DevOps, Security, Cryptography

Automating internal certificate issuance with ACME-based certificate authority

Lessons learned from running Let's Encrypt Boulder certificate authority software in the company.

Posted

#Articles

Lessons Learned Using Vault As A Secret Store

Lessons learned from the multi year operation of the HashiCorp Vault Open Source deployment.

Posted

#Articles

Notes On Threat Modeling

Notes on threat modeling from a defender's perspective.

Posted

#Articles

Photo by Jon Moore https://unsplash.com/photos/bBavss4ZQcA

Directions Of The Cybersecurity Industry

Covid crisis and the forced work-from-home comes with the rapid transformation of a traditional established company to an online only business with most of the work force working remote.

Posted

#Articles

Waze: How I Tracked Your Mother

Tracking Waze drivers with UI elements.

Posted

#Articles

Vault Authentication with YubiKey

Leverage PKCS#11 support in curl to authenticate with the Vault's TLS Certificates Auth Method

Posted

#Articles

DevOps

DevOps: easy answers, hard questions

There is a myriad of problems that comes from the "Build it, maintain it, operate it" territory.

Posted

#Articles

Validating Bitmessage public keys

Let's check if public keys are valid elliptic curve points according to a secp256k1 parameters.

Posted

#Articles