# ThreatBasis

## Docs

- [Advanced RAG for Security](https://threatbasis.io/ai-knowledge/advanced-rag.md): Implementing Retrieval-Augmented Generation systems for security knowledge bases, threat intelligence, incident response, and security documentation.
- [AI Cost Optimization for Security Operations](https://threatbasis.io/ai-knowledge/ai-cost-optimization.md): Optimize costs for AI systems in security operations. Learn token management, model selection strategies, caching, batching, and cost governance for production LLM deployments in SOC and security engineering.
- [AI Evaluation & Testing for Security Systems](https://threatbasis.io/ai-knowledge/ai-evaluation-and-testing.md): Evaluate and test AI systems for security applications. Learn evaluation frameworks, benchmark design, regression testing, LLM-as-judge patterns, and quality assurance strategies for production security AI.
- [AI Guardrails & Safety Systems](https://threatbasis.io/ai-knowledge/ai-guardrails-and-safety.md): Implement safety guardrails for AI systems in security operations. Learn content filtering, output constraints, behavioral boundaries, and safety monitoring to prevent harmful AI actions.
- [AI Memory & State Management](https://threatbasis.io/ai-knowledge/ai-memory-and-state-management.md): Implement effective memory and state management for security AI systems. Learn conversation memory, investigation context persistence, and long-term knowledge retention patterns for security applications.
- [AI Model Selection for Security](https://threatbasis.io/ai-knowledge/ai-model-selection.md): Select the right LLM for security operations. Learn model evaluation criteria, capability assessment, deployment options, and selection frameworks for SOC automation and threat detection.
- [AI Observability & Monitoring for Security Operations](https://threatbasis.io/ai-knowledge/ai-observability-and-monitoring.md): Implement comprehensive observability for AI systems in security operations. Learn LLM monitoring strategies, performance tracking, cost analysis, quality evaluation, and debugging approaches for production AI deployments in SOC environments.
- [AI Orchestration for Security Operations](https://threatbasis.io/ai-knowledge/ai-orchestration-for-security.md): Learn how to implement AI agents and automated workflows for security operations. Reduce alert fatigue by 70%, accelerate incident response with multi-agent architectures, and build SOAR integrations with human-in-the-loop controls. Includes code examples and implementation patterns.
- [AI Red Teaming & Adversarial Testing](https://threatbasis.io/ai-knowledge/ai-red-teaming.md): Conduct red team assessments of AI systems. Learn methodologies for testing LLM security, adversarial prompt testing, model robustness evaluation, and building AI security testing programs.
- [AI Security Tooling Integration](https://threatbasis.io/ai-knowledge/ai-security-tooling-integration.md): Learn how to integrate LLMs with SIEM, SOAR, EDR, and security platforms. Reduce investigation time by 60%, automate alert enrichment, and build production-ready integrations with code examples and implementation patterns.
- [Context Window Management for Security AI](https://threatbasis.io/ai-knowledge/context-window-management.md): Master LLM context window management for security operations. Learn token optimization, sliding windows, hierarchical memory, and context strategies for processing security logs and threat intelligence.
- [Defending Against AI-Powered Threats](https://threatbasis.io/ai-knowledge/defending-against-ai-threats.md): Counter AI-powered cyberattacks including AI-generated phishing, deepfakes, and adaptive malware. Detection strategies and defensive countermeasures for security teams.
- [Embedding Models & Vector Search for Security](https://threatbasis.io/ai-knowledge/embedding-models-and-vector-search.md): Learn embedding models and vector search for security AI. Build semantic search over threat intelligence, incidents, and documentation with optimal retrieval strategies.
- [Fine-Tuning LLMs for Security Applications](https://threatbasis.io/ai-knowledge/fine-tuning-for-security.md): Learn when and how to fine-tune Large Language Models for security use cases including alert classification, threat analysis, and log parsing with LoRA and training data best practices.
- [AI Knowledge Base](https://threatbasis.io/ai-knowledge/introduction.md): Comprehensive knowledge base for applying AI and Large Language Models to security engineering, operations, and threat detection.
- [LLM Fundamentals for Security Engineers](https://threatbasis.io/ai-knowledge/llm-fundamentals-for-security.md): Master Large Language Model concepts for security. Learn tokenization, attention, model architectures, and reasoning capabilities to build effective AI security systems.
