— 01 / Master identity security, one path at a time.

Become an identity security practitioner.

A bilingual, accessible reference to master identity security — from foundations to advanced practice. Curated paths, gamified labs, and visual schemas.

Paths
25
Labs
1
Glossary
1
Free · No accounts
Free · No accounts
— 02 / What you'll achieve

Identity security, end to end.

  1. Master the IAM control plane

    From foundations to architecture — protocols, lifecycle, governance, and threat response. Designed to outlive product cycles.

  2. Build a portfolio of practice

    Labs with progressive difficulty and instant feedback. Your attempts persist locally — no accounts, no tracking.

  3. Think in concepts, not products

    Vendor-neutral fundamentals first, then vendor-specific where the nuance matters. Reasoning that travels with you.

— 03 / The structure

Four layers of identity security.

Every path, lab, and glossary term maps to one of these four layers. Walk them in order — or jump to the gap you need to close.

  1. Identity

    Who the subject is. Sources of truth, identity stores, lifecycle, joiners / movers / leavers.

  2. Authentication

    Proving the subject. Passwords, MFA, passkeys, SSO, OAuth, OIDC, SAML.

  3. Authorization

    What the subject may do. RBAC, ABAC, ReBAC, policy engines, fine-grained authz.

  4. Audit

    What the subject did. Logs, telemetry, ITDR, response playbooks, governance.

— 04 / Curated paths

Explore the domains

Explore all
  1. Intermediate

    Directory services: where identities actually live

    The foundation of the IAM protocol stack — what a directory service is, the LDAP data model (DIT, DN, entries, objectClasses, schema), Active Directory's domains and forests, the shift to cloud directories like Entra ID and Okta, hybrid identity sync, and why the directory is the enterprise's crown jewels.

    32 min read
  2. Beginner

    What is digital identity?

    An introductory guide to the foundational concept of IAM: definition of digital identity, the concepts that get confused (subject, identity, account, profile), and the building blocks that make it operational (attributes, claims, entitlements, and credentials).

    25 min read
  3. Beginner

    Modern identity types and the new perimeter

    Beyond human users: identities of devices, workloads, and AI agents. Why the entire industry now says that identity — not the network — is the new security perimeter.

    30 min read
— 05 / The lexicon

Speak the language of identity.

1 terms defined precisely. Click any term to read its entry.

— 06 / Hands-on practice

Quick labs

Explore all
  1. 3 Q

    Authentication vs authorization

    Test whether you can tell when a control is verifying who you are vs what you may do.

    5 min read
— 07 / Why this exists

Built for serious learners

Reference-grade

Designed to be the canonical resource — bilingual, structured info, comprehensive guides, and clear citations.

WCAG 2.2

Accessible by default. Keyboard nav, prefers-reduced-motion, AAA contrast on critical paths.

Visual, interactive

Diagrams, sketches, and labs that ramp from beginner to expert — your progress stays on your device.

— 08 / Start now

Your path starts here.

Read a path, take a lab, or browse the glossary. Everything is free; your progress stays on your device.