updated docs

.gitignore

@@ -156,6 +156,7 @@ build
 # git update-index --assume-unchanged docs/.obsidian/workspace.json
 workspace.json
 data.json
+graph.json
 
 # personal wikis
 Office

docs/about-me/projects/90-stashfin-tech-stack-infra.md

@@ -7,11 +7,13 @@
 ## Tech Stack
 
 1. Languages
- - Backend - PHP, Python
- - Frontend - HTML, CSS, JS, React
- - Android - Java + Kotlin, Firebase
- - iOS - Swift + Objective C
- - Libraries - Pandas, Numpy (other AI models and libraries)
+
+- Backend - PHP, Python
+- Frontend - HTML, CSS, JS, React
+- Android - Java + Kotlin, Firebase
+- iOS - Swift + Objective C
+- Libraries - Pandas, Numpy (other AI models and libraries)
+
 2. Frameworks - CodeIgniter 3 for PHP, Flask/FastAPI and Django for Python
 3. Unit Testing - Phpunit for PHP, Pytest for Python
 4. Databases - Aurora MySQL (OLTP), Redshift (OLAP), Redis (Caching and Queueing), S3 (blob storage) + Athena (Query layer on top of S3)
@@ -28,6 +30,7 @@
 - Helm package management (client) - Updates - Whatup
 - Kubernetes Manifests
 - Jenkins (CICD)
+
  1. Pipeline
  2. Self service CICD
 
@@ -49,8 +52,10 @@
 - Redshift
 - Aurora (RDS)
 - Redis
+
  1. RedisInsight
  2. Redis Streams
+
 - DynamoDB
 - S3 (Blob storage)
 
@@ -76,43 +81,57 @@
 10. Grafana
 11. Locust (load testing)
 12. Application and Web Servers
- - Nginx
- - Apache
- - Gunicorn
+
+- Nginx
+- Apache
+- Gunicorn
+
 13. Application Development
- - Precommit
- - Crashlytics
+
+- Precommit
+- Crashlytics
+
 14. Testing
- - Selenium
- - Appium
- - Postman Runners (newman)
+
+- Selenium
+- Appium
+- Postman Runners (newman)
+
 15. Languages used
- - PHP (Codeigniter)
- - Java + Kotlin (Android)
- - Python (Fast API / Django / Flask)
- - Javascript (React)
+
+- PHP (Codeigniter)
+- Java + Kotlin (Android)
+- Python (Fast API / Django / Flask)
+- Javascript (React)
+
 16. OpenVPN
 17. JupyterLab
 18. Analytics
- - PowerBI
- - Firebase
- - SonarQube
+
+- PowerBI
+- Firebase
+- SonarQube
+
 19. Velero - Disaster Recovery
 20. Deployment Strategies
- - Blue/Green
- - Canary
- - A/B
- - Mirroring
+
+- Blue/Green
+- Canary
+- A/B
+- Mirroring
+
 21. ExternalDNS
 
 ### Others
 
 1. TICK
- - InfluxDB (device health monitoring)
- - InfluxDB (server health monitoring)
- - Kapacitor
- - Chronograf
- - Telegraf
+
+- InfluxDB (device health monitoring)
+- InfluxDB (server health monitoring)
+- Kapacitor
+- Chronograf
+- Telegraf
+
 2. Kong (dbless)
 3. Konga
 4. Vernemq (mqtt broker)

docs/computer-science/programming-paradigms/oops-solid.md

@@ -1,6 +1,6 @@
 # OOPS / SOLID
 
-## AEIP - Abstraction, Encapsulation, Inheritance and Polymorphism
+AEIP - Abstraction, Encapsulation, Inheritance and Polymorphism
 
 ## Modularity
 
@@ -14,7 +14,7 @@ Means a real world entity (like a car, bus, pen, etc..)
 
 ## Classes
 
-Collection of objectsis called class. It is a logical entity.
+Collection of objects is called class. It is a logical entity.
 
 A class defines the behavior of an object and the kind of information an object can store. The information in a class is stored in attributes, and functions that belong to a class are called methods. A child class inherits the attributes and methods from its parent class.
 
@@ -69,53 +69,57 @@ Another example can be to speak something e.g. cat speaks meaw, dog barks woof e
 
 Types of polymorphism
 
-1. Parametric polymorphism
+### 1. Parametric polymorphism
 
-    This is a pretty common technique in many languages, albeit better known as "Generics". The core idea is to allow programmers to use a wildcard type when defining data structures that can later be filled with any type.
+This is a pretty common technique in many languages, albeit better known as "Generics". The core idea is to allow programmers to use a wildcard type when defining data structures that can later be filled with any type.
 
