• Docker and Doppler
    Reading Time: 3 minutes My latest project has been to get more comfortable with Docker, how it works, how to set it up, etc. During that I started learning how to integrate Doppler into Docker. This article explains my findings.
  • Secrets Management
    Reading Time: 14 minutes In this article I talk about benefits of managing all the secrets you use in your dev efforts and how to do it efficiently and securely. I also provide a sample script to play with.
  • Cybersecurity philosophy
    Reading Time: 3 minutes I am not planning on waxing philosophy in this post, but I do want to discuss ideology or mindset of a successful cybersecurity professional. In my Vulnerability Management post I went over how to structure your vulnerability management program. Here I plan to take a slightly wider angle at an even higher level. Cybersecurity should […]
  • Zero Trust
    Reading Time: 6 minutes This blog describes what zero trust is and what you need to think about if you are wanting to go that route.
  • Vulnerability Management: A how to
    Reading Time: 18 minutes In this post we explain what goes into a good vulnerability management program, to keep it blog length it is rather high level.
  • Encryption and the CIA Triad
    Reading Time: 11 minutes Explanation of what encryption as well as the CIA triad is, in common every day English.
    Reading Time: 4 minutes Ransomware is type of self-propagating malware that encrypts your files so that you cannot read or use them until you pay a ransom. Yeah, I know, I can feel how you are rolling your eyes at that unhelpful explanation full of incomprehensible technical jargon. So let me explain these terms in more detail. Table of […]
  • Ransomware Protection and Importance of Backups
    Reading Time: 4 minutes Table of Contents1 HOW TO PROTECT YOURSELF FROM RANSOMWARE1.1 RANSOMWARE DEFENSES1.2 RANSOMWARE RECOVERY PREPARATION aka Importance of backups1.3 Recovering from Ransomware infection HOW TO PROTECT YOURSELF FROM RANSOMWARE Protecting yourself from ransomware falls into two main buckets, first is steps to take to avoid getting infected, second is being prepared to recover should you be […]
  • Cybersecurity Career and Certification Advice
    Reading Time: 6 minutes I see many posts on social media asking for advice on how to get started in cybersecurity, what certifications to get, etc., so I figured I would write an article with my perspective on those topics. Cybersecurity as a career You do not need any formal education, nor any specific certification, to be successful in […]
  • Password Management
    Reading Time: 3 minutes I am a very sharing kind of guy and firmly believe that sharing is caring. I am happy to share absolutely anything and everything, with literally only two exceptions. I am not big on sharing my toothbrush, and I absolutely do not share my passwords under any circumstances. There are two kinds of password sharing […]
  • Let’s go phishing
    Reading Time: 3 minutes This article was written with companies in mind; most of this applies to individuals as well. Most security incidents happen due to phishing, and I have a sure-fire way to avoid becoming a phishing victim. Just do not click on links in email or open attachments. Yes, I do realize that this advice is about […]
  • Vulnerability Management
    Reading Time: 3 minutes This post is going to be more applicable to companies than individuals as it is going over how to manage vulnerabilities across all your computer systems. At a super high-level, the concept of vulnerability management is pretty simple. It is all about managing your vulnerabilities. When you dive deeper, then questions start to surface. Questions […]
  • Risk and threat management
    Reading Time: 5 minutes In this blog post, I want to talk about risk management and the concept of threat modeling. Let’s start with some basic math, then dive into definitions and some examples. Table of Contents1 Definition of Risk2 Definition of Vulnerability3 Definition of Threat4 Threat Model5 Details makeup of a threat5.1 Capability5.2 Opportunity5.3 Intent Definition of Risk […]
  • Online Privacy concerns
    Reading Time: 4 minutes Today I want to talk about online privacy concerns. When it comes to online privacy, I tend to take a slightly different road than many of my cybersecurity colleagues. Many in my industry tend to preach that you should never ever under any circumstances share anything personal online. I understand where they are coming from […]
  • Scams, Frauds and other ways to loose your money
    Reading Time: 6 minutes In this installment, we’re going to look at different ways you could be separated from your money, which you may later regret. Let’s call these all Scams or Fraud, even though some don’t meet the legal or the conventional definition of those terms. Before I start, I want to mention that to many, these may […]
  • Magic of online security
    Reading Time: 5 minutes If there is one magic silver bullet that will help you maintain your online security, it is critical thinking skills. If you read my previous article on the basics of online security, you may recall that I stated there is no single thing that can automatically keep you safe. You will, therefore, recognize the title […]
  • Basics of online security
    Reading Time: 5 minutes Table of Contents1 Definitions2 Online Security basics3 Threat Modeling4 FUD and fear-mongering5 In closing Definitions Before we dive into the world of online security, let’s start with some definitions. Threat Actor: A criminal that is a threat to either a specific person or a group of people. This is a catch-all term for online criminals.  […]
  • Book Errata
    Reading Time: 3 minutes Table of Contents1 INTRO2 PUBLIC USB CHARGE STATIONS3 TRAVELING MAILBOX4 PROTONMAIL5 PRIVACY.COM INTRO This post will serve as an ongoing errata page for my book. My plan is to continuously update this post as I discover errors, issues, addendum, or just things I’d like to follow up on. PUBLIC USB CHARGE STATIONS First I want […]