Summary of the book: https://www.amazon.com/Threat-Modeling-Designing-Adam-Shostack/dp/1118809998 Overall a superb introduction to the activity of performing threat modeling of software. Although, some chapters do feel like filler content, and the crux of the topic lies in a handful of chapters. Threat Modeling of the System The purpose of threat modeling is to elicit the possible attacks that […]
In this post, we’re gonna talk about Zero Trust Networks and Architectures. Zero Trust, like DevOps, isn’t a set of tools that you buy and suddenly you have Zero Trust, but rather it’s also about culture, policies, and more broadly, organization of resources. The whole premise of Zero Trust is to move away from the […]
Shift from being an effective Problem Solver to an effective Problem Finder. Shift from being an effective Information Gather to an effective Information Curator. Seek to curate information, not collate information. The world is filled with information, and many times the customer faces information overload. Simply bombarding them with endless information, technical specifications, user manuals, […]
We’re all mostly familiar with DevOps, which a culture or methodology a company takes that enables quick deployment time. The main principles of DevOps in this case heavily relies on automation of several tasks, from build the program, running test cases, creating of environments, and deploying it to staging or production. The first two tasks […]
Summary of two books: Extreme Ownership and The Dichotomy of Leadership. In the first book, it covers on the principles of Extreme Ownership, which is to place a lot of agency and responsibility onto yourself. In the second book, it talks about the challenges and balances one must take to be a successful leader. Extreme […]
We know that Python is fast when it comes to general scripting use cases, and I’ve always been an ardent user of Python, from version 2 to 3 and its painful migration. Only recently, have I decided to pick up another language, GoLang, and was surprised to see that it was way faster. Although GoLang […]
This book talks about the geopolitics surround hacking and nation state motivations. Its really interesting because you get to understand some of the mindsets and motivations a state, or an activist group has when performing a cyber attack against another entity. The book neatly segregates the motivations into 3 sections: Shaping, Signaling and Shaping Shaping […]
With all the news surrounding the breach of SolarWinds update server, and subsequently a majority of clients downloading and installing a backdoor, there has been a lot of analysis of the malware, and the supposed DGA that is being generated. I’m here to question if the behavior fits more of a DNS tunneling event, instead […]
A review of the book The Road To Character. Every once in awhile I stumble upon a book that is fantastic, thought provoking, questions my mental models, and opens views to the world that I have not seen before. This book, despite its big Christian undertone, is one of them. The broad idea behind the […]
A book not only about DevOps, but about the surrounding culture to enable it Click here for the book This book breaks things down nicely into the actionable segments that you can take to enable a fast and dynamic organization. It talks about DevOps, but you’ll come to realize that it’s not all about DevOps, […]
