Cybersecurity
Protecting systems, networks, and data from digital threats
Cybersecurity is the practice of protecting systems, networks, and data from digital attacks, unauthorized access, and damage. This hub builds from everyday risks (passwords, public WiFi) up through cryptography, web and cloud security, attack techniques, and incident response. The recurring theme is threat modeling: security reduces risk against a realistic set of attackers rather than achieving perfection, and every control is a trade-off between protection, cost, and usability.
How the Topics Fit Together
Effective security is layered — no single control is trusted to stop everything. This defense-in-depth model means an attacker who breaches one layer still faces the next. Each layer maps onto the guides in this hub:
flowchart TD
A["Attacker"] --> E["Edge: firewall / WAF / DDoS protection"]
E --> N["Network: segmentation, VPN, IDS/IPS"]
N --> C["Cloud & Host: IAM, posture, EDR, least privilege"]
C --> APP["Application: input validation, authn/authz"]
APP --> D["Data: encryption at rest & in transit"]
SOC["Security Operations: monitoring, detection, response"] -.watches.-> E
SOC -.watches.-> N
SOC -.watches.-> C
SOC -.watches.-> APP
style A fill:#ffebee,stroke:#c62828
style D fill:#e8f5e9,stroke:#2e7d32
style SOC fill:#e3f2fd,stroke:#1565c0
| Layer | Where it’s covered |
|---|---|
| Edge & Network | Attacks & Network Defense |
| Host & Cloud | Cloud & Container Security |
| Application | Application Security |
| Data (encryption) | Cryptography |
| Detection & Response | Security Operations |
| People & Privacy | Privacy Engineering |
Guides in This Hub
| Guide | What it covers |
|---|---|
| Cryptography | Symmetric and public-key encryption, ECC, post-quantum, zero-knowledge and homomorphic encryption, and the math behind RSA, elliptic curves, and secret sharing |
| Application Security | SQL injection, XSS, CSRF, authentication and session handling, JWTs, the OWASP Top 10, and secure-by-design development |
| Cloud & Container Security | Shared-responsibility model, IAM and identity, cloud posture management, container hardening, and Kubernetes workload security |
| Attacks & Network Defense | Firewalls, VPNs, and IDS/IPS; social engineering, supply chain and ransomware; side-channel and ML attacks |
| Security Operations & Response | Hub for running security day to day — the SOC, incident response, and compliance; branches into the three guides below |
| Incident Response & Forensics | When prevention fails: detect, contain, eradicate, recover, and run a blameless post-mortem |
| Security Operations | The SOC, SIEM pipelines, detection engineering, threat hunting, and offensive testing (pentests, red/blue/purple teams) |
| Compliance & Governance | Turning security into a program — frameworks, risk management, GDPR/PCI, people, and metrics |
| Privacy Engineering | Protecting people, not just data — privacy by design, data minimization, differential privacy, and legal obligations |
Your Digital Life Under Attack
Every day, you face security threats that most people don’t even realize exist. When you type your password into a website, how do you know someone isn’t watching? When you connect to public WiFi, who else might be listening? These aren’t abstract concerns—they’re real vulnerabilities that attackers exploit every day.
The Password Problem
Let’s start with something everyone uses: passwords. You’ve probably heard advice like “use strong passwords” and “don’t reuse them,” but understanding why reveals the first layer of cybersecurity.
Why Your Password Isn’t Safe
When you create an account on a website, your password needs to be stored somehow. But here’s the problem: if the website stores your actual password and gets hacked, every user’s password is exposed. This happened to LinkedIn in 2012, initially exposing 6.5 million password hashes (later revealed to affect ~117M accounts).
The solution? Hashing—a one-way mathematical function that transforms your password into a fixed-length string of characters. Even if hackers steal the database, they can’t reverse the hash to get your original password.
# This is what happens to your password
import hashlib
password = "MySecretPass123!"
hashed = hashlib.sha256(password.encode()).hexdigest()
print(f"Your password: {password}")
print(f"What gets stored: {hashed}")
# Output: What gets stored: 7a37b85c8918eac19a9089c0fa5a2ab4dce3f90528dcdeec108b23ddf3607b99
But wait—if the same password always produces the same hash, couldn’t attackers just compute hashes for common passwords and look them up? They could, and they do. These are called rainbow tables.
