Supply Chain Security — Protecting Your Software Pipeline
In 2024, a single malicious contributor nearly compromised every Linux system on…
Tag
security engineering
15 posts
Security Mindset for Engineers — Think Like an Attacker
Most engineers think about security the way they think about flossing — they…
Security Ticketing and Incident Response
The worst time to figure out your incident response process is during an…
OWASP Top 10 for Cloud Applications
The OWASP Top 10 was written for traditional web applications. But in the cloud…
Secrets Management — Vault, SSM, and Secrets Manager
I’ve watched a production database get wiped because someone committed a root…
Penetration Testing Basics for Developers
Most developers think of penetration testing as something a separate security…
Container Security — Docker and Kubernetes Hardening
Containers make deployment easy and security hard. That Dockerfile you copied…
Dependency Vulnerability Detection at Scale
The average application has over 200 transitive dependencies. Each one is code…
CloudTrail and Security Observability
You can’t secure what you can’t see. That sounds like a bumper sticker, but it’s…
Code Signing — Why and How
This is Part 6 of the Cloud Security Engineering crash course. In previous parts…
Compliance Automation — SOC2 and ISO 27001
Compliance is where security meets bureaucracy — and if you handle it wrong, it…
AWS IAM Security — Beyond Basic Roles
IAM is the front door to your AWS account. And most teams leave it wide open. I…
Auto-Remediation with Lambda — Fix Security Issues Automatically
Alerts without action are just noise. I’ve seen security teams drown in hundreds…
Building a Security Pipeline — DevSecOps in Practice
Security tools that nobody runs are security theater. I’ve seen teams buy…
Build a Cloud Security Scanner — Hands-On Project
You’ve learned the theory. Now let’s build something real. This capstone project…