Review of The Art of Learning

“The Art of Learning” is a book by Josh Waitzkin, a former child prodigy and international chess master, that shares his personal story of how he became a master in two different disciplines: chess and martial arts. The book explores Waitzkin’s journey and the lessons he learned about the process of learning, focusing on topics … Read more

Secure Design Principles

There are many design principles that can help make applications more secure. Some of these principles are: – Use strong authentication and authorization controls. – encrypt all data in transit. – use least privilege principle when designing access control policies. – never store sensitive information in plain text. – harden systems and keep them up … Read more

Security Tools and Resources

Security Resources Common Weakness Enumeration (CWE) The CWE is a “list of software weaknesses.” It catalogs and defines types of vulnerabilities, so that these can be easily discussed and addressed. The common Weakness Enumeration (CWE) includes examples of code that have each been identified as having a specific software weakness. The CWE is sponsored by … Read more

DevOps Security Handbook

I have decided to start writing a handbook on DevOps Security Practices and release it for free right here on my blog. Eventually, it may be released in print, however at present my intention is to have this be a practical resource for DevOps Engineers in thier day to day jobs and it makes sense … Read more

The pillars of the AWS Well-Architected Framework

Name Description Operational Excellence The ability to support development and run workloads effectively, gain insight into their operations, and to continuously improve supporting processes and procedures to deliver business value. Security The security pillar describes how to take advantage of cloud technologies to protect data, systems, and assets in a way that can improve your … Read more

Understanding Layer 7 and Layer 4

Layer 7 Layer 7 is a term used to refer to the seventh and highest layer of the seven-layer Open Systems Interconnect  (OSI) reference model for computer networking.  The OSI model is a method of describing how data moves between two networked devices. This layer, also known as the application layer, supports end-user applications and … Read more