url": "https://reactrouter.com/en/main/start/tutorial",
"type": "article"
},
{
"title": "How to use React Router v6",
"url": "https://www.robinwieruch.de/react-router/",
"type": "article"
},
{
"title": "React Router Cheat Sheet",
"url": "https://devhints.io/react-router/",
"type": "article"
},
{
"title": "Explore top posts about React",
"url": "https://app.daily.dev/tags/react?ref=roadmapsh",
"type": "article"
},
{
"title": "Tanstack/Router — Official Website",
"url": "https://tanstack.com/router/latest/docs/framework/react/overview",
"type": "article"
},
{
"title": "React Router v6 in 1 hour",
"url": "https://youtu.be/0cSVuySEB0A",
"type": "video"
},
{
"title": "TanStack/Router - Complete Course",
"url": "https://www.youtube.com/watch?v=4sslBg8LprE&list=PLOQjd5dsGSxJilh0lBofeY8Qib98kzmF5",
"type": "video"
}
]
},

Write Preview
Loading…
Cancel
Save