Updating develop to the new and more humane beginning of a written Opsec Framework

src/SUMMARY.md

@@ -4,7 +4,7 @@
 - [How to Navigate the Website](./intro/how-to-navigate-the-website.md)
 - [Overview of Each Framework](./intro/overview-of-each-framework.md)
 
 # Frameworks
 
 - [Community Management](./community-management/README.md)
   - [Discord](./community-management/discord.md)
@@ -17,21 +17,28 @@
   - [Cultivating a Security-Aware Mindset](./awareness/cultivating-a-security-aware-mindset.md)
   - [Staying Informed & Continuous Learning](./awareness/staying-informed-and-continuous-learning.md)
   - [Resources & Further Reading](./awareness/resources-and-further-reading.md)
-- [Operational Security](./operational-security/README.md)
-  - [Detecting and Mitigating Insider Threats](./operational-security/detecting-and-mitigating-insider-threats.md)
-  - [G Suite Security](./operational-security/g-suite-security.md)
-  - [Password and Secrets Management](./operational-security/password-secrets-management.md)
-  - [Physical Security](./operational-security/physical-security.md)
-  - [SIM Swapping](./operational-security/sim-swapping.md)
-  - [Standard Operating Environment](./operational-security/standard-operating-environment.md)
-  - [Telegram](./operational-security/telegram.md)
-  - [Wireless Security](./operational-security/wireless-security.md)
-- [Key Management](./key-management/README.md)
-  - [Cold vs Hot Wallet](./key-management/cold-vs-hot-wallet.md)
-  - [Custodial vs Non-Custodial](./key-management/custodial-vs-non-custodial.md)
-  - [Hardware Wallets](./key-management/hardware-wallets.md)
-  - [Signing Schemes](./key-management/signing-schemes.md)
-  - [Software Wallets](./key-management/software-wallets.md)
+- [Operational Security](./opsec/README.md)
+  - [Core principles](./opsec/principles/README.md)  
+    - [Principles in detail](./opsec/principles/principles.md)
+    - [The five steps](./opsec/principles/five-steps.md)
+    - [Web3 considerations](./opsec/principles/web3-considerations.md)
+  - [Threat Modeling overview](./opsec/threat-modeling-overview.md)
+  - [Risk Management](./opsec/risk-management.md)  
+  - [Governance & Program Management]()  
+
+  - [Control Domains]()
+  - [Lifecycle]()
+  - [Monitoring & Detection]()
+  - [Incident Response & Recovery]()
+  - [Continuous Improvement & Metrics]()
+  - [Integration & Mapping to Other Frameworks]()
+  - [Appendices]()
+- [Wallet Security](./wallet-security/README.md)
+  - [Cold vs Hot Wallet](./wallet-security/cold-vs-hot-wallet.md)
+  - [Custodial vs Non-Custodial](./wallet-security/custodial-vs-non-custodial.md)
+  - [Hardware Wallets](./wallet-security/hardware-wallets.md)
+  - [Signing Schemes](./wallet-security/signing-schemes.md)
+  - [Software Wallets](./wallet-security/software-wallets.md)
 - [External Security Reviews](./external-security-reviews/README.md)
   - [Expectation](./external-security-reviews/expectation.md)
   - [Preparation](./external-security-reviews/preparation.md)
@@ -128,7 +135,7 @@
   - [Partition Encryption](./encryption/partition-encryption.md)
   - [Volume Encryption](./encryption/volume-encryption.md)
 
 
 # About this
 
 - [What It Is](./intro/what-is-it.md)

src/community-management/README.md

@@ -20,7 +20,7 @@ Here, we present essential best practices to safeguard your community. In the fo
 
 ### Strong Passwords and Two-Factor Authentication (2FA)
 
-- Use unique, complex passwords for each service and store them securely in a reputable password manager. Refer to the [**Operational Security Framework**](../operational-security/README.md) and [**Key Management Framework**](../key-management/README.md) for more information on this.
+- Use unique, complex passwords for each service and store them securely in a reputable password manager. Refer to the [**Operational Security Framework**](../operational-security/README.md) and [**Wallet Security Framework**](../wallet-security/README.md) for more information on this.
 - Secure the email account linked to your community platforms with a unique password and 2FA.
 - Always enable 2FA. Prefer hardware-based tokens (e.g., Yubikey) or mobile authenticator apps over SMS-based methods, which are vulnerable to SIM-swapping.
 - If you use an authenticator app like Authy, 1Password, or Aegis to generate time-based one-time passwords (TOTP). Ensure that the secret keys are stored encrypted and protected with robust security measures.