- [LLM Security Risks & Vulnerabilities](https://threatbasis.io/ai-knowledge/llm-security-risks.md): Understand security risks in Large Language Model deployments. Learn about prompt injection, data leakage, model manipulation, and emerging threats to AI-powered security systems.
- [Multi-Agent Security Systems](https://threatbasis.io/ai-knowledge/multi-agent-security-systems.md): Design and implement multi-agent AI architectures for security operations. Learn agent coordination patterns, task decomposition, and how to build collaborative AI systems for complex security workflows.
- [Prompt Engineering for Security](https://threatbasis.io/ai-knowledge/prompt-engineering-for-security.md): Security-specific prompt patterns, chain-of-thought reasoning for threat analysis, adversarial prompt testing, and defensive prompt design.
- [Prompt Injection Defense](https://threatbasis.io/ai-knowledge/prompt-injection-defense.md): Defend against prompt injection attacks in LLM applications. Learn detection techniques, prevention strategies, and defense-in-depth approaches for securing AI-powered security systems against adversarial inputs.
- [SIEM & LLM Integration](https://threatbasis.io/ai-knowledge/siem-llm-integration.md): Integrate Large Language Models with SIEM platforms for intelligent log analysis, natural language querying, and automated alert investigation. Learn integration patterns for Splunk, Elastic, Microsoft Sentinel, and other SIEM platforms.
- [SOAR AI Playbooks - Intelligent Security Automation](https://threatbasis.io/ai-knowledge/soar-ai-playbooks.md): Build intelligent SOAR playbooks with LLM integration for adaptive incident response and automated remediation.
- [Streaming & Real-Time AI for Security Operations](https://threatbasis.io/ai-knowledge/streaming-and-real-time-ai.md): Learn streaming architectures and latency optimization for processing security events with LLMs in real-time.
- [AI-Powered Threat Intelligence - Automation & Analysis](https://threatbasis.io/ai-knowledge/threat-intelligence-ai.md): Apply AI and LLMs to automate threat intelligence workflows, IOC analysis, and threat report generation.
- [Create Stormtrooper Record](https://threatbasis.io/api-reference/endpoint/create.md): Registers a new Imperial Stormtrooper in the personnel database
- [Decommission Imperial Asset](https://threatbasis.io/api-reference/endpoint/delete.md): Removes an Imperial asset from active service records
- [Get Imperial Fleet Data](https://threatbasis.io/api-reference/endpoint/get.md): Returns all Star Destroyers from the Imperial Fleet that the user has clearance to access
- [API Reference](https://threatbasis.io/api-reference/introduction.md): ThreatBasis API - Coming Soon
- [ThreatBasis - Security Engineering & Security Operations Knowledge Base](https://threatbasis.io/index.md): The comprehensive knowledge base for security engineering, security operations, and AI security. Expert guidance on SOC operations, cloud security, DevSecOps, incident response, threat hunting, and LLM security for practitioners.
- [Advanced Threat Detection](https://threatbasis.io/knowledge/advanced-threat-detection.md): Behavioral analytics, identity-centric detections, cloud-native TTPs, detections-as-code, and high-signal engineering.
- [Alert Disposition](https://threatbasis.io/knowledge/alert-disposition.md): The fundamental classification outcomes in security detection systems and their impact on operational effectiveness
- [Alert Tuning](https://threatbasis.io/knowledge/alert-tuning.md): Optimizing detection rules to balance threat detection with operational efficiency by minimizing false positives while maintaining security coverage.
- [API Security](https://threatbasis.io/knowledge/api-security.md): Designing secure REST/GraphQL APIs: authn/authz models, rate limits, data partitioning, OWASP API Top 10, and platform guardrails.
- [Application Security Testing](https://threatbasis.io/knowledge/application-security-testing.md): Integrating SAST, DAST, IAST, SCA, and pentesting into the SDLC with coverage metrics and risk-based gating.
- [Advanced Persistent Threats (APTs)](https://threatbasis.io/knowledge/apt.md): Understanding sophisticated, long-term cyberattacks by well-resourced threat actors targeting organizations for strategic intelligence gathering and critical infrastructure compromise.
- [Attack Surface Management](https://threatbasis.io/knowledge/attack-surface-management.md): Continuous discovery, classification, exposure reduction, and remediation workflows for internet- and cloud-facing assets.