-    ![image](../../media/OOPS-SOLID-image1.jpg)
+![image](../../media/OOPS-SOLID-image1.jpg)
 
-2. Subtype polymorphism (most used type, using shape like triangle, rectangle and calling area like traingle.area(), rectangle.area())
+### 2. Subtype polymorphism
 
-    Subtyping is better known as object oriented inheritance. The classic example is a vehicle type, here in Java:
+Most used type, using shape like triangle, rectangle and calling area like traingle.area(), rectangle.area())
 
-    ```java
-    abstract class Vehicle {
-        abstract double getWeight();
-    }
+Subtyping is better known as object oriented inheritance. The classic example is a vehicle type, here in Java:
 
-    class Car extends Vehicle {
-        double getWeight() { return 10.0; }
-    }
+```java
+abstract class Vehicle {
+ abstract double getWeight();
+}
 
-    class Truck extends Vehicle {
-        double getWeight() { return 100.0; }
-    }
+class Car extends Vehicle {
+ double getWeight() { return 10.0; }
+}
 
-    class Toyota extends Car { /* ... */ }
+class Truck extends Vehicle {
+ double getWeight() { return 100.0; }
+}
 
-    static void printWeight(Vehicle v) {
-        // Allowed because all vehicles have to have this method
-        System.out.println(v.getWeight());
-    }
-    ```
+class Toyota extends Car { /* ... */ }
 
-3. Ad-Hoc polymorphism (AKA Type Classes)
+static void printWeight(Vehicle v) {
+ // Allowed because all vehicles have to have this method
+ System.out.println(v.getWeight());
+}
+```
+
+### 3. Ad-Hoc polymorphism (AKA Type Classes)
 
-    This is more commonly known as function or operator overloading. In languages that allow this, you can define a function multiple times to deal with different input types. For example in Java:
+This is more commonly known as function or operator overloading. In languages that allow this, you can define a function multiple times to deal with different input types. For example in Java:
+
+```java
+class Printer {
+ public String prettyPrint(int x) { /*...*/ }
+ public String prettyPrint(char c) { /*...*/ }
+}
+```
 
-    ```java
-    class Printer {
-        public String prettyPrint(int x) { /*...*/ }
-        public String prettyPrint(char c) { /*...*/ }
-    }
-    ```
+### Others
 
-4. Row Polymorphism
-5. Kind Polymorphism
-6. Higher-rank Polymorphism
-7. Linearity Polymorphism
-8. Levity Polymorphism
+1. Row Polymorphism
+2. Kind Polymorphism
+3. Higher-rank Polymorphism
+4. Linearity Polymorphism
+5. Levity Polymorphism
 
 <https://dev.to/jvanbruegge/what-the-heck-is-polymorphism-nmh>
 
@@ -238,39 +242,39 @@ According to the popular guide [Unified Process](https://en.wikipedia.org/wiki/U
 
 ## SOLID principles
 
-1. **Single Responsibility Principle**
+### 1. Single Responsibility Principle
 
-    A class should have one and only one reason to change, meaning that a class should have only one job
+A class should have one and only one reason to change, meaning that a class should have only one job
 
-2. **Open Closed Principle**
+### 2. Open Closed Principle
 
-    Objects or entities should be open for extension, but closed for modification
+Objects or entities should be open for extension, but closed for modification
 
-3. **Liskov Substitution Principle**
+### 3. Liskov Substitution Principle
 
-    Objects in a program should be replaceable with instances of their subtypes without altering the correctness of that program
+Objects in a program should be replaceable with instances of their subtypes without altering the correctness of that program
 
-    Letq(x)be a property provable about objects ofxof typeT. Thenq(y)should be provable for objectsyof type S where S is a subtype of T.
+Letq(x)be a property provable about objects ofxof typeT. Thenq(y)should be provable for objectsyof type S where S is a subtype of T.
 
-    All this is stating is that every subclass/derived class should be substitutable for their base/parent class.
+All this is stating is that every subclass/derived class should be substitutable for their base/parent class.
 
-4. **Interface Segregation Principle**
+### 4. Interface Segregation Principle
 
-    Many client-specific interfaces are better than one general-purpose interface
+Many client-specific interfaces are better than one general-purpose interface
 
-    A client should never be forced to implement an interface that it doesn't use or clients shouldn't be forced to depend on methods they do not use.
+A client should never be forced to implement an interface that it doesn't use or clients shouldn't be forced to depend on methods they do not use.
 
-5. **Dependency Inversion principle**
+### 5. Dependency Inversion principle
 
-    Entities must depend on abstractions not on concretions
+Entities must depend on abstractions not on concretions
 
-    It states that the high level module must not depend on the low level module, but they should depend on abstractions.
+It states that the high level module must not depend on the low level module, but they should depend on abstractions.
 
-    The dependency inversion principle tells us that we should always try to have dependencies on interfaces (or Abstract Classes), not classes.
+The dependency inversion principle tells us that we should always try to have dependencies on interfaces (or Abstract Classes), not classes.
 
