Breaking down the robust silos between software and security teams is a crucial step for DevSecOps implementation. This can only be achieved through a mindset of understanding the challenges faced by respective counterparts, in an effort to fulfill continuous knowledge acquisition.

Continue reading

The easiest way to think of DevSecOps is to imagine it as an extension of DevOps, whereby the responsibility of security is shared across a whole team. Just as DevOps combines software development and IT practices for maximum security, DevSecOps is a cultural, software development, and engineering practice that creates collaboration around security.

Continue reading

This article describes what leadership really means to me.

Continue reading

Moving to Hugo static page generator and Firebase as hosting provider. No more Ghost.

Continue reading

Idea for TuxResponse came after incident response engagement, where I realized the need of automation of certain checks on Linux boxes. Instead of relying on saved commands, cheat sheets and unstructured scripts, I decided it’s time for a tool that will help me and others.

Continue reading

In the past months I was working on security incidents involving Linux systems and I struggled to find good material on that topic to structure well my response plan. In fact, Linux is the investigator’s black hole, blind spot, deficiency, weakness and so on.

Continue reading

I‘ve bought the book Linux Command Line and Shell Scripting Bible Third Edition by Richard Blum and Christine Bresnahan some time ago, but somehow haven‘t got enough time to go through it.

Continue reading