- [AWS Security](https://threatbasis.io/knowledge/aws-security.md): IAM, Organizations/SCPs, VPC security, CloudTrail/Config, GuardDuty/Security Hub, KMS, and platform guardrails.
- [Azure Security](https://threatbasis.io/knowledge/azure-security.md): Entra ID (Azure AD), RBAC/PIM, Policies/Blueprints, vNet/Private Link, Key Vault, Defender for Cloud, and Sentinel.
- [Building Security Teams](https://threatbasis.io/knowledge/building-security-teams.md): Org design, hiring, leveling, operating principles, rotations, and career paths for high-impact security engineering.
- [Business Continuity & Disaster Recovery](https://threatbasis.io/knowledge/business-continuity-and-disaster-recovery.md): Designing, testing, and operating BCP/DRP with RTO/RPO targets, dependency mapping, immutable backups, and crisis management at scale.
- [Cloud Compliance & Governance](https://threatbasis.io/knowledge/cloud-compliance-and-governance.md): Cloud compliance frameworks, org policies, evidence-as-code, guardrails, and audit-ready operations.
- [Cloud-Native Security](https://threatbasis.io/knowledge/cloud-native-security.md): Serverless and managed services: function security, event-driven threats, CNAPP posture, and platform guardrails.
- [Cloud Security Fundamentals](https://threatbasis.io/knowledge/cloud-security-fundamentals.md): Shared responsibility, cloud security architecture, isolation, identity-first controls, and multi-tenancy risk reduction.
- [Cloud Security Monitoring](https://threatbasis.io/knowledge/cloud-security-monitoring.md): CSPM, CWPP, CIEM, cloud SIEM, analytics, and detections spanning control planes, workloads, and data planes in cloud.
- [Container & Kubernetes Security](https://threatbasis.io/knowledge/container-and-kubernetes-security.md): From images to runtime: registry hygiene, signing, admission control, RBAC, policies, network isolation, and runtime detection.
- [Container Security in DevOps](https://threatbasis.io/knowledge/container-security-in-devops.md): Image hygiene, registry security, admission controls, runtime policies, and feedback loops across the SDLC.
- [Cost Optimization for Security Data](https://threatbasis.io/knowledge/cost-optimization-for-security-data.md): Data value tiers, retention strategies, storage/compute separation, compression, sampling, and architectural cost levers.
- [Cryptographic Hashes](https://threatbasis.io/knowledge/cryptographic-hashes.md): Understanding how cryptographic hashes like MD5 and SHA256 are used in threat detection, malware analysis, and file integrity verification.
- [Data Encryption at Rest](https://threatbasis.io/knowledge/data-encryption-at-rest.md): Database, filesystem, and full disk encryption; envelope encryption; tokenization; cloud-native controls; rekeying strategies.
- [Data Loss Prevention (DLP)](https://threatbasis.io/knowledge/data-loss-prevention.md): Classification, policy design, inspection techniques, endpoint/network/cloud controls, and measurable outcomes for exfiltration risk.
- [Deception Technologies](https://threatbasis.io/knowledge/deception-technologies.md): Honeypots, honeytokens, canary creds, decoy services/documents, placement strategies, and measurement.
- [Defense in Depth](https://threatbasis.io/knowledge/defense-in-depth.md): A multi-layered cybersecurity strategy that employs overlapping security controls to provide comprehensive protection against evolving threats.
- [DevSecOps Pipeline Security](https://threatbasis.io/knowledge/devsecops-pipeline-security.md): Hardening CI/CD: runner isolation, secret hygiene, signed commits, artifact integrity, environment segregation, and least-privilege automation.
- [Digital Forensics](https://threatbasis.io/knowledge/digital-forensics.md): Evidence collection, analysis, tooling, chain of custody, cloud forensics, and legal considerations integrated with IR.
- [EC2 Instance Isolation](https://threatbasis.io/knowledge/ec2-isolation.md): A comprehensive reference for isolating EC2 instances in response to threat detection alerts using AWS-native security controls
- [Endpoint Security](https://threatbasis.io/knowledge/endpoint-security.md): EDR/XDR, device management, hardening, BYOD policies, and detection engineering for laptops, servers, and mobile devices.
- [Enterprise Security Architecture](https://threatbasis.io/knowledge/enterprise-security-architecture.md): SABSA, TOGAF security, capability models, governance, and operating models that scale across portfolios.
