Curated Security Resources
Curated Resources
Reference Library
A curated selection of authoritative external resources that I reference in my work and recommend to clients. Organized by domain, covering the standards, frameworks, and research that inform security architecture decisions in regulated environments.
Categories
General Cybersecurity
Resources covering current threats, defense strategies, security frameworks, and incident response.
- NIST Cybersecurity Framework
- MITRE ATT&CK
- ENISA Threat Landscape Report
- CISA Cybersecurity Best Practices
- SANS Information Security Resources
Mobile Platform Security
Best practices for securing mobile platforms, including threat modeling, storage security, and secure communication.
- OWASP Mobile Security Testing Guide (MSTG)
- Google Android Security & Privacy
- Apple Platform Security
- ENISA Mobile Threat Landscape
- OWASP MASVS (Mobile AppSec Verification Standard)
Cryptography & Post-Quantum Cryptography
Authoritative sources on cryptographic principles, PQC standardization, and secure implementations.
- NIST Post-Quantum Cryptography Project
- IETF Crypto Forum Research Group
- ENISA Guide on Cryptography
- RFC 9180: Hybrid Public Key Encryption (HPKE)
- Open Quantum Safe Project
Digital Payment
Security standards and best practices for payment architectures and transaction protection.
- PCI Security Standards Council
- ISO 20022 Financial Messaging
- EMVCo Technical Documentation
- SWIFT CSP (Customer Security Programme)
- Federal Reserve – Payment Security Research
Secure Application Development
Guidance on embedding security into SDLC, secure coding, dependency management, and testing.
- OWASP Top 10
- OWASP Software Assurance Maturity Model (SAMM)
- NIST Secure Software Development Framework (SSDF)
- CWE (Common Weakness Enumeration)
- Snyk Vulnerability Database
AI and Cybersecurity
Resources on securing AI systems, data protection, adversarial attacks, and responsible development.