Skip to content

tomwechsler/Cyber_and_Information_Security_Knowledge_Base

Repository files navigation

Cyber and Information Security Knowledge Base!

A structured knowledge base of cybersecurity and information security standards, frameworks, best practices, and guidelines. This repository is intended as a central reference for professionals, students, and organizations seeking structured, reliable, and vendor-neutral (Not always - but mostly) security knowledge. Covers key resources such as NIST, ISO/IEC, OWASP, CIS, ISACA, and more.


🌐 Overview

This repository provides structured documentation and explanations of widely adopted:

  • Security Standards
  • Frameworks
  • Best Practices
  • Guidelines
  • Reference Architectures

It includes resources from leading organizations such as:

  • NIST (National Institute of Standards and Technology)
  • ISO/IEC (International Organization for Standardization / International Electrotechnical Commission)
  • OWASP (Open Worldwide Application Security Project)
  • CIS (Center for Internet Security)
  • ISACA (Information Systems Audit and Control Association)
  • ENISA (European Union Agency for Cybersecurity)
  • And more...

📚 Contents

The repository is organized into sections for clarity and ease of use (just an example):

📁 frameworks/
└── NIST-CSF.md
└── ISO-27001.md
└── COBIT.md

📁 guidelines/
└── OWASP-Top10.md
└── CIS-Controls.md
└── ENISA-Guidelines.md

📁 best-practices/
└── Secure-Coding.md
└── Incident-Response.md
└── Cloud-Security.md

📁 mappings/
└── NIST-to-ISO27001.md
└── OWASP-vs-CIS.md

Each document includes:

  • A summary of the standard/framework
  • Core components and structure
  • Key use cases and applicability
  • Links to original resources
  • Cross-references or mappings (where applicable)

🎯 Target Audience

This knowledge base is intended for:

  • Cybersecurity Professionals
  • Information Security Analysts
  • GRC (Governance, Risk, Compliance) Practitioners
  • IT Auditors and Consultants
  • Developers and DevSecOps Engineers
  • Students and Educators

✅ Objectives

  • 📖 Provide clear, practical explanations of major standards and practices
  • 🌍 Offer vendor-neutral, community-accessible knowledge
  • 🔗 Connect frameworks through cross-mappings and comparisons
  • 📈 Support security program development, audits, and compliance efforts

📄 License

This project is licensed under the GNU General Public License v3.0. You are free to use, copy, and modify the contents for personal, academic, or commercial use with attribution.


🔗 Resources


🤝 Acknowledgements

Special thanks to the global cybersecurity community and standardization bodies whose open resources and efforts support this work.


Feel free to ⭐️ star this repository if you find it useful, and stay secure!

About

A structured knowledge base of cybersecurity and information security standards, frameworks, best practices, and guidelines. Covers key resources such as NIST, ISO/IEC, OWASP, CIS, ISC2, ISACA, and more — to support professionals, students, and organizations in building a solid foundation for secure systems, compliance, and risk management.

Topics

Resources

License

Stars

17 stars

Watchers

3 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors