Hey there, tech enthusiasts! It’s been a little while since I’ve posted. I figured it’s time we talked about something that’s been buzzing in the AI world lately – the democratization of AI. Now, I know what you’re thinking: “Another buzzword?” But stick with me here, because this is actually pretty cool stuff that’s changing … Read more
Managing firewalls, VLANs, and access control lists might be second nature in a traditional IT setting. But when it comes to AWS, the terminology and tools can seem foreign. This beginner’s guide aims to bridge that gap, translating AWS security concepts into the world of on-premise security you already know. Why AWS Security Matters AWS … Read more
As I continue this series on CI/CD pipeline security, it is time to now work on securely building and deploying our application. This post picks up where my Build Secure Python Pipelines: Adding Tests and Hooks in Action post left off. In this post, we’ll continue our pipeline development by adding a container build and … Read more
As we continue this series started in my Getting Started with Secure CI/CD: Essential Practices for Beginners post, I’ll be securing my Python code with automated testing and hooks. While some of this information builds on some previous posts I’ve created in the past, I still wanted to incorporate these together in a meaningful way. … Read more
After writing my From Scattered to Splunk: Bringing Order to Your Kubernetes Logs post, a buddy of mine Danny Ansell (oh by the way he does work for Cribl and used to work for Splunk) suggested that I could always import my logs into Cribl as well. I’m madly in love with Splunk and do … Read more
I think it’s time to focus on a few key practices for beginners to implement secure CI/CD. I’ve been building the idea on the idea of a CI/CD pipeline in a bunch of the below posts: All of these articles are a scattering of topics based upon some of the daily randomness that I’ve faced … Read more
In my Silence Not Golden: Fixing the Mute Button on Tetragon Logs post, I realized that I was an idiot. I also realized that I needed to get all of my Kubernetes into one place for a number of reasons. I’m most familiar with Splunk so it makes sense to centralize my Kubernetes logs with … Read more
In my previous From Reactive to Proactive: Transforming Security with Tetragon post, I got Tetragon installed and working. After doing some digging, I found that I was only generating events and logs for one of the k8 nodes in my cluster. This article focuses on how I noticed this and how to fix tetragon logging … Read more
After writing my DMARC Reports: Your Secret Weapon Against Domain Fraud (And How to Read Them) post, I realized that I hadn’t really looked at SPF and DKIM records too much. I had read how you could be protecting your brand from email spoofing with SPF and DKIM records but hadn’t explored them very much. … Read more
I recently received Emails for my Shopify stores Momma Bears Creations and InkedWith regarding missing DMARC DNS entries. The Email was titled: Add a DMARC record to continue sending emails from your domain. An example of the Email is below Gmail and Yahoo have announced changes that require you to add a DMARC record on your domain before February 1, 2024 if … Read more