🔍
Home Fundamentals
Core Concepts

Security Fundamentals

The concepts that underpin every compliance framework, architecture decision, and security control. Whether you are preparing for a SWIFT CSP assessment, designing a network, or just starting out — this is the foundation.

Framework-agnostic Practitioners and beginners Linked to real controls
Where to start
🔳
Why controls exist CIA Triad →
🚫
Modern access model Zero Trust →
🔐
How data stays private Encryption →
📡
Network architecture Network Security →
Core Topics 5 topics
🔳
CIA Triad

Confidentiality, Integrity, and Availability — the three properties every security control is built to protect. The foundation for understanding why controls exist.
🚫
Zero Trust

Never trust, always verify. Zero Trust is an architecture model that eliminates the assumption that anything inside a network is inherently safe.
🛡
Defense in Depth

Layered security controls so that if one layer fails, others remain. The principle behind why no single control is ever sufficient on its own.
🔐
Encryption

How data is made unreadable in transit and at rest. Covers symmetric and asymmetric encryption, TLS, key management, and common misconfigurations.
📡
Network Security

How networks are structured, segmented, and monitored to contain threats. A deep cluster covering firewalls, IDS/IPS, and DMZ architecture.

FirewallsIDS & IPSDMZ Architecture
About this section

Security fundamentals are the conceptual layer beneath every compliance framework. ISO 27001 requires access control — but why access control matters traces back to the CIA Triad. PCI DSS mandates network segmentation — but how to design it is a Defense in Depth question. Understanding the concepts makes the frameworks interpretable, not just checkable.

These pages are written for two audiences: practitioners who want clear reference material, and people newer to security who want rigorous explanations without unnecessary jargon. The goal is the same for both — build a mental model that lasts.

Deep topic cluster

Network Security

Network security is the largest topic cluster in this section. It covers how networks are built, how traffic is controlled, and how threats are detected at the perimeter and within. Three sub-pages go deep on the core building blocks.

Start with the overview →
Firewalls Stateful vs stateless, rule sets, placement IDS & IPS Detection vs prevention, signatures, tuning DMZ Architecture Perimeter zones, dual-firewall designs
Related sections
Frameworks
ISO 27001, PCI DSS, SWIFT CSP — how compliance frameworks apply these concepts.
Architecture
Visual reference for how these concepts translate into real network designs.
Professional Lane
SWIFT CSP, PCI DSS, and ISO 27001 — applied compliance for financial institutions.
ThreatManifest

Real-world cybersecurity — for professionals and people. From the assessment floor, not the textbook.

Professional
Security
Behind the Firewall
Learn
About
Credentials & Affiliations
SWIFT CSP Assessor CISA CEH ISO 27001 Lead Implementer CC (ISC2) 35 ISO 27001 Engagements 27+ PCI DSS ROCs
Affiliate Disclosure

Some articles on this site contain affiliate links. If you purchase a product through one of these links, Threat Manifest may earn a small commission — at no extra cost to you. We only recommend tools and services we have independently evaluated. Read full disclosure.

Privacy Policy Terms of Use Disclaimer Affiliate Disclosure Content Policy Accessibility
© 2026 Threat Manifest. All rights reserved.