- [GitOps Security](https://threatbasis.io/knowledge/gitops-security.md): Securing declarative delivery: signed commits, branch protection, admission policies, controller hardening, and audit trails.
- [Google Cloud Security](https://threatbasis.io/knowledge/google-cloud-security.md): Cloud IAM, org policies, projects/folders, VPC-SC, Private Service Connect, SCC, Chronicle, and workload identity.
- [Hardware & Side-Channel Security](https://threatbasis.io/knowledge/hardware-and-side-channel-security.md): Threats from physical and microarchitectural channels, mitigations, TEEs/HSMs, and supply chain assurance.
- [High-Availability & DR for Security Systems](https://threatbasis.io/knowledge/high-availability-and-dr-for-security-systems.md): Availability models, failure domains, RPO/RTO, multi-region patterns, data integrity, and fail-safe design for security platforms.
- [Incident Response](https://threatbasis.io/knowledge/incident-response.md): Building effective incident response capabilities through preparation, detection, containment, eradication, recovery, and continuous improvement with proven frameworks and tools.
- [Infrastructure as Code Security](https://threatbasis.io/knowledge/infrastructure-as-code-security.md): Secure IaC workflows: scanning, policy-as-code, drift detection, module baselines, and safe change management.
- [Infrastructure Hardening](https://threatbasis.io/knowledge/infrastructure-hardening.md): Server/OS hardening, patch and configuration management, baseline enforcement, and secure platform operations.
- [Input Validation & Output Encoding](https://threatbasis.io/knowledge/input-validation-and-output-encoding.md): Prevent injection attacks with strict input validation and context-aware output encoding. Learn validation patterns, encoding techniques, and security controls for SQL injection, XSS, and command injection prevention.
- [Internal Security Platforms](https://threatbasis.io/knowledge/internal-security-platforms.md): Paved roads, shared controls, service APIs, golden paths, and productizing security for developers and operators.
- [IoT Security](https://threatbasis.io/knowledge/iot-security.md): Device identity, secure boot, firmware signing/updates, attestation, least privilege, and cloud onboarding at scale.
- [Key Management](https://threatbasis.io/knowledge/key-management.md): Key lifecycle, KMS/HSM, wrapping and rotation, escrow and backup, access control, logging, and ceremonies at scale.
- [Legal & Regulatory Considerations](https://threatbasis.io/knowledge/legal-and-regulatory-considerations.md): Data protection laws, breach notification, legal holds, eDiscovery, records retention, and regulatory reporting for engineers.
- [Mobile Application Security](https://threatbasis.io/knowledge/mobile-application-security.md): Guidance for iOS/Android: MASVS, secure storage, transport security, anti-tamper trade-offs, and pipeline practices.
- [Multi-Cloud Security](https://threatbasis.io/knowledge/multi-cloud-security.md): Cross-cloud identity, policy-as-code, posture mgmt, logging, encryption, and vendor risk across hybrid/multi-cloud estates.
- [Network Security Fundamentals](https://threatbasis.io/knowledge/network-security-fundamentals.md): Master network security with defense-in-depth strategies including micro-segmentation, Zero Trust architecture, firewalls, IDS/IPS, and encryption protocols for resilient enterprise networks.
- [OT/ICS Security - Industrial Control Systems Protection](https://threatbasis.io/knowledge/ot-ics-security.md): Learn OT and ICS security essentials including Purdue model segmentation, safety-first incident response, asset inventory, protocol-aware monitoring, and IEC 62443 compliance.
- [OWASP Top 10 & Web Application Vulnerabilities](https://threatbasis.io/knowledge/owasp-top-10-web-vulnerabilities.md): Mitigations and architectural patterns addressing modern web vulns: injection, XSS, broken access control, SSRF, deserialization, more.
- [Performance Engineering for Security Tools](https://threatbasis.io/knowledge/performance-engineering-for-security-tools.md): Latency, throughput, precision/recall trade-offs, data pipeline tuning, and capacity planning for security platforms.
- [Policy-as-Code & Continuous Control Monitoring (CCM)](https://threatbasis.io/knowledge/policy-as-code-and-ccm.md): Defining, enforcing, and evidencing controls as code across SDLC and runtime with automated, auditable checks.
- [Post-Quantum Cryptography](https://threatbasis.io/knowledge/post-quantum-cryptography.md): Quantum-resistant algorithms, hybrid migration strategies, crypto agility, and NIST PQC standardization timeline for practical adoption.
