|
Cloud security fundamentals part 4: Align and automate with policy as code
-
snyk.io
-
3 years ago
-
eng
A discussion of the fourth of five fundamentals of cloud security: aligning and automating with policy as code. (Part four in a five-part series.)
|
|
Table of Contents The Space: Real-Time Stream Processing The Environment: A Start-up The Team: One of a Kind Outlook It’s my first week as a software engineer at Decodable, a start-up building a serverless real-time data platform! When I shared this news on social media yesterday, folks were not only super supportive and excited for me (thank you so much for all the nice words and wishes!), but some also asked about the reasons behind my de..
|
|
Table of Contents The Space: Real-Time Stream Processing The Environment: A Start-up The Team: One of a Kind Outlook It’s my first week as a software engineer at Decodable, a start-up building a serverless real-time data platform! When I shared this news on social media yesterday, folks were not only super supportive and excited for me (thank you so much for all the nice words and wishes!), but some also asked about the reasons behind my de..
|
|
OpenSSL has released two high severity vulnerabilities — CVE-2022-3602 and CVE-2022-3786 — related to buffer overrun.
|
|
2 Months ago I got my Thelio Desktop and I have been using it daily ever since, today I wrote a review about, I hope you find it useful
|
|
2 Months ago I got my Thelio Desktop and I have been using it daily ever since, today I wrote a review about, I hope you find it useful
|
|
If you’ve been looking for an effective way to establish a Ruby on Rails Docker setup for your local development environment, then this post is for you. It’s a continuation of our previous article on how to install Ruby in a macOS for local development.
|
|
Large organizations’ choices influence my decisions in only one way: by telling me what users are familiar with. For instance: when building a search-results page, it might make sense to borrow the basic semantics of existing search engines (Google, Bing, etc.) so the interface is familiar. It doesn’t make sense to blatantly violate WCAG (especially at the “A” level!) just because big companies do. The companies you cite know they won’t g..
|
|
Speaking generally: I think most website security scanners (Webbkoll, Observatory, et al) lend themselves to cargo-cults. You don’t need most Content Security Policy directives for a PNG file, for instance. Warning against a missing X-Frame-Options feels wrong: even the latest version of iOS 9—the oldest iOS release to support secure TLS 1.2 ECDSA ciphers—seems to support frame-ancestors (correct me if I’m wrong). Internet.nl is a bit..
|
|
I have a cold right now and just about wrote a pretty lengthy article about just how good Puffs Bathroom Tissues are compared to normal tissues but it came off pretty delirious and Proctor and Gamble really doesn’t need the press, so - here: Puffs Bathroom Tissues with Lotion are really good and you’re a sucker if you use any other brand of bathroom tissues when you’re sick.
|
|
The increasing popularity of cloud technology has created a growing need for effective cloud security. Instead of simply expanding the size of security teams, organizations can improve their cloud security posture using policy as code.
|
|
I was recently browsing through an old archive of holiday photos (from dired of course). I wanted to know where the photo was taken, which got me interested in extracting Exif metadata. Luckily the exiftool command line utility does the heavy lifting when it comes to extracting metadata. Since I want it quickly accessible from Emacs (in either dired or current buffer), a tiny elisp snippet would give me just that (via dwim-shell-co....
|
|
In the first post , we introduced embedded devices and started to scour through and extract information from Reolink IP camera firmware. At the end of the post, we ran Binwalk, which showed various types of files such as Flattened Device Tree, uImage Header, and UBI File System. -Continue to read the article on SerHack.me
|
|
MapTiler Server 4.2 has many improvements, giving you API controls, Static maps, WMS services and High DPI maps.
|
|
Why is self-control so hard? Even though you have control over what you choose to do, you may find yourself in the puzzling position of regretting the decisions of your prior self. For instance, if you need to lose weight but you bust your calorie budget with that extra piece of cake, you appear to be knowingly acting against your own “better judgment.” In this case, better judgment captures the tension between the preferences of y....
