Istio Network Policies
A quick look at configuring network policies and authorization policies in Istio
Dockerfile Linting
Let’s look at linting our Dockerfiles with hadolint
Debug Docker images with Dive
Let’s look at using Dive to debug docker images
CircleCI OPA Policies
Help protect against insider threats with OPA policies
Show Gitleaks Code Snippet
Quick bash script to retrieve the surrounding code snippet from gitleaks fingerprint
Security Cert Study Notes
My study notes for a security cert
Using AWS Vault with SSO
Let’s look at using aws-vault with SSO
SNS Data Protection Example
Automatically scan for PII by using the SNS message data protection feature
Using Redshift in a private subnet
Looking at different ways we can connect Redshift and Lambdas inside of a private subnet to SecretsManager
Terraform - Place your EC2 instance in a private subnet
Looking at different ways we can connect Redshift and Lambdas inside of a private subnet to SecretsManager
How to restrict access to a single S3 bucket
We look at how to create a policy for giving full access to a single S3 bucket in AWS
Magento Tips - Pentest with sqlmap
How do I test my magento site for common sql injection vulnerabilities
Magento Tips - Solve .user.ini issue
How to solve the .user.ini issue raised by the Magento Security Scan
Docker Tips - UFW
By default docker will override UFW, it is important to be aware of this so that you do not expose your docker containers to the world.
Prevent traversal attacks in Magento 2
As a rule of thumb, never roll out your own security. If you have a modern framework at your disposal then it is much easier to follow their best practice.
PHP Security Tips - open_basedir
This feature takes seconds to configure, and adds a layer of protection in the case of a directory traversal vulnerability.
My Certifications
Cloud Patterns
