- Digital resilience: redundancy for websites and communications
How you can make your digital life more resilient when using services you don't own.
- So you're the family tech support
Privacy and online security to-dos for the home-for-the-holidays tech support hero.
- OWASP Web Security Testing Guide v4.2 released
Announcing the release of a new version of the OWASP WSTG.
- Build your own serverless subscriber list with Go and AWS
How to build your own newsletter list with DynamoDB and SES email sign up confirmations.
- WPA Key, WPA2, WPA3, and WEP Key: Wi-Fi security explained
Which one should you be using? Why Wi-Fi security matters.
- Three rules for choosing a VPN that takes your privacy seriously
The lesser-known risks of ISPs and why I chose ExpressVPN.
- Your cybersecurity starter pack
Basic security best practices to share with your non-technical friend.
- What is TLS? Transport Layer Security encryption explained in plain english
How TLS, digital certificates, and sessions help keep communications secure.
- Look mom, I'm a GitHub Action Hero
The GitHub blog interviews me for their GitHub Action Hero series.
- How to choose and care for a secure open source project
A few tricks for assessing the security of an open source project.
- If you want to build a treehouse, start at the bottom
How threat modeling and pushing left help create a stable foundation for secure software.
- Outsourcing security with 1Password, Authy, and Privacy.com
Take some work off your plate while beefing up security with three changes you can make today.
- Breaking bottlenecks 🍾
A talk on the benefits of non-blocking functions for programs, developers, and organizations.
- Three healthy cybersecurity habits
Three helpful cybersecurity new year resolutions. Happy holidays!
- Secure web forms for the front-end developer
How to design secure web forms: validate, sanitize, and control.
- The surprisingly difficult task of printing newlines in a terminal
Your guide to string interpolation quirks that confound the best of us.
- The care and feeding of an IoT device
Why IoT devices are, basically, puppies, and whether or not you should give somebody one for Christmas.
- A cron job that could save you from a ransomware attack
How a simple scheduled job can help you quickly recover from ransomware.
- Personal cybersecurity posture with too many pop culture references
Security best practices for the average person.
- Secure application architecture basics: separation, configuration, and access
A starting point for building secure application architecture, for busy developers.
- How users and applications stay safe on the Internet: it's proxy servers all the way down
An overview of how proxy servers form the basis of online anonymity, and how their use in various forms helps both users and web applications.
- Hackers are Googling your plain text passwords: preventing sensitive data exposure
Why sensitive data controls need to be established long before you think you need them, as demonstrated by Google dorking.
- SQL injection and XSS: what white hat hackers know about trusting user input
A primer on SQL injection and cross site scripting, and how to handle user input in software development.
- How to set up OpenVPN on AWS EC2 and fix DNS leaks on Ubuntu 18.04 LTS
A guide for setting up your own private VPN service, and understanding and fixing a DNS leak.