Finch Feed for anders / security/u/anders/c/security/feed/2024-01-12T11:45:46ZFinch Channel feedandersandersanders: Jan 12, 2024 at 11:45am (UTC)2024-01-12T11:45:46Ztag:,2024-01-12:/u/anders/p/e492bf3e-d6bc-4418-5360-6bde2cf882e2/<h4><a href="https://smallstep.com/blog/home-network-eap-tls-wifi/">You shouldn't be running NSA grade wifi at home. Here's how to do it.</a></h4>
andersandersanders: Dec 8, 2023 at 9:20pm (UTC)2023-12-08T21:20:05Ztag:,2023-12-08:/u/anders/p/1887bce5-dce0-44d1-60dc-3e184c8a6841/<h4><a href="https://spapas.github.io/2023/11/29/openid-connect-tutorial/">Simple OIDC Tutorial</a></h4>
andersandersanders: Dec 4, 2023 at 8:09am (UTC)2023-12-04T08:09:15Ztag:,2023-12-04:/u/anders/p/2e17797f-93a3-4e84-617a-5a505bc69d00/<h4><a href="https://github.com/zitadel/oidc">zitadel/oidc: Easy to use OpenID Connect client and server library written for Go and certified by the OpenID Foundation</a></h4>
andersandersanders: Oct 17, 2023 at 8:47am (UTC)2023-10-17T08:47:43Ztag:,2023-10-17:/u/anders/p/29fd450c-232e-4ca1-45f0-ac8f044555b7/<h4><a href="https://www.prequel.co/blog/building-cross-cloud-identity-federation-in-go">Building cross-cloud identity federation in Go for secure data sharing</a></h4>
andersandersanders: Sep 1, 2023 at 8:58am (UTC)2023-09-01T08:58:57Ztag:,2023-09-01:/u/anders/p/804e154d-1457-43c4-54a4-7c5ec29ffe18/<h4><a href="https://brk0018.medium.com/pathways-to-best-cloud-security-posture-review-in-gcp-6b31b3cb9305">Pathways to Best Cloud Security Posture Review in GCP | by BRK0018 | Medium</a></h4>
andersandersanders: Aug 29, 2023 at 8:55am (UTC)2023-08-29T08:55:00Ztag:,2023-08-29:/u/anders/p/3e400bf0-b2e5-46ca-550d-b5a2e6b84183/<h4><a href="https://go.dev/blog/rebuild">Perfectly Reproducible, Verified Go Toolchains - The Go Programming Language</a></h4>
andersandersanders: Jul 2, 2023 at 10:28am (UTC)2023-07-02T10:28:33Ztag:,2023-07-02:/u/anders/p/6c3352d6-c945-46d9-5d3d-ff5099efb100/<h4><a href="https://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html">Unlocking LUKS2 volumes with TPM2, FIDO2, PKCS#11 Security Hardware on systemd 248</a></h4>
andersandersanders: Jun 29, 2023 at 6:50am (UTC)2023-06-29T06:50:39Ztag:,2023-06-29:/u/anders/p/8e935e7c-1d08-4af6-70f6-d0f9791a0e13/<h4><a href="https://github.com/patte/fly-tailscale-exit">patte/fly-tailscale-exit: Run a VPN with global exit nodes with fly.io, tailscale and github!</a></h4>
andersandersanders: Jun 26, 2023 at 7:57pm (UTC)2023-06-26T19:57:18Ztag:,2023-06-26:/u/anders/p/29207ad1-c500-4f71-4852-fddf91cced94/<h4><a href="http://www.thread-safe.com/2012/01/problem-with-oauth-for-authentication.html">The problem with OAuth for Authentication. | Thread Safe</a></h4>
andersandersanders: Jun 11, 2023 at 9:56am (UTC)2023-06-11T09:56:34Ztag:,2023-06-11:/u/anders/p/501d2a68-c2c1-4f2b-5f72-6eae7db963be/<h4><a href="https://www.nango.dev/blog/why-is-oauth-still-hard">Why is OAuth still hard in 2023? | Nango Blog</a></h4>
andersandersanders: May 28, 2023 at 9:52am (UTC)2023-05-28T09:52:01Ztag:,2023-05-28:/u/anders/p/76a83885-bdd4-478c-5afd-a8b5c928949f/<h4><a href="https://www.cyberciti.biz/faq/unix-linux-test-and-validate-dnssec-using-dig-command-line/">How to test and validate DNSSEC using dig command line - nixCraft</a></h4>
