01Fundamentals of CybersecurityCybersecurity Learning PathFundamentals of CybersecurityCore ideas for beginners: security goals, risks, threats, vulnerabilities, controls, and attack surfaces.OutcomeBuild the vocabulary and mental models used by every later topic.Start fundamentalsBrowse glossary
02Network SecurityCore systemsPacketsNetwork SecurityTCP/IP, firewalls, VPNs, IDS/IPS, segmentation, wireless security, and defensive monitoring.OutcomeUnderstand traffic, segmentation, VPNs, firewalls, IDS/IPS, and wireless defense.Open pillar
03Operating Systems HardeningCore systemsHostsOperating Systems HardeningLinux and Windows hardening, permissions, audit logging, service reduction, and secure baselines.OutcomeReduce system risk through baselines, permissions, logging, and service hardening.Open pillar
04Application SecurityBuild safelySoftwareApplication SecurityOWASP risks, secure coding, input validation, API security, authentication, and testing practices.OutcomeRecognize application risk across OWASP, APIs, authentication, and secure coding.Open pillar
05Malware & ThreatsUnderstand threatsThreatsMalware & ThreatsMalware families, ransomware, threat actors, indicators of compromise, and defensive analysis.OutcomeRead malware behavior, threat actors, ransomware patterns, and indicators of compromise.Open pillar
06Identity & Access ControlControl accessIdentityIdentity & Access ControlAuthentication, MFA, authorization, privilege, credential handling, SSO, and account recovery.OutcomeDesign identity, MFA, privilege, SSO, credentials, and account recovery controls.Open pillar
07Incident ResponseOperate securityResponseIncident ResponsePreparation, detection, containment, forensics, recovery, and post-incident improvement.OutcomeMove from detection to containment, forensics, recovery, and post-incident learning.Open pillar
08Governance & ComplianceLead programsGovernanceGovernance & CompliancePolicies, risk management, GDPR, NIS2, audits, breach notification, and operational accountability.OutcomeConnect risk, policy, audits, GDPR, NIS2, and breach notification to real operations.Open pillar