Nexus SecOps Coverage Dashboard
Last Updated: 2026-03-20 (Session 2)
This dashboard tracks content coverage across all 40 chapters. Updated each session.
Summary Metrics
| Metric | Count | Target | Status |
| Chapters | 40 / 40 | 40 | ✅ Complete |
| Chapter Quizzes | 40 / 40 | 40 | ✅ Complete |
| Labs | 11 / 12 | 12 | 🟡 92% |
| Microsimulations | 20 / 20 | 20 | ✅ Complete |
| IR Playbooks | 6 / 8 | 8 | 🟡 75% |
| Attack Scenarios | 4 / 12 | 12 | 🟡 33% |
| Architecture Patterns | 4 / 6 | 6 | 🟡 67% |
| Framework Mappings | 6 / 6 | 6 | ✅ Complete |
| Cheat Sheets | 3 / 5 | 5 | 🟡 60% |
Chapter Coverage Matrix
| Ch | Title | Quiz | Lab | Sim | Scenario | Playbook |
| 01 | Introduction to SecOps | ✅ | ✅ L1 | ✅ S1 | — | — |
| 02 | Telemetry & Logging | ✅ | ✅ L2 | ✅ S2 | — | — |
| 03 | SIEM & Data Lake Basics | ✅ | — | ✅ S6 | — | — |
| 04 | Detection Engineering | ✅ | ✅ L2 | ✅ S3 | — | — |
| 05 | Triage & Investigation | ✅ | ✅ L2 | ✅ S9,S15 | — | — |
| 06 | Threat Intelligence | ✅ | ✅ L1 | ✅ S4 | — | — |
| 07 | SOAR & Automation | ✅ | — | ✅ S5 | — | — |
| 08 | Incident Response | ✅ | ✅ L4 | ✅ S4 | — | — |
| 09 | AI/ML in SOC | ✅ | ✅ L3 | ✅ S10 | — | — |
| 10 | LLM Copilots & Guardrails | ✅ | ✅ L5 | ✅ S5 | — | — |
| 11 | Evaluation & Metrics | ✅ | ✅ L5 | ✅ S7 | — | — |
| 12 | Compliance, AI Ethics & Risk | ✅ | — | ✅ S8 | — | — |
| 13 | Security Governance, Privacy & Risk | ✅ | — | ✅ S6 | — | — |
| 14 | Operating Model, Staffing & SLAs | ✅ | — | ✅ S7 | — | — |
| 15 | Resilience, Tabletops & Learning | ✅ | ✅ L3 | — | — | — |
| 16 | Penetration Testing | ✅ | — | — | — | — |
| 17 | Red Team Operations | ✅ | ✅ L9 | ✅ S12 | SC-010 | — |
| 18 | Malware Analysis | ✅ | ✅ L7 | — | — | — |
| 19 | OSINT & Reconnaissance | ✅ | — | — | — | — |
| 20 | Cloud Attack & Defense | ✅ | ✅ L8 | — | SC-009 | ✅ |
| 21 | OT/ICS/SCADA Security | ✅ | — | — | — | — |
| 22 | Threat Actor Encyclopedia | ✅ | — | ✅ S14 | — | — |
| 23 | Ransomware Deep Dive | ✅ | — | ✅ S13 | SC-011 | ✅ |
| 24 | Supply Chain Attacks | ✅ | — | — | — | ✅ |
| 25 | Social Engineering | ✅ | — | — | — | — |
| 26 | Insider Threats | ✅ | — | — | — | ✅ |
| 27 | Digital Forensics | ✅ | — | ✅ S18,S19 | — | — |
| 28 | Advanced Incident Response | ✅ | — | — | — | — |
| 29 | Vulnerability Management | ✅ | — | ✅ S17 | — | — |
| 30 | Application Security | ✅ | — | — | — | — |
| 31 | Network Security Architecture | ✅ | — | — | — | — |
| 32 | Cryptography Applied | ✅ | — | — | — | — |
| 33 | Identity & Access Security | ✅ | — | — | — | — |
| 34 | Mobile & IoT Security | ✅ | — | — | — | — |
| 35 | DevSecOps Pipeline | ✅ | — | ✅ S20 | — | — |
| 36 | Purple Team Operations | ✅ | ✅ L9 | ✅ S11 | — | — |
| 37 | AI & ML Security | ✅ | — | — | SC-012 | — |
| 38 | Advanced Threat Hunting | ✅ | ✅ L10 | — | — | — |
| 39 | Zero Trust Implementation | ✅ | — | ✅ S16 | — | — |
| 40 | Security Program Leadership | ✅ | — | — | — | — |
Legend: ✅ = Complete | 🟡 = Partial | — = Gap
Gap Analysis & Roadmap
High-Priority Gaps (chapters with no lab, sim, OR scenario)
| Chapter | Missing | Priority |
