https://github.com/madetech/security-handbook

Made Tech Security Handbook for Engineers
https://github.com/madetech/security-handbook

Last synced: 3 months ago
JSON representation

Made Tech Security Handbook for Engineers

• Host: GitHub
• URL: https://github.com/madetech/security-handbook
• Owner: madetech
• Created: 2023-09-20T10:25:29.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2025-07-25T11:02:15.000Z (11 months ago)
• Last Synced: 2026-01-15T17:57:30.390Z (5 months ago)
• Homepage: https://madetech.github.io/security-handbook/
• Size: 1.71 MB
• Stars: 2
• Watchers: 15
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# 📖 Security Handbook

## FAQ

- [How do I classify data correctly?](faq/how-do-I-classify-data-correctly.md)

- [What is a Security Incident Management Plan?](faq/what_is_a_simp.md)

## 🏫 Learning Paths

- [Threat Modelling](learning_paths/threat_modelling.md)

- [Security Journey](learning_paths/security_journey.md)

## 🗣️ Security COP talks (Made Tech internal only videos)

- [A Cyber Security showcase by Arnie Armstrong](https://drive.google.com/file/d/1QOXis-2hGmafHxZ4VoQ3ni_qBKlh2O5N/view?usp=drive_link)

- [Live demonstration of hacking challenge by Arnie Armstrong](https://drive.google.com/file/d/1E-c3nn8ROS5jB0ZAGHBMDZ1k7WyMNMsX/view?usp=drive_link)

- [Security Assurance Across Government by Reuben Hilyer](https://drive.google.com/file/d/1BfUJVJSYhHrvd7VSMb90B17Tm5xdMYOK/view?usp=drive_link), [Deck](https://docs.google.com/presentation/d/1lSuIpnreSQg-LYiEfc1IYgTO0ZaQkEqROu4uMjtV3iA/edit?usp=drive_link)

## 🌐 Our Blogs

- [Is your technical architecture driving the right outcomes](https://www.madetech.com/blog/is-your-technical-architecture-driving-the-right-outcomes/?utm_content=305104948&utm_medium=social&utm_source=linkedin&hss_channel=lcp-276725)

## 📚 Runbooks

- [Threat Management Checkpoints](https://docs.google.com/document/d/10OPig5LFZLqQ1UB68HUYzokrlNh8iw0jeW2JOuNQ9mY/edit?usp=sharing)

- [Cloud Service Checkpoints](https://docs.google.com/document/d/1QKoROm68BQFwPWlXCKabHTFHZrS_JGp-Cup53_pg5RM/edit?usp=sharing)

- [Secure By Design Checklist (Copy of Cabinet Office Form)](https://docs.google.com/document/d/1vSU56GYgjBC-w7h1Vz5h_5wt2H5Mx9twJHyj0RUL_Hg/edit?usp=sharing)

- [Secure by Design Tracker - Gov.uk link](https://www.security.gov.uk/policy-and-guidance/secure-by-design/activities/tracking-secure-by-design-progress/)

## 🌐 Learning Resources

- [Security Journey - Made Tech funded online training](https://madetech.securityjourney.com/)

- [Secure development and deployment guidance](https://www.ncsc.gov.uk/collection/developers-collection)

- [NCSC - Secure by Default](https://www.ncsc.gov.uk/information/secure-default)

- [The cloud security principles - NCSC.GOV.UK ](https://www.ncsc.gov.uk/collection/cloud/the-cloud-security-principles)

- [Bow Ties and Attack Trees for Risk](https://www.2t-security.com/bow-ties-and-attack-trees-for-risk/)

- [Intro to threat modelling by Cormac Brady](https://docs.google.com/presentation/d/1vWb-hk7vrF5S3yhEdCSpRS3CmHIB_hza0j2uEBxRDX0/edit#slide=id.g7f1ca5d94a_1_3)

- [Intro to threat modelling by Lawrence Goldstein](https://docs.google.com/presentation/d/131kbL6icdycy7Ee-E5CfIil6OLrAOJ922O9e__ss-Fw/edit#slide=id.gc07cbd5c3a_0_0)

## ⚒️ Principles, Processes, Standards and Tools

- [DevSecOps Approach](standards/dev_sec_ops.md)

- [DevSecOps Pipeline Tools](standards/dev_sec_ops_tools.md)

- [Threat Management Approaches](standards/threat_management.md)

- [CIS 18 Security Controls](https://www.cisecurity.org/controls/cis-controls-list)

- [Risk Assessment template document](https://docs.google.com/document/d/1MqoJB2XPtNwc2ilV8jIW-P07qnAXQldMRBDrzU2Ap48/edit?usp=sharing)

- [Threat Modeling MIRO Template](https://miro.com/app/board/uXjVJdRvOfI=/)