menu

Top Categories

Spotlight

todayNovember 25, 2022

industry Jake

9 ways to give access to an internal tool

The following is a work of fiction. However all the solutions are real things I’ve attempted in my time as a Cloud Consultant. Image this, you’re minding your own business when an empowered developer pops out of nowhere. They need to get an application deployed. You begin to open your [...]


Jake

17 Results / Page 2 of 2

Background

todayJuly 31, 2020

  • 418
close

industry Jake

Security doesn’t have to be a blocker

A few months ago during a conversation at a secops event, the topic of granting exceptions came up. One of the attendees was shared his dismay. “Management is always steamrolling me” he complained, “people are just being lazy, they should be able to do it right” and added “if it ...

todayJuly 21, 2020

  • 609
  • 1
close

vulnerabilities Jake

SIGRed: A new critical vulnerability Explained

Last Tuesday, as they do every second Tuesday, Microsoft released its monthly patch updates. One in particular (CVE-2020-1350) has been drawing a lot of attention. The vulnerability is called “SIGRed”, like that lunch I may have left in the office, its old, its bad and ripe for worms. Lets dig ...

todayJuly 9, 2020

  • 453
close

malware Jake

ThiefQuest: The new macOS ransomware that’s more than it seems

Last week a new macOS malware threat was discovered. Mac ransomware, while not unheard of, is still interesting enough to be of interest to security researchers. So, when Dinesh Devadosh of K7 Labs announced his discovery over twitter. His colleagues; Phil Stokes of SentinelOne, Thomas Reed of Malwarebytes and Patrik ...

todayJune 10, 2020

  • 411
close

secure development + vendor guides Jake

Cleaning up users in 1password

Recently I was helping a company audit their 1password account. Thought I’d share some useful snippets using jq and the 1password CLI tool. This command suspends users who haven’t logged in for 3 months After suspending all the users for a few days (waiting to see if people complain), this ...

todayMay 31, 2020

  • 173
close

secure development Jake

Maturity in devops

As a consultant, I tend to work with a variety of clients and teams all across the product maturity spectrum. Some are just starting; maybe they have an MVP, maybe they are still building it. Others have existed in their space for years. Typically, when I get called into projects, ...

todayMay 31, 2020

  • 1852
close

vendor guides Jake

Trying Pritunl Zero

Pritunl is an open source OpenVPN and IPSec solution that comes with a somewhat popular VPN client. Pritunl Zero fills in a few more gaps by providing zero trust access to SSH and Web Services similar to products such as Akamai EAA and Zscaller. I installed an individual server using ...