DevOps, Security, Cryptography

Lessons Learned Using Vault As A Secret Store

Lessons learned from the multi year operation of the HashiCorp Vault Open Source deployment.

Posted

#Articles

Notes On Threat Modeling

Notes on threat modeling from a defender's perspective.

Posted

#Articles

Photo by Jon Moore https://unsplash.com/photos/bBavss4ZQcA

Directions Of The Cybersecurity Industry

Covid crisis and the forced work-from-home comes with the rapid transformation of a traditional established company to an online only business with most of the work force working remote.

Posted

#Articles

Waze: How I Tracked Your Mother

Tracking Waze drivers with UI elements.

Posted

#Articles

Vault Authentication with YubiKey

Leverage PKCS#11 support in curl to authenticate with the Vault's TLS Certificates Auth Method

Posted

#Articles

DevOps

DevOps: easy answers, hard questions

There is a myriad of problems that comes from the "Build it, maintain it, operate it" territory.

Posted

#Articles

Validating Bitmessage public keys

Let's check if public keys are valid elliptic curve points according to a secp256k1 parameters.

Posted

#Articles

Commercial Cryptographic Key Management in 2018

Modern key management in a large organization is primarily described by bureaucratic procedures and compliance requirements due to financial liability. No one personnel hold all the keys required for a task. To minimize the need for trust in a day to day operations, the problem is partially solved with the three basic principles - separation of duties, dual control and split knowledge.

Posted

#Articles