-    <https://javapapers.com/oops/association-aggregation-composition-abstraction-generalization-realization-dependency>
+<https://javapapers.com/oops/association-aggregation-composition-abstraction-generalization-realization-dependency>
 
-    <https://scotch.io/bar-talk/s-o-l-i-d-the-first-five-principles-of-object-oriented-design>
+<https://scotch.io/bar-talk/s-o-l-i-d-the-first-five-principles-of-object-oriented-design>
 
 ## STUPID
 

docs/computer-science/security/improving-security-posture.md

@@ -0,0 +1,70 @@
+# Improving Security Posture
+
+### 1. Assessment of Initial Security State
+
+- Conduct a thorough assessment of the existing security posture, including vulnerability assessments, penetration testing, and risk analysis.
+- Identify weaknesses, vulnerabilities, and potential entry points for attackers.
+
+### 2. Formation of a Security Team
+
+- Establish a dedicated security team with a diverse skill set including penetration testers, security analysts, and possibly a security architect.
+- Clearly define roles and responsibilities within the team.
+
+### 3. Security Policies and Training
+
+- Develop and implement comprehensive security policies.
+- Conduct security awareness training for all employees to create a security-centric culture within the organization.
+
+### 4. Implementation of Basic Security Measures
+
+- Install firewalls, antivirus software, and intrusion detection/prevention systems.
+- Regularly update and patch software to address known vulnerabilities.
+
+### 5. Vulnerability Assessment and Penetration Testing (VAPT)
+
+- Regularly perform VAPT to identify and address vulnerabilities in the system.
+- Implement a process to prioritize and remediate findings.
+
+### 6. Web Application Firewall (WAF) Implementation
+
+- Deploy a Web Application Firewall to protect against common web application attacks.
+- Configure the WAF to filter and monitor HTTP traffic.
+
+### 7. DDoS Protection
+
+- Implement a DDoS protection solution to mitigate the risk of service disruption.
+- Test the effectiveness of the DDoS protection in simulated attack scenarios.
+
+### 8. Incident Response Plan
+
+- Develop and document an incident response plan outlining the steps to be taken in the event of a security incident.
+- Conduct regular drills to ensure the team is prepared to respond effectively.
+
+### 9. Continuous Monitoring
+
+- Implement continuous monitoring solutions to detect and respond to security incidents in real-time.
+- Set up log aggregation and analysis tools.
+
+### 10. Security Compliance and Auditing
+
+- Ensure compliance with industry standards and regulations.
+- Conduct regular security audits to validate the effectiveness of security measures.
+
+### 11. Coordination with Development and Operations
+
+- Integrate security into the development life cycle (DevSecOps).
+- Collaborate closely with development and operations teams to address security concerns during the development process.
+
+### 12. Leadership and Governance
+
+- Establish strong leadership and governance to ensure that security initiatives are prioritized and supported across the organization.
+- Regularly review and update security policies and procedures.
+
+### 13. Regular Updates and Improvements
+
+- Stay informed about the latest security threats and technologies.
+- Continuously update and improve security measures to adapt to evolving threats.
+
+### Conclusion
+
+By following a structured approach that involves people, processes, and technology, organizations can significantly enhance their security posture. This involves a combination of proactive measures, ongoing testing, and a commitment to continuous improvement. Leadership plays a crucial role in fostering a security-conscious culture throughout the organization.

docs/computer-science/security/readme.md

@@ -1,5 +1,6 @@
 # Security
 
+- [Improving Security Posture](computer-science/security/improving-security-posture.md)
 - [Concepts](computer-science/security/concepts.md)
 - [Cryptography](cryptography/readme.md)
 - [Authentication](authentication/readme.md)

docs/databases/modeling/database-workloads.md → docs/databases/concepts/database-workloads.md

@@ -17,7 +17,8 @@ is characterized by relatively low volume of transactions. Queries are often ver
 
 - Help business with decision making and problem solving
 - Queries a large amount of data
-The following table summarizes the major differences between OLTP and OLAP system design.
+
+### Differences between OLTP and OLAP system design
 
 | | **OLTP System Online Transaction Processing (Operational System)** | **OLAP System Online Analytical Processing (Data Warehouse)** |
 |---|---|---|

docs/databases/concepts/readme.md

@@ -7,6 +7,7 @@
 - [Acid and Base](acid-and-base)
 - [Concurrency Control](concurrency-control)
 - [Isolation Levels](isolation-levels)
+- [Database Workloads](databases/concepts/database-workloads.md)
 - [Disk Oriented vs In-memory DBs](disk-oriented-vs-in-memory-dbs)
 - [MVCC Multiversion Concurrency Control](mvcc-multiversion-concurrency-control)
 - [Rum Conjecture](rum-conjecture)