Modern Web Architecture and Security This was a new term for me as I started putting together my most recent study guide. SPA, which stands for Single-Page Application. While it sounds like a simple website, an SPA represents a fundamental shift in how web applications function, bringing unique challenges to the world of information security. Read More …
Category: Computers
Connecting Code to Capital: Understanding EPS
In the IT sector, we often measure success through “per unit” metrics: requests per second, cost per gigabyte, or tickets per agent. In the world of public markets and executive leadership, the ultimate “per unit” metric is EPS, or Earnings Per Share. For an IT professional aiming for a managerial role, EPS is the bridge Read More …
Cloud Formation Example
Imagine you’re a System Administrator tasked with setting up a new environment. Traditionally, this involves a long checklist: log into the console, click through menus to create a VPC, spin up three VMs, configure storage, attach security groups, and set up a load balancer. If you need a second environment for testing, you have to do Read More …
Fine-Tuning an AI
We’ve talked about grounding (giving an AI a textbook to look at) and prompting (giving an AI clear instructions). But sometimes, you don’t just want the AI to look at a book; you want the AI to become an expert in its bones. This is called Fine-Tuning. Generalist vs. Specialist Think of a standard AI Read More …
IaC – Infrastructure as Code
The Recipe for Modern IT In the traditional world of IT, setting up a server was a craft. A sysadmin would log in, click through menus, install packages, and tweak settings until everything worked. I know, I did this job for much of my early career. But much like a chef cooking a complex signature Read More …
OIDC – OpenID Connect
Adding Identity to the Authorization Layer In the journey through information security, you will frequently encounter OAuth 2.0. While OAuth is excellent at authorization, it was never actually designed for authentication. To solve this, OIDC, or OpenID Connect, was created. Think of it this way: OAuth 2.0 is the key to a hotel room, while OIDC Read More …
Automating Infrastructure Visibility with dig
In modern cybersecurity, you cannot protect what you don’t know exists. Traditional DNS tools often give you fragmented data. You get an A record here, an SPF record there, but connecting those to an owner (WHOIS) or a risk profile (Shodan) usually requires manual effort. A Solution: One Script to Rule Them All I’ve consolidated Read More …
THE SOUND AND THE SURGE
A FRAGMENT OF THE UNCONQUERED DARK By William Faulkner It was not the machine but the wanting of the machine, the cold, calculated, and inexorable expansion of a thing that had no blood but possessed a terrible, circulating hunger for the lightning. Kevin sat there. He was a small man, a man of Tiers and Read More …
OCF – Operating Cash Flow
In the technical world, we often distinguish between “allocated memory” and “active throughput.” A system might have plenty of resources reserved, but if the data isn’t actually flowing through the pipes, the system just stalls. In finance, Operating Cash Flow (OCF) is that throughput. It is the actual cash moving into and out of the Read More …
PKCE – Proof Key for Code Exchange
Securing OAuth 2.0 for the Modern Web In the world of Information Security, acronyms often act as gatekeepers to critical concepts. One of the most vital for modern identity management is PKCE (pronounced “pixie”), which stands for Proof Key for Code Exchange. If you are new to the field, you likely know that OAuth 2.0 Read More …