Reading Time: 10minutes This is a second installment on tools that will help you manage your secrets. This time I’m diving into a solution called AKEYLESS which looks like a great option for those needing a more fully fledged Secret and key management solution.
Reading Time: 3minutes My latest project has been to get more comfortable with Docker, how it works, how to set it up, etc. During that I started learning how to integrate Doppler into Docker. This article explains my findings.
Reading Time: 14minutes In this article I talk about benefits of managing all the secrets you use in your dev efforts and how to do it efficiently and securely. I also provide a sample script to play with.
Reading Time: 3minutes I am not planning on waxing philosophy in this post, but I do want to discuss ideology or mindset of a successful cybersecurity professional. In my Vulnerability Management post I went over how to structure your vulnerability management program. Here I plan to take a slightly wider angle at an even higher level. Cybersecurity should […]
Reading Time: 4minutes Ransomware is type of self-propagating malware that encrypts your files so that you cannot read or use them until you pay a ransom. Yeah, I know, I can feel how you are rolling your eyes at that unhelpful explanation full of incomprehensible technical jargon. So let me explain these terms in more detail. Table of […]
Reading Time: 4minutes Table of Contents1 HOW TO PROTECT YOURSELF FROM RANSOMWARE1.1 RANSOMWARE DEFENSES1.2 RANSOMWARE RECOVERY PREPARATION aka Importance of backups1.3 Recovering from Ransomware infection HOW TO PROTECT YOURSELF FROM RANSOMWARE Protecting yourself from ransomware falls into two main buckets, first is steps to take to avoid getting infected, second is being prepared to recover should you be […]
Reading Time: 6minutes I see many posts on social media asking for advice on how to get started in cybersecurity, what certifications to get, etc., so I figured I would write an article with my perspective on those topics. Cybersecurity as a career You do not need any formal education, nor any specific certification, to be successful in […]
Reading Time: 3minutes I am a very sharing kind of guy and firmly believe that sharing is caring. I am happy to share absolutely anything and everything, with literally only two exceptions. I am not big on sharing my toothbrush, and I absolutely do not share my passwords under any circumstances. There are two kinds of password sharing […]
Reading Time: 3minutes This article was written with companies in mind; most of this applies to individuals as well. Most security incidents happen due to phishing, and I have a sure-fire way to avoid becoming a phishing victim. Just do not click on links in email or open attachments. Yes, I do realize that this advice is about […]
Reading Time: 3minutes This post is going to be more applicable to companies than individuals as it is going over how to manage vulnerabilities across all your computer systems. At a super high-level, the concept of vulnerability management is pretty simple. It is all about managing your vulnerabilities. When you dive deeper, then questions start to surface. Questions […]
Reading Time: 5minutes In this blog post, I want to talk about risk management and the concept of threat modeling. Let’s start with some basic math, then dive into definitions and some examples. Table of Contents1 Definition of Risk2 Definition of Vulnerability3 Definition of Threat4 Threat Model5 Details makeup of a threat5.1 Capability5.2 Opportunity5.3 Intent Definition of Risk […]
Reading Time: 4minutes Today I want to talk about online privacy concerns. When it comes to online privacy, I tend to take a slightly different road than many of my cybersecurity colleagues. Many in my industry tend to preach that you should never ever under any circumstances share anything personal online. I understand where they are coming from […]
Reading Time: 6minutes In this installment, we’re going to look at different ways you could be separated from your money, which you may later regret. Let’s call these all Scams or Fraud, even though some don’t meet the legal or the conventional definition of those terms. Before I start, I want to mention that to many, these may […]