CDA frameworks, methodologies, and original intellectual property
39 total articles
Zero Possession Architecture (ZPA) is CDA's methodology for the `IAT` (Identity Access & Trust) domain.
The Table of Operations (TOP) is CDA's operational taxonomy of cybersecurity work: 94 named missions organized across six PDM domains and five campaign phases.
The Shield is CDA's primary diagnostic visualization for organizational security posture. It is a circular diagram with six concentric rings (one per PDM domain) divided into six radial segments (representing functional areas within each domain).
The Sovereign Data Protocol (SDP) is CDA's methodology for the `DPS` (Data Protection & Sovereignty) domain.
A campaign phase is a stage of cybersecurity program maturity. CDA organizes the complete journey from no formal security program to operational continuous defense into five phases: `C-RECON`, `C-BUILD`, `C-HARDEN`, `C-DRILL`, and `C-COMMAND`.
The Shield is CDA's primary diagnostic visualization. It is a circular diagram with six concentric rings and six radial segments, producing 36 scored cells that together represent the complete security posture of an organization.
CDA organizes all cybersecurity work into five campaign phases: C-RECON, C-BUILD, C-HARDEN, C-DRILL, and C-COMMAND.
Combining human manipulation with physical intrusion methods to test facility security controls and personnel responses.
Comprehensive adversary simulation combining physical intrusion, social engineering, and technical exploitation to test complete security posture.
Authorized assessment of physical security controls through simulated intrusion attempts targeting access controls and restricted areas.
CDA's strategic framework organizing security engagements into Wars, Campaigns, Missions, and Active Theaters for progressive defensive capability building.
CDA's structured progression system validating practitioner competency from M0 Sentry through M5 Commander across all six PDM domains.
CDA's methodology structuring every security engagement as defined missions with clear objectives, deliverables, and measurable outcomes for capability building.
CDA's approach to comprehensive defense by maintaining parallel coverage across all six PDM domains to prevent gaps adversaries exploit.
The Theater of Operations organizes all CDA cybersecurity work into 94 missions across 6 domains and 5 campaign phases.
How CDA maps campaign tiers to access levels, ensuring practitioners engage with content and missions appropriate to their clearance and competency.
How Operation Sentinel Watch builds continuous monitoring and detection capabilities across the organization''s technology stack.
CDA''s Operation Baseline campaign establishes foundational security controls across all six PDM domains for organizations starting their security journey.
Understanding CDA''s Institute level structure, from Foundations through Mastery, and how levels map to career progression and capability development.
How CDA''s experience point system quantifies practitioner development activities and maps progress across competency domains.
The Recovery blade of Iron Iris addresses organizational resilience through backup, disaster recovery, and business continuity capabilities.
The Hardening blade of Iron Iris focuses on strengthening defenses through configuration management, patching, and attack surface reduction.
How the Reconnaissance blade of Iron Iris provides continuous environmental awareness and threat landscape understanding.
How the Detection and Response blade of Iron Iris ensures organizations can identify and respond to threats that bypass preventive controls.
How CDA's RoPE metric quantifies the value of practitioner engagement activities and guides resource allocation for professional development.
Understanding CDA's C2 rating system for measuring and communicating cybersecurity competency across standardized skill domains.
How CDA.Civitas structures community participation, contribution recognition, and collective decision-making within the CDA ecosystem.
How CDA's 10s framework provides a structured approach to evaluating decisions, investments, and strategic priorities across the organization.
CDA's methodology for auditing, consolidating, and eliminating redundant SaaS tools to reduce cost, complexity, and security risk.
CDA's Empty Fortress Doctrine describes the strategic approach to presenting a hardened, uninviting target that discourages adversary engagement.
How CDA's internal classification system maps security clearance levels from Unclassified through TS/SCI to campaign access and content visibility.
How CDA.Nexus serves as the central hub for member collaboration, knowledge sharing, and professional development within the CDA ecosystem.
How CDA's Theater of Operations Playbook organizes security work into missions, campaigns, and operations for structured execution.
Understanding how TOP campaigns organize related missions into strategic initiatives with measurable outcomes and clear ownership.
Iron Iris Seal state represents maximum defensive posture, with non-essential services suspended and all resources focused on containment and response.
How Iron Iris Constrict state represents a heightened security posture with tightened controls and reduced attack surface during elevated threat conditions.
Understanding Iron Iris in Bloom state, when organizational defenses are fully open and operational, with maximum visibility and engagement.
CDA membership tiers control access, clearance, and earning potential. Six tiers from Unwashed visitor to Crew employee.
CDA's thesis that AI-mediated application access eliminates traditional DLP and reshapes the security perimeter.
Continue your mission