Supply Chain Security — Protecting Your Software Pipeline
In 2024, a single malicious contributor nearly compromised every Linux system on…
Tag
security engineering
15 posts
Security Ticketing and Incident Response
The worst time to figure out your incident response process is during an…
Security Mindset for Engineers — Think Like an Attacker
Most engineers think about security the way they think about flossing — they…
Secrets Management — Vault, SSM, and Secrets Manager
I’ve watched a production database get wiped because someone committed a root…
Penetration Testing Basics for Developers
Most developers think of penetration testing as something a separate security…
OWASP Top 10 for Cloud Applications
The OWASP Top 10 was written for traditional web applications. But in the cloud…
Dependency Vulnerability Detection at Scale
The average application has over 200 transitive dependencies. Each one is code…
Container Security — Docker and Kubernetes Hardening
Containers make deployment easy and security hard. That Dockerfile you copied…
Compliance Automation — SOC2 and ISO 27001
Compliance is where security meets bureaucracy — and if you handle it wrong, it…
Building a Security Pipeline — DevSecOps in Practice
Security tools that nobody runs are security theater. I’ve seen teams buy…
Auto-Remediation with Lambda — Fix Security Issues Automatically
Alerts without action are just noise. I’ve seen security teams drown in hundreds…
Code Signing — Why and How
This is Part 6 of the Cloud Security Engineering crash course. In previous parts…
Build a Cloud Security Scanner — Hands-On Project
You’ve learned the theory. Now let’s build something real. This capstone project…
CloudTrail and Security Observability
You can’t secure what you can’t see. That sounds like a bumper sticker, but it’s…
AWS IAM Security — Beyond Basic Roles
IAM is the front door to your AWS account. And most teams leave it wide open. I…