- [Privacy Engineering](https://threatbasis.io/knowledge/privacy-engineering.md): Privacy by design, data minimization, purpose limitation, de-identification, PETs (k-anonymity, DP), and practical governance for engineers.
- [Red, Blue, and Purple Teaming](https://threatbasis.io/knowledge/red-blue-purple-teaming.md): Offense-defense collaboration: objectives, rules of engagement, emulation plans, detection engineering, and measurable outcomes.
- [Regulatory Compliance Frameworks](https://threatbasis.io/knowledge/regulatory-compliance-frameworks.md): GDPR, HIPAA, PCI DSS, SOX, FISMA: mapping requirements to controls, evidence, and engineering workflows.
- [Resilience Engineering](https://threatbasis.io/knowledge/resilience-engineering.md): Fault tolerance, graceful degradation, chaos engineering, and recovery patterns to maintain security and availability under stress.
- [Risk Assessment Fundamentals](https://threatbasis.io/knowledge/risk-assessment-fundamentals.md): Approach to risk identification, analysis, and evaluation with FAIR, OCTAVE, and NIST methods; integrating risk into engineering and product decisions.
- [Risk Management Frameworks](https://threatbasis.io/knowledge/risk-management-frameworks.md): NIST RMF, ISO 31000, COSO: processes, roles, and artifacts that tie engineering risk to business decisions.
- [Scaling SOC Operations](https://threatbasis.io/knowledge/scaling-soc-operations.md): Org design, automation, specialization, metrics, and platform investments to scale detection and response nonlinearly.
- [Secrets Management](https://threatbasis.io/knowledge/secrets-management.md): Secret storage vs distribution, short-lived credentials, dynamic secrets, rotation, broker patterns, scanning, and auditing.
- [Secure Coding Practices](https://threatbasis.io/knowledge/secure-coding-practices.md): Language-agnostic principles, language-specific guardrails, and workflow integrations to make insecure code unmergeable.
- [Secure Software Architecture](https://threatbasis.io/knowledge/secure-software-architecture.md): Microservices, API gateways, service meshes, distributed systems, tenancy, and data-layer controls by design.
- [Secure Software Development Lifecycle](https://threatbasis.io/knowledge/secure-software-development-lifecycle.md): Embedding security into requirements, design, implementation, verification, release, and operations with policy- and test-driven controls.
- [Security Architecture Patterns](https://threatbasis.io/knowledge/security-architecture-patterns.md): Reusable secure design patterns, reference architectures, and security-by-design principles for cloud-native systems.
- [Security Architecture Review](https://threatbasis.io/knowledge/security-architecture-review.md): Assessment processes, artifacts, and integration with design reviews and threat modeling to deliver decision-quality risk insights.
- [Security Auditing & Assessment](https://threatbasis.io/knowledge/security-auditing-and-assessment.md): Internal/external audits, assessments, penetration tests, scope control, evidence handling, and continuous improvement.
- [Security Champions Program](https://threatbasis.io/knowledge/security-champions-program.md): Building a distributed security culture: recruiting, enablement, incentives, curriculum, and measurable impact.
- [Security Culture & Training](https://threatbasis.io/knowledge/security-culture-and-training.md): Embedding secure behavior: contextual training, paved roads, threat briefings, gamification, and outcome metrics.
- [Security Engineering Principles](https://threatbasis.io/knowledge/security-engineering-principles.md): Core security design principles (CIA, least privilege, fail secure, separation of duties, defense in depth) and how to encode them in modern architectures and engineering workflows.
- [Security Frameworks & Standards](https://threatbasis.io/knowledge/security-frameworks-and-standards.md): Mapping and operationalizing NIST CSF, ISO 27001/27002, CIS Controls, and COBIT into a coherent control system with evidence and automation.
- [Security Governance](https://threatbasis.io/knowledge/security-governance.md): Committees, decision rights, governance structures, board reporting, and executive communication aligned to risk.
- [Security Governance & Policy](https://threatbasis.io/knowledge/security-governance-and-policy.md): Designing governance structures, policy lifecycles, and decision rights that align security with business outcomes and engineering velocity.
- [Security Maturity Models](https://threatbasis.io/knowledge/security-maturity-models.md): CMMI, BSIMM, SAMM: assessing current state, setting target maturity, and building capability roadmaps with measurable outcomes.