|
|
In recent years Mexico City has developed a thriving tech scene, with new startups putting roots, vying for talent, and contributing to a slew of events and conferences in the city. Mexico on Rails meetup has been an integral part of the ecosystem, meeting regularly to connect and discuss Ruby on Rails and web development. But the pandemic put most of this activity on hold. While discussing this recently with my Doximity colleague Sam....
|
|
I aspire to at least have a pull request with those features. Generous use of git rebase make it possible for very commit. This requires some planning ahead and cleanup but makes reviews now or later so much easier.
|
|
Finite-sample Gaussian efficiency of the Harrell-Davis median estimator
-
aakinshin.net
-
3 years ago
-
eng
In this post, we explore finite-sample and asymptotic Gaussian efficiency values of the sample median and the Harrell-Davis median.
|
|
Today marks five years since I started working at Íslandsbanki, and as of today, I have resigned my position with the company. Now five years is not a long time, yet much has happened since my first day at the office. I got hired into a newly formed team of experts, each with their own deep knowledge in respective niches, that was given the mandate to “shake things up” in the IT product space at the bank.
|
|
Today marks five years since I started working at Íslandsbanki, and as of today, I have resigned my position with the company. Now five years is not a long time, yet much has happened since my first day at the office. I got hired into a newly formed team of experts, each with their own deep knowledge in respective niches, that was given the mandate to “shake things up” in the IT product space at the bank.
|
|
Finite-sample Gaussian efficiency of the Harrell-Davis median estimator
-
aakinshin.net
-
3 years ago
-
eng
In this post, we explore finite-sample and asymptotic Gaussian efficiency values of the sample median and the Harrell-Davis median.
|
|
Highlights of last month - Enjoyed my time in NYC catching up with many people - Released some new features for Postcard - Got a new photo 🤔 Things worth sharing - Reading How to make great coffee ...
|
|
How to protect your website from attacks using Cloudflare WAF and Rate Limiting
-
akashrajpurohit.com
-
3 years ago
-
eng
In this article, I will explain how I was able to protect my website from attackers and how you can too using Cloudflare WAF and rate limiting.
|
|
How to protect your website from attacks using Cloudflare WAF and Rate Limiting
-
akashrajpurohit.com
-
3 years ago
-
eng
In this article, I will explain how I was able to protect my website from attackers and how you can too using Cloudflare WAF and rate limiting.
|
|
Learn how to easily create a software bill of materials (SBOM) for your Java applications in Maven and Gradle.
|
|
Here are the top five AWS misconfigurations you should be aware of to prevent potential security gaps in your infrastructure.
|
|
Earlier this month, Google re-branded its WebP2 repository to clarify that WebP 2 will not be released as an image format. . This week, Google deprecated Chromium’s off-by-default JPEG-XL support , citing a lack of interest and improvement over existing formats. Most commits to libjxl , the reference JPEG-XL implementation, are from “google.com” email addresses; I imagine that this decision could impact libjxl development. I doubt we’l..
|
|
Quick tip: Use first image of Woocommerce product gallery as post thumbnail
-
jaimemartinez.nl
-
3 years ago
-
eng
So I have a client who wanted to reuse Woocommerce Product gallery functionality somewhere else on the page, but didn’t needed to set a Featured Image for each individual product. The culprit Because the Woocommerce code checks if your product has a post thumbnail set, it won’t display the gallery if that’s empty. https://github.com/woocommerce/woocommerce/blob/trunk/plugins/woocommerce/templates/single-product/product-thumbnails.php#L29 Th..
|
|
Learn about the top five Docker vulnerabilities or CVEs development teams should watch out for, and how to remediate them.
|
|
I was recently stuck in traffic (which is a rare occurrence given I work remotely) so I took the opportunity to observe my surroundings. The…
|
|
I like photographing birds. I take our dog for a walk, drink a coffee, then I often go to the yard to capture those feathered creatures. It’s a ritual to collect my thoughts and prepare for the day. There might be a few lessons there which are applicable for another parts of life (and work).
|
|
An upcoming release of OpenSSL, scheduled for November 1, 2022, addresses a critical security vulnerability. This post explains how to detect the vulnerability in your code and describes mitigation steps.
|