Notes (alphabetical)
Search to quickly find notes, articles, guides, and resources across the site.
Search to quickly find notes, articles, guides, and resources across the site.
The Continuous Audit Metrics Catalog, from the Cloud Security Alliance provides a set of metrics to help organisations continuously monitor and assess their cloud security posture. Further reading The Continuous Audit Metrics Catalog Related pages Cloud Security Alliance Cloud Control Matrix
The first line of defence in an organisation is responsible for owning and managing risks. This includes implementing and maintaining effective internal controls, and executing day-to-day operational activities to ensure compliance with policies and procedures. Related pages Three lines of defence Second line of defence
What is a Gilt? Gilts are bonds issued by the UK government to raise funds from investors. These securities are considered low-risk investments because they are backed by the UK government. Gilt holders receive regular coupon payments, which represent the interest earned on the bond. Gilts come in various forms, including conventional gilts (which pay a fixed coupon), and index-linked gilts (where the coupon and principal are linked to inflation). ...
Further reading Least privilege - NIST Glossary Enhance security with the principle of least privilege - Microsoft Learn Minimise the privilege and reach of applications - NCSC Principle of least privilege - Wikipedia
Model Context Protocol (MCP) is an open standard developed by Anthropic that defines how AI models share structured context - including messages, observations and actions - in a predictable and machine-readable way. Released in early 2024, MCP has been described as an “API for AI models”. However, describing it as just an API underplays its fundamental purpose: to provide a common, structured language for inter-model communication, which goes beyond a simple API call and introduces new considerations for systems design and governance. ...