Exploit Prediction Scoring System (EPSS)
A look at the Exploit Prediction Scoring System (EPSS) for vulnerability management
OWASP Software Component Verification Standard (SCVS)
A look at some of the fundamental controls for each of the SCVS levels
Book Club: Cloud Native DevOps with Kubernetes
Five Meaningful Takeaways I hope you find useful from Cloud Native DevOps with Kubernetes by John Arundel and Justin Domingus
An Incomplete Look at Vulnerability Databases & Scoring Methodologies
A look at some of the fundamental vulnerability databases and scoring methodologies currently in use in the industry
How I Passed the AWS Certified Security - Specialty Exam
Tips and recommended materials used to pass the exam.
Threat Detection on EKS – Comparing Falco and GuardDuty For EKS Protection
A comparison of Falco and GuardDuty for EKS Protection.
Psychological Safety: Easier Said than Done
Knowing is only the first step. Doing takes practice.
Psychological Safety
Learn about psychological safety, its importance, and how to foster it in your teams.
Auto Remediation with Eventbridge, Step Functions, and the AWS SDK Integration
Learn how to use the AWS SDK for Step Functions to auto-remediate findings.
Supply Chain Risk Management
Supply chain security is rapidly becoming a top concern of most technology and security leaders. This article will examine some of the background, relevant efforts, incidents and best practices around securing the software supply chain.
Using Semgrep to find security issues and misconfigurations in AWS Cloud Development Kit projects
Learn how to find security issues and misconfigurations in AWS Cloud Development Kit projects with Semgrep.
