What Is Threat Modelling? Thinking Like an Attacker, on Purpose
Threat modelling is the habit of asking what could go wrong before it does. A beginner friendly guide to the four questions and a simple framework for spotting weaknesses early.
Start here. Foundational lessons that assume nothing and build up to the real thing, written for people who want to actually understand, not just copy commands.
Threat modelling is the habit of asking what could go wrong before it does. A beginner friendly guide to the four questions and a simple framework for spotting weaknesses early.
A plain English primer on threat models: what BitLocker, FileVault, and LUKS defend against, what they quietly do not, and why 'encrypted' is not a yes or no answer.
The difference between an event, an alert, an incident, and a breach, plus the incident response lifecycle every team follows. A calm, beginner friendly explainer.
VPNs are sold as magic privacy shields. A clear headed beginner guide to what a VPN actually does, the legitimate uses, and the things it cannot do that the ads imply.
Most breaches exploit vulnerabilities that were already fixed. A beginner friendly guide to what patching is, why it matters so much, and how teams keep on top of it.
A firewall decides which network traffic is allowed and which is blocked. A beginner friendly guide to how firewalls work, the main types, and what they can and cannot protect.
Virus, worm, trojan, ransomware, spyware, rootkit. A beginner friendly guide to what malware is, the main families and how they differ, and the habits that keep it out.
Most breaches start with a message, not a hack. A beginner friendly guide to phishing and social engineering: the common types, the warning signs, and how to not take the bait.
Passwords get stolen constantly. Multifactor authentication is the cheap, powerful layer that keeps an attacker out even when they have your password. Here is how it works and which types to trust.
The one tool that fixes the biggest everyday security problem: reused and weak passwords. A beginner friendly guide to what a password manager is, how it works, and why to trust one.
A plain English walk through of what happens when you load an https site: the TLS handshake, how certificates prove identity, and why the padlock does not mean a site is safe.
Why storing passwords is harder than it looks, what a salt actually does, and why a fast hash like SHA-256 is the wrong tool for the job. A plain English primer for people learning security.
Every website visit starts with a lookup you never see. A beginner friendly guide to how DNS turns a name like holyghost.sh into an address, and why it matters for security.
From typing an address to seeing a page, a lot happens in a second. A beginner friendly walk through of clients, servers, requests, and responses, the mental model the rest of web security builds on.
The three ideas that make computer networking click: what an IP address is, what a port is, and what a protocol is. A beginner friendly foundation for everything else in security.
Confidentiality, integrity, availability. A beginner friendly guide to the model that quietly sits behind almost every security control, attack, and trade off.
Encryption in everyday language: what it means to scramble data, the difference between symmetric and asymmetric keys, how real systems combine both, and where you already rely on it every single day.
Cryptography is more than encryption. A beginner friendly guide to what it actually covers, and the difference between encrypting, hashing, signing, and encoding that trips almost everyone up.
Four words used constantly in security, and constantly confused. A simple analogy that makes the difference between threat, vulnerability, risk, and exploit stick for good.
The old model trusted anything inside the network. Zero trust throws that away and verifies every request, wherever it comes from. A beginner friendly guide to the idea and why it took over.
Those cryptic strings like rwxr-xr-x are simpler than they look. A beginner friendly guide to Linux file permissions, what the letters and numbers mean, and how to set them safely.
A Security Operations Centre is the people and tools that monitor, detect, and respond to threats around the clock. A beginner friendly guide to what a SOC does and who works in one.