Also , there are no life preservers. In a recent reflection on conversations I’ve had, I’ve noticed a recurring theme that highlights the disconnect between non-IT professionals and security experts regarding data handling and application deployment. Non-IT individuals often enthusiastically present their newly developed applications that utilize specific data and share it with various users, Read More …
Category: Soapbox
I might rat on a few things in this field here and there.
Chats with AI – Shadows in the Cloud
In the bustling city of Techhaven, where skyscrapers gleamed with digital screens and the hum of innovation filled the air, a tech company named Cloud Sphere was making waves. Known for its cutting-edge cloud solutions, Cloud Sphere had rapidly become a leader in the industry. However, beneath the surface of success, a storm was brewing. Read More …
Chat with AI – Cloud Only Hacker
Attackers are increasingly able to meet their objectives by compromising corporate cloud accounts and subsequently moving laterally within the cloud environment, often without needing to breach individual endpoints. Several factors are driving this trend: Expanded Attack Surface in the Cloud: As organizations increasingly adopt cloud services and SaaS solutions, the attack surface has grown larger Read More …
What is Urbit OS?
Urbit is a decentralized, peer-to-peer network and operating system designed to give users complete control over their digital activities and data, offering a more private, secure, and durable alternative to the current internet. Here’s a more detailed breakdown: [2, 4, 6] Decentralized and Peer-to-Peer: Unlike the traditional client-server internet model, Urbit is built on a Read More …
How Tech Billionaires Plan to Destroy America
A look into how the tech leaders may be using the new administration to achieve their own agenda. Looking specifically at Peter Thiel, Elon Musk, Marc Andreessen, Ben Horowitz, Brian Armstrong, and David Sacks as well as their relationship with figures like JD Vance, Balaji Srinivasan, and Curtis Yarvin. There is a focused discussion on Read More …
The Dangers of Project Russia
A wonderfully frightening read. My friends and family will attest, that many times I have stated that we are in open warfare with Russia in the internet/ technological realm of things. The Russia Information Warfare Manual is a very good read. The books offered a detailed program of spiritual warfare against Western democracies culminating in Read More …
Don’t track my kids
A blurb of a post this time, but something I want to make sure everyone is aware of. Remember, Remember If your kids are a member Then they became the product and the future is out of luck Don’t track my kids We need to make sure our kids get a chance to be kids, Read More …
Decoupling CI/CD from deployment
Decoupling CI/CD from deployment allows teams to build, test, and deploy code changes independently, offering more flexibility and control over releases, enabling faster feedback loops and risk reduction. Why Decouple? Improved Control and Stability: By separating deployment (moving the code to production) from release (making the code available to users), teams can deploy new versions of Read More …
Looking at Attack Surface Mapping
Hot Take Incomming……. Warning…… I am going to come right out and say it, and it will sound completely arrogant, but I think the majority of Attack Surface Mapping vendors out there are doing it wrong. ASM for those who are new to blogs like these, stands for Attack Surface Mapping. This process is meant Read More …
Notes on “Paved Road”
Lessons from Securing Internal Applications WebappSec Link Building a Security Platform Engineering Team “”” I’m a big fan of building security into existing processes, a term coined as “secure paved roads” by Jason Chan, Ex-Netflix CISO. The idea behind this is that security should mostly be invisible. The average employee should simply not have to Read More …