This self-hosted SaaS passed its ISO 27001 audit, here’s the dashboard that did it

devops security sre sysadmin

Things I learnt about passkeys when building passkeybot

cryptography security

Practical Security in Production - ACM Queue

cplusplus security

Using GCP Service account on a VM on AWS without creating Credentials Json File

devops security sysadmin

smallstep/cli - A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc

cryptography security

You can make the NS record for the _acme-challenge.domain.tld point to another s… | Hacker News

Some good approaches to handling ACME DNS challenges.

devops security sysadmin

Google Zanzibar

distributed systems security

Frequent reauth doesn’t make you more secure

security

You Shall Not Pass: Fine Grained Access Control with Row Level Security

databases security

Why are banks still getting authentication so wrong?

security

Hardening GitHub Actions: Lessons from Recent Attacks | Wiz Blog

devops security sysadmin

Intuiting TLS | protty

cryptography security

CaMeL offers a promising new direction for mitigating prompt injection attacks

ai security

whose github actions am I running?

devops security

Avoiding downtime: modern alternatives to outdated certificate pinning practices

cryptography security

AnarSec | Make Your Electronics Tamper-Evident

security

CandyCodes: simple universally unique edible identifiers for confirming the authenticity of pharmaceuticals | Scientific Reports

security

Thinkst Canary

security

You shouldn’t be running NSA grade wifi at home. Here’s how to do it.

cryptography hardware networking security

Simple OIDC Tutorial

python security

zitadel/oidc: Easy to use OpenID Connect client and server library written for Go and certified by the OpenID Foundation

golang security

Building cross-cloud identity federation in Go for secure data sharing

devops golang security

Pathways to Best Cloud Security Posture Review in GCP | by BRK0018 | Medium

devops security

Perfectly Reproducible, Verified Go Toolchains - The Go Programming Language

devops golang security

Unlocking LUKS2 volumes with TPM2, FIDO2, PKCS#11 Security Hardware on systemd 248

linux security sysadmin yubikey

patte/fly-tailscale-exit: Run a VPN with global exit nodes with fly.io, tailscale and github!

linux security sysadmin

The problem with OAuth for Authentication. | Thread Safe

security

Why is OAuth still hard in 2023? | Nango Blog

security

How to test and validate DNSSEC using dig command line - nixCraft

networking security sysadmin

patte/fly-tailscale-exit: Run a VPN with global exit nodes with fly.io, tailscale and github!

security sysadmin

Announcing session recording for Tailscale SSH in beta

security sysadmin

OPA Series Part 1: Open Policy Agent and Terraform | Scaling Terraform | scalr

devops security terraform

SourceCode-AI/aura: Python source code auditing and static analysis on a large scale

python security

Ceremonial Security and Cargo Cults

compliance security

introducing flan scan Cloudflare’s network intrusion detection scanner.

security sysadmin

fleet

security sysadmin

secure

django python security

A short overview of Passkeys, and how to use them to secure your infra

security

Elixir/Phoenix Security: Rate Limits for Authentication with Hammer

elixir security

nccgroup/sobelow: Security-focused static analysis for the Phoenix Framework

elixir security

Shun keeps your HTTP secrets safe

elixir security

Securing Elixir/Phoenix Applications: 5 Tips to Get Started

elixir security

terraform-linters/tflint-ruleset-opa: Experimental: TFLint ruleset plugin for writing custom rules in Rego.

devops security terraform

Enforce and validate AWS tags with Atlantis OPA Terraform | by Wendell | Jan, 2023 | Medium

devops security terraform

Navigating Safety: A Beginner’s Guide to Implementing Terraform Guardrails with OPA

devops security terraform

Cloud Governance Using Infrastructure as Code

devops security terraform

How Early-Stage Startups Can Enlist The Right Amount of Security As They Grow | First Round Review

security

stripe/smokescreen: A simple HTTP proxy that fogs over naughty URLs

distributed systems golang security

checkov

IaC compliance checker.

devops security

My age YubiKeys Password Management Solution

security sysadmin yubikey