| Ch21 — OT/ICS | Lab, Sim, Scenario | HIGH — specialized domain, high demand |
| Ch27 — Digital Forensics | Lab, Sim | HIGH — hands-on skills critical |
| Ch30 — AppSec | Lab, Sim, Scenario | HIGH — OWASP/SAST/DAST practical |
| Ch33 — Identity | Lab, Sim | HIGH — PAM/ZTA critical path |
| Ch35 — DevSecOps | Lab, Sim | MEDIUM — pipeline skills |
| Ch37 — AI Security | Lab, Sim | MEDIUM — emerging domain |
| Ch38 — Threat Hunting | Sim | LOW — has Lab 10 |
| Ch40 — Leadership | All | LOW — non-technical chapter |
Completed This Session (2026-03-20)
| Item | Type | Chapter | Status |
| Sim 04 — SOAR Playbook Decision Tree | Sim | Ch08 | ✅ Fixed (was placeholder) |
| Sim 17 — CVSS v3.1 Calculator | Sim | Ch29 | ✅ New |
| Sim 18 — Registry Forensic Explorer | Sim | Ch27 | ✅ New |
| Sim 19 — Packet Timeline Reconstructor | Sim | Ch09/27 | ✅ New |
| Sim 20 — STRIDE Threat Model Builder | Sim | Ch13/35 | ✅ New |
| Adaptive Path Generator | Tool | All | ✅ New |
| Knowledge Graph → Chapter Links | Enhancement | All | ✅ New |
| Visual Overhaul (CSS + JS) | Enhancement | All 296 pages | ✅ New |
Planned Additions
| Item | Type | Target Chapter | Sprint |
| Lab 11 — Adversarial ML Attack | Lab | Ch37 | Next |
| SC-013 — AI Model Poisoning | Scenario | Ch37 | Next |
| Lab 12 — DFIR Artifact Analysis | Lab | Ch27 | Future |
| Sim 21 — OT/ICS Attack Sim | Sim | Ch21 | Future |
| Lab 13 — AppSec Pipeline | Lab | Ch30/35 | Future |
| SC-014 — OT Ransomware | Scenario | Ch21 | Future |
| Category | Tools Documented | Key Gaps |
| SIEM/Detection | 18 tools | — |
| EDR/Endpoint | 12 tools | — |
| Threat Intelligence | 10 tools | — |
| DFIR | 15 tools | — |
| Network Security | 11 tools | — |
| Vulnerability Mgmt | 8 tools | — |
| Penetration Testing | 14 tools | — |
| Purple Team | 7 tools | — |
| Malware Analysis | 9 tools | — |
| Cloud Security | 12 tools | — |
| IAM/PAM | 8 tools | — |
| DevSecOps | 10 tools | — |
| AI/ML Security | 6 tools | Expanding |
| OT/ICS | 5 tools | Expanding |
| Cryptography | 7 tools | — |
| Zero Trust | 8 tools | — |
Certification Coverage
| Domain | Certs Mapped | Primary Chapters |
| SOC Operations | CompTIA CySA+, GCIA | Ch01–Ch12 |
| Incident Response | GCIH, GCFE, GCFA | Ch09, Ch27–28 |
| Penetration Testing | GPEN, OSCP | Ch16–Ch17 |
| Malware/RE | GREM | Ch18 |
| Threat Intelligence | GCTI | Ch07, Ch22 |
| Cloud Security | CCSP, GWEB | Ch20 |
| Leadership/Governance | CISSP, CISM | Ch13, Ch40 |
| Forensics | GCFA, GCFE | Ch27 |
| Zero Trust | N/A (emerging) | Ch39 |
| AI Security | N/A (emerging) | Ch37 |
Content Quality Metrics
| Metric | Value | Target |
| Average chapter length | ~350 lines | 300+ |
| Chapters with Mermaid diagrams | 38 / 40 | 40 |
| Chapters with KQL/code examples | 32 / 40 | 40 |
| Chapters with ATT&CK mapping | 35 / 40 | 40 |
| Chapters with Nexus SecOps benchmark tie-in | 40 / 40 | 40 ✅ |
| Glossary terms | 400+ | 400 ✅ |
| Detection queries (KQL/SPL) | 200+ | — |
| Sigma rules documented | 50+ | — |
| YARA rules | 30+ | — |
| Hunt hypotheses | 100+ | — |