Adding Salt: Making Each Password Unique
To defeat rainbow tables, we add “salt”—random data mixed with your password before hashing. Now even if two users have the same password, their hashes are different:
import bcrypt
def secure_password_storage(password):
# CRITICAL: Never use SHA256 for password hashing - it's too fast!
# Use bcrypt, scrypt, or Argon2 instead.
#
# bcrypt generates a fresh random salt each call and embeds it in the
# output, so identical passwords still produce different hashes — and
# there is no separate salt to store. Cost factor 12 is a good default;
# raise it as hardware gets faster.
return bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt(rounds=12))
def verify_password(password, hashed):
# Re-derives the hash using the salt embedded in `hashed`, in constant time
return bcrypt.checkpw(password.encode('utf-8'), hashed)
# Even identical passwords get different hashes
pwd = "CommonPassword123"
hash1 = secure_password_storage(pwd)
hash2 = secure_password_storage(pwd)
print("Same password, different hashes:")
print(f"Hash 1: {hash1.decode()}")
print(f"Hash 2: {hash2.decode()}") # differs from hash1, yet both verify
But modern attackers have GPUs that can compute billions of hashes per second. This is why security experts now recommend specialized password hashing functions like bcrypt, scrypt, or Argon2 that are intentionally slow and memory-intensive, making brute-force attacks impractical.
The WiFi You’re Connected To
When you connect to a coffee shop’s WiFi, you’re essentially shouting your data across a crowded room. Anyone with the right tools can listen in. Here’s what an attacker might see:
# What an attacker sees on unsecured WiFi (simplified)
Packet captured: HTTP GET /login
Host: example-bank.com
Username: john.doe@email.com
Password: MyBankPassword123
This is why websites use HTTPS—the ‘S’ stands for Secure. But how does HTTPS actually protect you? That brings us to one of the most important concepts in cybersecurity: encryption, covered in depth in Cryptography.
Key Takeaways
- Basics stop most attacks. Strong unique passwords, MFA, encryption, and timely patching defeat the overwhelming majority of real-world intrusions.
- Defense in depth. No single control is perfect; layered, overlapping defenses ensure one failure does not become a full compromise.
- Think like an attacker. Understanding how injection, phishing, and lateral movement actually work is what lets you defend against them.
- Security is everyone’s job. Technology cannot protect against careless users — culture, training, and usable controls are part of the system.
- Plan for failure. Assume breaches will happen; detection, logging, and a rehearsed incident-response plan limit the damage when they do.
- It’s an ongoing journey. Every new technology brings new vulnerabilities and every defense spawns new attacks.
A practical starting checklist: enable MFA on important accounts, use a password manager, keep software updated, learn to recognize phishing, know what data you’re protecting, and rehearse incident response. Perfect security doesn’t exist, but every improvement makes you a harder target.
References and Further Reading
Getting Started
- “The Web Application Hacker’s Handbook” - Stuttard & Pinto
- “Practical Cryptography” - Ferguson & Schneier
- OWASP Top 10 - Essential web security risks
- SANS Reading Room - Free security papers
Intermediate Resources
- “Applied Cryptography” - Bruce Schneier
- “The Art of Software Security Assessment” - Dowd et al.
- “Network Security: Private Communication in a Public World” - Kaufman et al.
- Hack The Box - Hands-on penetration testing practice
Advanced Study
- “Introduction to Modern Cryptography” - Katz & Lindell
- “A Graduate Course in Applied Cryptography” - Boneh & Shoup
- “The Tangled Web” - Michal Zalewski
- Academic conferences: IEEE S&P, USENIX Security, CCS, NDSS
Staying Current
- Krebs on Security - Brian Krebs’ security journalism
- Schneier on Security - Bruce Schneier’s blog
- Google Project Zero - Cutting-edge vulnerability research
- The Hacker News - Daily security news
- SANS Internet Storm Center - Real-time threat intelligence
- Security podcasts: Darknet Diaries, Security Now, Risky Business, The CyberWire
Emerging Threats
- AI-Powered Attacks: Automated vulnerability discovery, deepfakes, prompt injection
- Ransomware Evolution: Double/triple extortion, RaaS sophistication
- Cloud Security: Misconfigurations remain #1 issue
- IoT/OT Security: Critical infrastructure targeting
- API Security: Now the #1 attack vector for web apps
Hands-On Learning
- CTF Platforms: PicoCTF, OverTheWire, HackTheBox, TryHackMe
- Bug bounty programs: HackerOne, Bugcrowd, Synack
- Cloud Security: AWS Security Hub, Azure Security Center labs
- Security certifications:
- Entry: Security+, CySA+
- Mid: CISSP, CEH, GSEC
- Advanced: OSCP, OSCE, SANS expert tracks
- Build your own lab: Docker containers for safe practice
See Also
The nine in-hub guides are listed in Guides in This Hub above. Related sections elsewhere on the site:
- Networking — the protocols and routing security defends
- AWS — cloud security controls and the shared-responsibility model
- Docker — container isolation and image security
- Kubernetes — orchestration and workload security
- Quantum Computing — post-quantum cryptography and quantum threats