Where every claim in SecProve
comes from.
A dense reading catalog. Every claim is footnoted. Sort by source, filter by pillar, type, or recency. Built for analysts who want to see what we are standing on.
Cloud-specific control framework with 197 controls across 17 domains. Mapped to NIST 800-53, ISO 27001, PCI DSS, GDPR. The reference for cloud-architecture control questions.
Test your knowledge · A25The systems-security-engineering doctrine: lifecycle processes, design principles, and assurance for trustworthy systems. The most rigorous federal reference for security architecture.
Test your knowledge · A25Business-driven security architecture framework. Six-layer model (contextual → operational) widely used in enterprise security architecture programs. Vendor-neutral; common in EA practice.
Test your knowledge · A25Authored by Adam Shostack and other practitioners. Defines values, principles, and patterns for effective threat modeling. The reference for "what is good threat modeling."
Test your knowledge · A25Five top-level principles (establish context, make compromise difficult, make disruption difficult, make compromise detection easier, reduce the impact of compromise) with sub-principles. Concise, vendor-neutral, widely cited in architecture practice.
Test your knowledge · A25Ready to test what you've learned?
Our questions are built directly from these resources. Take a quiz and see how your knowledge stacks up.