src/config/SUMMARY.md.develop

@@ -17,21 +17,28 @@
   - [Cultivating a Security-Aware Mindset](./awareness/cultivating-a-security-aware-mindset.md)
   - [Staying Informed & Continuous Learning](./awareness/staying-informed-and-continuous-learning.md)
   - [Resources & Further Reading](./awareness/resources-and-further-reading.md)
-- [Operational Security](./operational-security/README.md)
-  - [Detecting and Mitigating Insider Threats](./operational-security/detecting-and-mitigating-insider-threats.md)
-  - [G Suite Security](./operational-security/g-suite-security.md)
-  - [Password and Secrets Management](./operational-security/password-secrets-management.md)
-  - [Physical Security](./operational-security/physical-security.md)
-  - [SIM Swapping](./operational-security/sim-swapping.md)
-  - [Standard Operating Environment](./operational-security/standard-operating-environment.md)
-  - [Telegram](./operational-security/telegram.md)
-  - [Wireless Security](./operational-security/wireless-security.md)
-- [Key Management](./key-management/README.md)
-  - [Cold vs Hot Wallet](./key-management/cold-vs-hot-wallet.md)
-  - [Custodial vs Non-Custodial](./key-management/custodial-vs-non-custodial.md)
-  - [Hardware Wallets](./key-management/hardware-wallets.md)
-  - [Signing Schemes](./key-management/signing-schemes.md)
-  - [Software Wallets](./key-management/software-wallets.md)
+- [Operational Security](./opsec/README.md)
+  - [Core principles](./opsec/principles/README.md)  
+    - [Principles in detail](./opsec/principles/principles.md)
+    - [The five steps](./opsec/principles/five-steps.md)
+    - [Web3 considerations](./opsec/principles/web3-considerations.md)
+  - [Threat Modeling overview](./opsec/threat-modeling-overview.md)
+  - [Risk Management](./opsec/risk-management.md)  
+  - [Governance & Program Management]()  
+
+  - [Control Domains]()
+  - [Lifecycle]()
+  - [Monitoring & Detection]()
+  - [Incident Response & Recovery]()
+  - [Continuous Improvement & Metrics]()
+  - [Integration & Mapping to Other Frameworks]()
+  - [Appendices]()
+- [Wallet Security](./wallet-security/README.md)
+  - [Cold vs Hot Wallet](./wallet-security/cold-vs-hot-wallet.md)
+  - [Custodial vs Non-Custodial](./wallet-security/custodial-vs-non-custodial.md)
+  - [Hardware Wallets](./wallet-security/hardware-wallets.md)
+  - [Signing Schemes](./wallet-security/signing-schemes.md)
+  - [Software Wallets](./wallet-security/software-wallets.md)
 - [External Security Reviews](./external-security-reviews/README.md)
   - [Expectation](./external-security-reviews/expectation.md)
   - [Preparation](./external-security-reviews/preparation.md)

