diff --git a/2021-W25.org b/2021-W25.org
new file mode 100644
index 00000000..5b2f2b6d
--- /dev/null
+++ b/2021-W25.org
@@ -0,0 +1,187 @@
+** 2021-W25
+*** 2021-06-23 Wednesday
+**** IN-PROGRESS DI doc                                                :work:
+:LOGBOOK:
+CLOCK: [2021-06-23 Wed 10:10]--[2021-06-23 Wed 11:40] =>  1:30
+:END:
+[2021-06-23 Wed 10:10]
+
+
+Given a session token (JWT) this is how to retrieve refresh token for a
+client bypassing any user interaction or browser redirection.
+
+Given a classical OAuth2 Auth code client with:
+
+- client_id: localtest
+- client_password: localpass
+- scopes: inspect
+- redirect_uris: [ http://localhost:9001/callback ]
+
+Make the following HTTP call:
+
+1. call csrf endpoint => retrieve a CSRF token
+2. authorize the client (use the CSRF token) => retrieve a CODE token
+3. call /token with client secret and the CODE token => retrieve
+   access/refresh tokens
+
+In more detail:
+
+#+begin_src
+❯ IROH_URL="https://visibility.amp.cisco.com"
+
+curl -X POST "$IROH_URL/iroh/oauth2/csrf-token"  \
+     -H "accept: application/json"  \
+     -H "authorization: Bearer $JWT" \
+     -H "Content-Type: application/x-www-form-urlencoded" \
+     -d "client_id=localtest&scope=inspect"
+{"csrf":"eyJhGc..."}
+
+❯ CSRF="eyJhGc..."
+
+curl -X POST "$IROH_URL/iroh/oauth2/authorize" \
+     -H "accept: application/json" \
+     -H "authorization: Bearer $JWT" \
+     -H "Content-Type: application/x-www-form-urlencoded" \
+     -d "client_id=localtest&scope=inspect&csrf=$CSRF&redirect_uri=http://localhost:9001/callback&response_type=code&state="
+{"url":"http://localhost:9001/callback?code=eyJhGc..."}
+
+❯ CODE="eyJhGc..."
+
+curl -X POST "$IROH_URL/iroh/oauth2/token" \
+     -H "accept: application/json" \
+     -u localtest:localpass \
+     -H "Content-Type: application/x-www-form-urlencoded" \
+     -d "scope=inspect&code=$CODE&redirect_uri=http://localhost:9001/callback&grant_type=authorization_code&"
+{"access_token":"eyJhGc...","scope":"inspect","token_type":"bearer","expires_in":600,"refresh_token":"eyJhGc..."}
+#+end_src
+*** 2021-06-25 Friday
+**** IN-PROGRESS Security School                                       :work:
+:LOGBOOK:
+CLOCK: [2021-06-25 Fri 10:20]--[2021-06-25 Fri 11:23] =>  1:03
+:END:
+[2021-06-25 Fri 10:20]
+
+What it mean to be a Trusted company
+
+1. Trust is important and changed (erosion of trust)
+2. Why should I should pay for premium; built on trust.
+3. key point, start with a good point on the reputation
+4. Shifting landscape, no more satisfy with implicit trusting.
+5. Lack of trust create a huge gap, stop digitizing
+   - 71% threat hinder innovation
+   - 39% halted mission critical initiative to digitalize due to
+     cybersecurity concern
+6. How much cisco is a trusting company
+   BPI (Brand Performance Index) score 22%
+   - 8% -> is an honest ethical company
+   - 4% -> company I admire
+     ...
+7. Trust Landscape
+   - Increasing number of data breaches and cyberattacks
+   - halting digital projects due to lack of trust
+   - transition from implicit to explicit trust "Prove it"
+   - US based IT companies are under increased scrutinity, particularly
+     outside of the US.
+     Distance between Cisco and US government.
+8. Cisco BPI: 50% (MS 65%)
+9. Trustworthy
+   - active measire to safeguard
+   - commited to securing our customers and data
+   - adhere a secure development lifecycle in the dev of products and services
+   - we protect security of our supply chain
+10. Transparent
+    - access to security vulnerabilities
+    - timely actionable breach notifications to impacted parties
+    - publish data regarding requests from law enforcement
+    - drive and follow open global standards and make deccisions to
+      develope and implement new tech based on customers current and
+      anticipated
+11. Accountable
+    - commited to verify and validate our trustworthiness
+    - we admit we make mistakes that impact the security of our customers
+      and partners and we work to make things right with those customers
+      and partners
+
+12. Calls to action
+***** Security Vocabulary
+
+1. CIA: Security triangle (of device, service or data) *Is it Secure?*
+   - Confidentiality
+   - Integrity
+   - Availability
+2. Confidentiality (who can access )
+3. Integrity (information is not unexpectedly modified)
+4. Availability (information or resourcces are available when needed)
+5. Non-Repudiation & Authenticity
+   Non-repudiation: Prove you did or didn't do something
+   Authenticity: Assurance that a message or other exchange of information
+   is from source it claims to be from
+6. Vulnerability:
+   - a weekness, design or coding error, lack of protection in a product
+     that enable an attack
+   - Vulnerability can result from Design, Programming, or
+     Operational flaws.
+7. Threats
+   - Threat: a potential danger that could cause harm to information or a system
+   - Threat Agent: an entity that exploits a threat (a hacker)
+8. Exploits and Attacks
+   - exploits: pratical method to take advantage of a vuln
+   - Attack: use an exploit against and actual vuln
+   - Attack Vector: theoretical application of an exploit
+   - Zero-Day Attack: an attack that exploits a previously unknown
+     vuln for which there is not yet a defense
+9. Exposure
+   1. probability and severity of an attack using a specific exploit
+   2. time between the announcement of vuln and a suitable patch
+   3. any info leak that facilitate attack
+10. Mitigation
+    What can we do?
+    Strategy for reducing or eliminating the severity of a security issue.
+11. Attack Surface - Reality
+    collection of all entry point that could potentially be used to attack
+    the product. Any code or hardware that an attacker could potentially
+    access and exploit.
+***** Protecting data and privacy
+****** DATA
+- data = content + context
+.
+****** Data is proccessed by each of us
+Engineer, Sales, HR
+****** Data must be protected at each stage
+
+- classify it as personal data and/or confidential
+- determine what controls to embed per stage using Cisco Data Policies
+
+Lifecycle
+
+1. Collection or Creation
+2. Usage
+3. Sharing
+4. Curating
+5. Retention
+6. Destruction
+
+Data sensitivity
+****** Cisco Data Policies
+
+. Cisco Data Quality Policy
+. Cisco Data Protection Policy
+. Cisco Data Privacy Policy
+
+require secure up-to-date data processing with purpose
+
+
+- Can be found in Policy Central
+- Updated at least once a year
+- Cover changing global regulations, marke/customer requirements, and
+  Cisco's changes in code of business
+****** Embeding Data Controls
+
+Quality / Protection / Privacy
+Details ccan be found in Product Seure Baseline Requirements for CSDL.
+
+- Quality: refresh, retention management, destroy when done
+- Protection: encryption, confidential/sensitive, role based access, 3rd
+  party contracts
+- Privacy: minimized processing, notice/purpose, legal basis/consent,
+  individual rights