Articles
April 28, 2025
Cloud Security
Exploring why hardened components in your CI/CD pipeline are essential for security, from DIY approaches to vendor solutions.
Cloud service providers entering regulated markets should consider what NYC restauranteurs know. You won't get far without a skilled host. By focusing on a "select clientele," having a CI/CD pipeline that enforces the use of hardened components is like having a skilled host for your deployments, leading to better security outcomes and increased opportunities to enter regulated markets.
April 18, 2025
Cybersecurity Strategy
Exploring how complexity itself has emerged as a meta-risk that overshadows conventional cybersecurity threats.
The cybersecurity community has traditionally focused on specific risks, but an ominous meta-risk now overshadows these conventional threats: complexity itself. As systems grow increasingly abstract and interconnected, the very complexity that enables our advanced capabilities has become perhaps our most significant vulnerability.
April 10, 2025
Container Security
Learn how organizations can define and track ephemeral technology components in containerized environments.
In Part II of this series, we explore how to maintain an accurate inventory of containers despite their ephemeral nature. Maintaining visibility of your containerized assets is crucial for security and compliance, and there are practical approaches to implement this effectively using Kubernetes CRDs and cloud platform services.
March 25, 2025
Cybersecurity
Learn how to ethically assess the thoroughness of public asset inventory practices using free, open-source tools like Nmap, Masscan, Amass, and Shodan.
Effective inventory management is the foundation upon which robust cybersecurity and risk management programs are built. Using free, unintrusive tools available to anyone, you can ethically assess the thoroughness of public asset inventory practices.
March 13, 2025
Artificial Intelligence
Learn how to unlock the power of AI on your ordinary laptop - no subscriptions, no privacy concerns, and no fancy hardware required.
In the age of AI assistants like ChatGPT and Claude, having your own locally-run language model gives you privacy, offline access, and complete control over your AI interactions. In this guide, I'll walk you through setting up TinyLlama, which is a compact yet capable 1.1B parameter language model, on a standard laptop. This setup will even work on laptops with limited resources.
February 25, 2025
Cloud Security
How to implement a comprehensive vulnerability management workflow in AWS for under $50,000
Organizations today face the challenge of securing increasingly complex cloud environments while managing costs effectively. This article outlines a comprehensive, scalable approach to vulnerability management that won't break the bank.
February 1, 2025
Compliance-as-Code
How to implement compliance-as-code in AWS using GitOps and automated security control validation
Many technical security controls can be implemented and validated automatically, even at scale, leading to mind-boggling cost and time reductions.
January 19, 2025
VPN
Going down the rabbit hole while attempting to uninstall ProtonVPN - persistence mechanisms and security implications
This investigation started with a simple problem: my wife's computer was booting slowly. What began as routine troubleshooting led to the discovery of concerning behavior in how ProtonVPN persists on macOS systems even after uninstallation...