src/config/SUMMARY.md.main

@@ -17,31 +17,130 @@
   - [Cultivating a Security-Aware Mindset](./awareness/cultivating-a-security-aware-mindset.md)
   - [Staying Informed & Continuous Learning](./awareness/staying-informed-and-continuous-learning.md)
   - [Resources & Further Reading](./awareness/resources-and-further-reading.md)
-- [Operational Security]()
-- [Key Management]()
-- [External Security Reviews]()
-- [Vulnerability Disclosure]()
-- [Infrastructure]()
-- [Monitoring]()
-- [Front-End/Web Application]()
-- [Incident Management]()
-- [Threat Modeling]()
-- [Governance]()
-- [DevSecOps]()
-- [Privacy]()
-- [Supply Chain]()
-- [Security Automation]()
-- [Identity and Access Management IAM]()
-- [Secure Software Development]()
-- [Security Testing]()
+- [Operational Security](./opsec/README.md)
+  - [Fundamentals](./opsec/fundamentals.md)
+  - [Governance & Program Management](./opsec/governance.md)
+  - [Risk Management](./opsec/risk-management.md)
+  - [Control Domains](./opsec/control-domains.md)
+    - [Organizational Controls](./opsec/control-domains/organizational.md)
+    - [People & Personnel](./opsec/control-domains/people.md)
+    - [Physical & Environmental](./opsec/control-domains/physical-environmental.md)
+    - [Technical & Digital](./opsec/control-domains/technical.md)
+  - [Lifecycle](./opsec/lifecycle.md)
+    - [Identify Information & Assets](./opsec/lifecycle/identify.md)
+    - [Threat Modeling & Analysis](./opsec/lifecycle/threat-modeling.md)
+    - [Vulnerability Assessment](./opsec/lifecycle/vulnerability-assessment.md)
+    - [Risk Assessment & Prioritization](./opsec/lifecycle/risk-prioritization.md)
+    - [Countermeasure Selection & Implementation](./opsec/lifecycle/countermeasures.md)
+  - [Monitoring & Detection](./opsec/monitoring-detection.md)
+  - [Incident Response & Recovery](./opsec/incident-response.md)
+  - [Continuous Improvement & Metrics](./opsec/continuous-improvement.md)
+  - [Integration & Mapping to Other Frameworks](./opsec/integration.md)
+  - [Appendices](./opsec/appendices.md)
+    - [Policy & Template Library](./opsec/appendices/policies.md)
+    - [Case Studies & Exercises](./opsec/appendices/case-studies.md)
+    - [Glossary of Terms](./opsec/appendices/glossary.md)
+- [Wallet Security](./wallet-security/README.md)
+  - [Cold vs Hot Wallet](./wallet-security/cold-vs-hot-wallet.md)
+  - [Custodial vs Non-Custodial](./wallet-security/custodial-vs-non-custodial.md)
+  - [Hardware Wallets](./wallet-security/hardware-wallets.md)
+  - [Signing Schemes](./wallet-security/signing-schemes.md)
+  - [Software Wallets](./wallet-security/software-wallets.md)
+- [External Security Reviews](./external-security-reviews/README.md)
+  - [Expectation](./external-security-reviews/expectation.md)
+  - [Preparation](./external-security-reviews/preparation.md)
+  - [Security Policies and Procedures](./external-security-reviews/security-policies-procedures.md)
+  - [Vendor Selection](./external-security-reviews/vendor-selection.md)
+- [Vulnerability Disclosure](./vulnerability-disclosure/README.md)
+  - [Security Contact](./vulnerability-disclosure/security-contact.md)
+  - [Bug Bounties](./vulnerability-disclosure/bug-bounties.md)
+- [Infrastructure](./infrastructure/README.md)
+  - [Asset Inventory](./infrastructure/asset-inventory.md)
+  - [Cloud Infrastructure](./infrastructure/cloud.md)
+  - [DDoS Protection](./infrastructure/ddos-protection.md)
+  - [DNS and Domain Registration](./infrastructure/dns-and-domain-registration.md)
+  - [Identity and Access Management](./infrastructure/identity-and-access-management.md)
+  - [Network Security](./infrastructure/network-security.md)
+  - [Operating System Security](./infrastructure/operating-system-security.md)
+  - [Zero-Trust Principles](./infrastructure/zero-trust-principles.md)
+- [Monitoring](./monitoring/README.md)
+  - [Guidelines](./monitoring/guidelines.md)
+  - [Thresholds](./monitoring/thresholds.md)
+- [Front-End/Web Application](./front-end-web-app/README.md)
+  - [Web Application Security](./front-end-web-app/web-application-security.md)
+  - [Mobile Application Security](./front-end-web-app/mobile-application-security.md)
+  - [Common Vulnerabilities](./front-end-web-app/common-vulnerabilities.md)
+  - [Security Tools and Resources](./front-end-web-app/security-tools-resources.md)
+- [Incident Management](./incident-management/README.md)
+  - [Communication Strategies](./incident-management/communication-strategies.md)
+  - [Incident Detection and Response](./incident-management/incident-detection-and-response.md)
+  - [Lessons Learned](./incident-management/lessons-learned.md)