- [Security Metrics & KPIs](https://threatbasis.io/knowledge/security-metrics-and-kpis.md): Outcome-oriented metrics for detection/response, vulnerability mgmt, identity, and control coverage that resist gaming and drive action.
- [Security Operations Center (SOC)](https://threatbasis.io/knowledge/security-operations-center.md): SOC design, staffing, playbooks, escalation, 24/7 operations, fusion with IR and threat intelligence, and platform choices.
- [Security Orchestration (SOAR)](https://threatbasis.io/knowledge/security-orchestration-automation.md): Automation workflows, enrichment, playbook design, case management, guardrails, and integration patterns to scale SOC operations.
- [Security Program Management](https://threatbasis.io/knowledge/security-program-management.md): Strategy, portfolio and funding, governance, metrics/OKRs, and operating models that convert risk into outcomes.
- [Security Requirements Engineering](https://threatbasis.io/knowledge/security-requirements-engineering.md): Eliciting, specifying, and validating security requirements via abuse cases, user stories, acceptance criteria, and policy-as-code.
- [Security Telemetry & Data Platform](https://threatbasis.io/knowledge/security-telemetry-and-data-platform.md): Collection, normalization, enrichment, storage, analytics, governance, and cost control for security data at scale.
- [Security Testing Automation](https://threatbasis.io/knowledge/security-testing-automation.md): Automated security gates and feedback loops: SAST/SCA/DAST/IAST/fuzz, coverage metrics, and failure policies that scale.
- [Security Tooling Strategy](https://threatbasis.io/knowledge/security-tooling-strategy.md): Portfolio strategy, build vs. buy, integration patterns, lifecycle management, TCO, and outcome-driven selection.
- [Session Management](https://threatbasis.io/knowledge/session-management.md): Designing secure sessions: cookies and tokens, rotation, revocation, fixation resistance, and CSRF/rehydration patterns.
- [SIEM & Log Management](https://threatbasis.io/knowledge/siem-and-log-management.md): Data sources, normalization, pipelines, correlation rules, use cases, storage strategies, and governance for high-signal logging.
- [Software Supply Chain Security](https://threatbasis.io/knowledge/software-supply-chain-security.md): Dependencies, SBOM, provenance (SLSA), signing, repository controls, build isolation, and deployment verification.
- [Stakeholder Communication](https://threatbasis.io/knowledge/stakeholder-communication.md): Board/executive updates, incident comms, customer trust, and writing with decision clarity under uncertainty.
- [Third-Party Risk Management](https://threatbasis.io/knowledge/third-party-risk-management.md): Vendor assessments, data and control requirements, contractual safeguards, continuous monitoring, and offboarding.
- [Threat Hunting](https://threatbasis.io/knowledge/threat-hunting.md): Hypothesis-driven hunting, ATT&CK mapping, data sources, tooling, automation, and measuring impact beyond detection counts.
- [Threat Modeling Methodologies](https://threatbasis.io/knowledge/threat-modeling-methodologies.md): STRIDE, PASTA, TRIKE, OCTAVE, attack trees, and data flow diagrams integrated into product and platform engineering.
- [Tactics, Techniques, and Procedures (TTPs)](https://threatbasis.io/knowledge/ttps.md): Understanding attacker behavior patterns through the MITRE ATT&CK framework to inform threat detection and defensive cybersecurity strategies.
- [VPN & Remote Access Security](https://threatbasis.io/knowledge/vpn-and-remote-access-security.md): Modern remote access: VPN technologies, ZTNA, device posture, split tunneling trade-offs, and secure remote work patterns.
- [Vulnerability Management](https://threatbasis.io/knowledge/vulnerability-management.md): Asset inventory, scanning, risk-based prioritization (CVSS/EPSS), remediation workflows, SLAs, exceptions, and zero-day response.
- [Zero Trust Architecture](https://threatbasis.io/knowledge/zero-trust-architecture.md): Principles and implementation strategies: never trust, always verify; least privilege; continuous evaluation; micro-segmentation; ZTNA.

## OpenAPI Specs

- [openapi](https://threatbasis.io/api-reference/openapi.json)

## Optional

- [About](https://threatbasis.io)
- [Community](https://discord.gg/HAVyDtUunu)
- [Author](https://richardackroyd.com)
- [Substack](https://threatbasis.substack.com)