andersandersanders: May 25, 2023 at 9:03am (UTC)2023-05-25T09:03:44Ztag:,2023-05-25:/u/anders/p/e167a809-fe4f-4d1d-5ed3-0a65ee328d97/<h4><a href="https://github.com/patte/fly-tailscale-exit">patte/fly-tailscale-exit: Run a VPN with global exit nodes with fly.io, tailscale and github!</a></h4>
andersandersanders: May 14, 2023 at 7:35pm (UTC)2023-05-14T19:35:57Ztag:,2023-05-14:/u/anders/p/c413fdbf-d090-4474-5957-b8e54afb9a32/<h4><a href="https://tailscale.com/blog/session-recording-beta/">Announcing session recording for Tailscale SSH in beta</a></h4>
andersandersanders: Apr 22, 2023 at 8:13am (UTC)2023-04-22T08:13:00Ztag:,2023-04-22:/u/anders/p/e961003f-665e-453b-6b6f-0477ba446b74/<h4><a href="https://medium.com/scalr/opa-series-part-1-open-policy-agent-and-terraform-scaling-terraform-80fa11c0ded0">OPA Series Part 1: Open Policy Agent and Terraform | Scaling Terraform | scalr</a></h4>
andersandersanders: Apr 11, 2023 at 12:39pm (UTC)2023-04-11T12:39:48Ztag:,2023-04-11:/u/anders/p/c1c4ace1-129d-4269-76c6-e654c797b289/<h4><a href="https://github.com/SourceCode-AI/aura">SourceCode-AI/aura: Python source code auditing and static analysis on a large scale</a></h4>
andersandersanders: Mar 11, 2023 at 4:13pm (UTC)2023-03-11T16:13:07Ztag:,2023-03-11:/u/anders/p/bc4c327f-8ee4-4c4c-4d9b-e110ff6c2dce/<h4><a href="https://www.philvenables.com/post/ceremonial-security-and-cargo-cults">Ceremonial Security and Cargo Cults</a></h4>
andersandersanders: Mar 11, 2023 at 3:55pm (UTC)2023-03-11T15:55:00Ztag:,2023-03-11:/u/anders/p/e343cb53-a338-43d4-516b-dec069b293f2/<h4><a href="https://blog.cloudflare.com/introducing-flan-scan/">introducing flan scan</a> Cloudflare's network intrusion detection scanner.</h4>
andersandersanders: Mar 11, 2023 at 3:52pm (UTC)2023-03-11T15:52:24Ztag:,2023-03-11:/u/anders/p/77b1e061-3d58-45dc-6a6a-f93d7e698ad6/<h4><a href="https://github.com/fleetdm/fleet">fleet</a></h4>
andersandersanders: Mar 11, 2023 at 3:52pm (UTC)2023-03-11T15:52:03Ztag:,2023-03-11:/u/anders/p/6cf0a931-ac67-4621-6d96-3f24c5ca286f/<h4><a href="https://pypi.org/project/secure/">secure</a></h4>
andersandersanders: Feb 24, 2023 at 3:01pm (UTC)2023-02-24T15:01:40Ztag:,2023-02-24:/u/anders/p/0503483a-1378-4834-7416-ed617d28d30d/<h4><a href="https://goteleport.com/blog/passkeys/">A short overview of Passkeys, and how to use them to secure your infra</a></h4>
andersandersanders: Feb 23, 2023 at 3:46pm (UTC)2023-02-23T15:46:30Ztag:,2023-02-23:/u/anders/p/156cc1f0-3079-407d-6040-c432465a2a84/<h4><a href="https://paraxial.io/blog/auth-rate-limit">Elixir/Phoenix Security: Rate Limits for Authentication with Hammer</a></h4>
andersandersanders: Feb 23, 2023 at 2:32pm (UTC)2023-02-23T14:32:17Ztag:,2023-02-23:/u/anders/p/09d22980-443b-46fc-7429-363570e2c713/<h4><a href="https://github.com/nccgroup/sobelow">nccgroup/sobelow: Security-focused static analysis for the Phoenix Framework</a></h4>
andersandersanders: Feb 17, 2023 at 4:18pm (UTC)2023-02-17T16:18:04Ztag:,2023-02-17:/u/anders/p/6a403d49-a2fd-4f30-659e-9d401847a1b6/<h4><a href="https://codecodeship.com/blog/2023-02-13-shun-keeps-your-http-secrets-safe?utm_source=elixirweekly">Shun keeps your HTTP secrets safe</a></h4>
andersandersanders: Feb 17, 2023 at 1:15pm (UTC)2023-02-17T13:15:00Ztag:,2023-02-17:/u/anders/p/0f0ad2a6-a942-47df-6853-6e6d07ad59fc/<h4><a href="https://paraxial.io/blog/securing-elixir">Securing Elixir/Phoenix Applications: 5 Tips to Get Started</a></h4>