+  - [Playbooks](./incident-management/playbooks.md)
+  - [SEAL 911 War Room Guidelines](./incident-management/seal-911-war-room-guidelines.md)
+- [Threat Modeling](./threat-modeling/README.md)
+  - [Create and Maintain Threat Models](./threat-modeling/create-maintain-threat-models.md)
+  - [Identity Mitigate Threats](./threat-modeling/identity-mitigate-threats.md)
+- [Governance](./governance/README.md)
+  - [Compliance with Regulatory Requirements](./governance/compliance-regulatory-requirements.md)
+  - [Risk Management](./governance/risk-management.md)
+  - [Security Metrics and KPIs](./governance/security-metrics-kpis.md)
+- [DevSecOps](./devsecops/README.md)
+  - [Code Signing](./devsecops/code-signing.md)
+  - [Continuous Integration and Deployment](./devsecops/continuous-integration-continuous-deployment.md)
+  - [Integrated Development Environments](./devsecops/integrated-development-environments.md)
+  - [Repository Hardening](./devsecops/repository-hardening.md)
+  - [Security Testing](./devsecops/security-testing.md)
+- [Privacy](./privacy/README.md)
+  - [Secure Browsing](./privacy/secure-browsing.md)
+  - [Data Removal Services](./privacy/data-removal-services.md)
+  - [Digital Footprint](./privacy/digital-footprint.md)
+  - [Encrypted Communication Tools](./privacy/encrypted-communication-tools.md)
+  - [Financial Privacy Services](./privacy/financial-privacy-services.md)
+  - [Privacy-Focused Operating Systems and Tools](./privacy/privacy-focused-operating-systems-tools.md)
+  - [VPN Services](./privacy/vpn-services.md)
+- [Supply Chain](./supply-chain/README.md)
+  - [Dependency Awareness](./supply-chain/dependency-awareness.md)
+  - [Supply Chain Levels for Software Artifacts](./supply-chain/supply-chain-levels-software-artifacts.md)
+- [Security Automation](./security-automation/README.md)
+  - [Threat Detection and Response](./security-automation/threat-detection-response.md)
+  - [Compliance Checks](./security-automation/compliance-checks.md)
+  - [Infrastructure as Code](./security-automation/infrastructure-as-code.md)
+- [Identity and Access Management IAM](./iam/README.md)
+  - [Role-Based Access Control](./iam/role-based-access-control.md)
+  - [Secure Authentication](./iam/secure-authentication.md)
+  - [Access Management Best Practices](./iam/access-management.md)
+- [Secure Software Development](./secure-software-development/README.md)
+  - [Secure Coding Standards Guidelines](./secure-software-development/secure-coding-standards-guidelines.md)
+  - [Code Reviews and Peer Audits](./secure-software-development/code-reviews-peer-audits.md)
+  - [Secure Code Repositories and Version Control](./secure-software-development/secure-code-repositories-version-control.md)
+  - [Threat Modeling and Secure Design Principles](./secure-software-development/threat-modeling-secure-design-principles.md)
+- [Security Testing](./security-testing/README.md)
+  - [Dynamic Application Security Testing](./security-testing/dynamic-application-security-testing.md)
+  - [Fuzz Testing](./security-testing/fuzz-testing.md)
+  - [Security Regression Testing](./security-testing/security-regression-testing.md)
+  - [Static Application Security Testing](./security-testing/static-application-security-testing.md)
 - [ENS](./ens/README.md)
   - [Data Integrity & Verification](./ens/data-integrity-verification.md)
   - [Cross-Chain Compatibility](./ens/cross-chain-compatibility.md)
   - [Smart Contract Integration](./ens/smart-contract-integration.md)
   - [Interface Compliance](./ens/interface-compliance.md)
   - [Name Handling & Normalization](./ens/name-handling-normalization.md)  
-- [Safe Harbor]()
-- [Encryption]()
+- [Safe Harbor](./safe-harbor/README.md)
+  - [Key Terms](./safe-harbor/key-terms.md)
+  - [Protocol](./safe-harbor/protocol.md)
+  - [Technical Outline](./safe-harbor/technical-outline.md)
+  - [Whitehat](./safe-harbor/whitehat.md)
+- [Encryption](./encryption/README.md)
+  - [Cloud Data Encryption](./encryption/cloud-data-encryption.md)
+  - [Communication Encryption](./encryption/communication-encryption.md)
+  - [Database Encryption](./encryption/database-encryption.md)
+  - [Email Encryption](./encryption/email-encryption.md)
+  - [Encryption in Transit](./encryption/encryption-in-transit.md)
+  - [File Encryption](./encryption/file-encryption.md)
+  - [Full Disk Encryption](./encryption/full-disk-encryption.md)
+  - [Hardware Encryption](./encryption/hardware-encryption.md)
+  - [Partition Encryption](./encryption/partition-encryption.md)
+  - [Volume Encryption](./encryption/volume-encryption.md)
 
 # About this
 

src/config/template.md

@@ -0,0 +1,70 @@
+---
+tags:
+  - Security Specialist
+  - Operations & Strategy
+  - Community & Marketing
+  - HR
+  - Engineer/Developer
+contributors:
+  - role: wrote
+    users: [mattaereal]
+  - role: reviewed
+    users: []
+  - role: fact-checked
+    users: []
+---
+
+# {{ Title of this Page }}
+
+
+Key Takeaway prompt: Without removing or modifying anything in the document, just after the heading, describe in a succint way (no more than 40 words), all the key points or tl;dr so that anyone can get a good grasp of the contents just by reading it. Don't add unnecessary sentences that sound like conclusions, like "By ensuring this..." "Doing all these...", "Having these security practinces...". Use the following format > 🔑 **Key Takeaway**: 
+
+[Context / Problem statement. In this first part, we introduce the topic, in no more than a few paragraphs. For example for Threat Modeling inside Operational Security Framework: "Effective security requires understanding **what you're protecting and who you're protecting it from**. Without a structured threat model, security efforts become unfocused and inefficient. Different entities face different threats based on their assets, visibility, and technological footprint." It can be this short, or it can have more context]
+
+## Practical guidance
+
+1. **Step-by-Step Actions** – numbered list users can follow.  
+2. **Best-Practice Checklist** – bullet list they can literally tick.  
+3. **Role-Based Tips** – highlight differences for Ops, HR, Dev, etc.  
+(This mirrors OWASP Cheat Sheet brevity.)
+
+## Why is it important
+
+Explain consequences of ignoring this guidance and link to real incidents or CISA/NIST advisories supporting each risk.
+
+## Implementation details
+
+| Sub-Topic | Related Page |
+|-----------|--------------|
+| Device Hardening | `../endpoint-security/...` |
+| Network Segmentation | `../network-security/...` |
+
+Cross-linking reduces duplication, following docs-as-code best practice.
+
+## 5  Common pitfalls & examples
+
+Real-world breach snippets or failure stories that illustrate mistakes to avoid.  <!-- :contentReference[oaicite:6]{index=6} -->
+
+## 6  Quick-reference / Cheat sheet
+
+A compact table or numbered list for on-the-job use, inspired by OWASP cheat sheets.  <!-- :contentReference[oaicite:7]{index=7} -->
+
+## 7  Further Reading & Tools
+
+Automatically generated from the `references:` field or add authoritative links here.
+
+<!--
+CITATION SOURCES
+turn0search0  Jekyll front-matter basics – validates YAML metadata structure.  
+turn0search2  NIST practice guides use an executive-summary section.  
+turn0search3  CISA report templates also open with Executive Summary.  
+turn0search4  OWASP Cheat Sheet series shows concise prescriptive guidance.  
+turn0search5  Kubernetes style guide recommends short sections & headings.  
+turn0search6  Google developer style guide echoes those principles.  
+turn0search7  Version-history tables are a best practice for change control.  
+turn0search8  Jekyll step-by-step docs reinforce YAML front-matter placement.  
+turn0search11 CISA advisories supply risk context references.  
+turn0search12 OWASP Cheat Sheet project cited for quick-reference idea.  
+turn0search13 Kubernetes “page content types” shows cross-linking strategy.  
+turn0search10 NIST CSF overview underpins risk-management rationale.
+-->