andersandersanders: Feb 9, 2023 at 10:16am (UTC)2023-02-09T10:16:19Ztag:,2023-02-09:/u/anders/p/7566b632-46b8-475f-69d3-5f563d503f81/<h4><a href="https://github.com/terraform-linters/tflint-ruleset-opa">terraform-linters/tflint-ruleset-opa: Experimental: TFLint ruleset plugin for writing custom rules in Rego.</a></h4>
andersandersanders: Feb 9, 2023 at 10:16am (UTC)2023-02-09T10:16:02Ztag:,2023-02-09:/u/anders/p/26c8f240-ed16-4f1a-5af5-235e9d8acb99/<h4><a href="https://medium.com/@wendellbarcellos/enforce-and-validate-aws-tags-with-atlantis-opa-terraform-46f7bfd453cb">Enforce and validate AWS tags with Atlantis OPA Terraform | by Wendell | Jan, 2023 | Medium</a></h4>
andersandersanders: Feb 4, 2023 at 11:40am (UTC)2023-02-04T11:40:01Ztag:,2023-02-04:/u/anders/p/5fec0103-26d7-41e6-5726-08ab175a5c24/<h4><a href="https://compellingcloud.substack.com/p/navigating-safety-a-beginners-guide">Navigating Safety: A Beginner's Guide to Implementing Terraform Guardrails with OPA</a></h4>
andersandersanders: Feb 4, 2023 at 11:39am (UTC)2023-02-04T11:39:12Ztag:,2023-02-04:/u/anders/p/2aa6d5a7-c166-493e-679a-154ef7b04881/<h4><a href="https://compellingcloud.substack.com/p/cloud-governance-using-infrastructure">Cloud Governance Using Infrastructure as Code</a></h4>
andersandersanders: Feb 2, 2023 at 11:25am (UTC)2023-02-02T11:25:32Ztag:,2023-02-02:/u/anders/p/60e9dcbf-5416-44e6-65be-9b189ae3bfb2/<h4><a href="https://review.firstround.com/how-early-stage-startups-can-enlist-the-right-amount-of-security-as-they-grow">How Early-Stage Startups Can Enlist The Right Amount of Security As They Grow | First Round Review</a></h4>
andersandersanders: Feb 2, 2023 at 11:21am (UTC)2023-02-02T11:21:42Ztag:,2023-02-02:/u/anders/p/e6186658-987a-4282-496c-49e23d485ff7/<h4><a href="https://github.com/stripe/smokescreen">stripe/smokescreen: A simple HTTP proxy that fogs over naughty URLs</a></h4>
andersandersanders: Feb 1, 2023 at 1:39pm (UTC)2023-02-01T13:39:31Ztag:,2023-02-01:/u/anders/p/7fca9ad9-82d6-4c13-755c-af977ed08d2e/<h4><a href="https://www.checkov.io/">checkov</a></h4>
<p>IaC compliance checker.</p>
andersandersanders: Dec 29, 2022 at 2:04pm (UTC)2022-12-29T14:04:57Ztag:,2022-12-29:/u/anders/p/2d90bb12-d6da-445f-5faf-58355473ea24/<h4><a href="https://words.filippo.io/dispatches/passage/">My age YubiKeys Password Management Solution</a></h4>
andersandersanders: Dec 26, 2022 at 10:15am (UTC)2022-12-26T10:15:12Ztag:,2022-12-26:/u/anders/p/a528839f-a166-4188-6929-68e96bbcd195/<h4><a href="https://github.com/AlfioEmanueleFresta/xdg-credentials-portal">xdg credentials portal</a> - FIDO over DBUS</h4>
andersandersanders: Dec 26, 2022 at 10:07am (UTC)2022-12-26T10:07:27Ztag:,2022-12-26:/u/anders/p/f32276aa-f591-4afc-7a61-9bc08da14f01/<h4><a href="https://en.wikipedia.org/wiki/Lockout%!E(MISSING)2%93tagout">Lockout Tagout</a></h4>
andersandersanders: Nov 21, 2022 at 10:16pm (UTC)2022-11-21T22:16:48Ztag:,2022-11-21:/u/anders/p/45cf7a17-5697-419b-7f70-40aaf7439fef/<h4><a href="http://allsoftwaresucks.blogspot.com/2022/11/why-cve-2022-3602-was-not-detected-by.html">I hate software: Why CVE-2022-3602 was not detected by fuzz testing</a></h4>
andersandersanders: Nov 21, 2022 at 11:23am (UTC)2022-11-21T11:23:24Ztag:,2022-11-21:/u/anders/p/45f69d36-e52a-4ebf-5df5-f8ef486543db/<h4><a href="https://blog.kellybrazil.com/2019/12/05/microservice-security-design-patterns-for-kubernetes-part-1/">Microservice Security Design Patterns for Kubernetes (Part 1) - Brazil's Blog</a></h4>
andersanders