Tag: Infosec
-
Introducing Twirp RPC framework for Golang
Posted on January 19, 2018, Level beginner Resource Length medium
Spencer Nelson published article in which he introduced an RPC framework they use for communication between backend servers written in Golang. It's called Twirp, and it's available now under an Apache 2 open source license.
Tags apis web-development infosec
-
How to install Centmin Mod with Let's Encrypt and CloudFlare
Posted on December 11, 2017, Level intermediate Resource Length long
Mike Tabor posted tutorial how to install LAMP server via Centmin Mod and take advantage of free SSL certificates with Let's Encrypt and also leveraging free DNS from CloudFlare.
Tags devops infosec ansible
-
3 common cybersecurity maturity failings
Posted on December 5, 2017, Level beginner Resource Length short
Oliver Rochford published short article on cybersecurity maturity and it's failings. The article touches on some interesting points. Especially on how vendors, investors and the media rely on flawed statistics, surveys and a fair dose of wishful thinking in assessing the security maturity of the average enterprise, projecting market growth and product viability.
Tags cloud infosec devops
-
Advanced kubernetes ingress
Posted on October 29, 2017, Level intermediate Resource Length medium
Björn Wenzel deatiled writting on how to to setup a more complex kubernetes ingress example. This blog post is building on his previous post - Install kubernetes ingress. The application in this example has an api-server and a separate ui server.
Tags kubernetes containers devops software-architecture infosec
-
Privacy and trustworthiness for web notifications
Posted on October 25, 2017, Level beginner Resource Length short
The Internet Engineering Task Force (IETF) nice short article / announcement about privacy of web notifications. HTTPS (HTTP over TLS) is possibly the most widely used security protocol in existence. HTTPS is a two-party protocol; it involves a single client and a single server. This aspect of the protocol limits the ways in which it can be used.
Tags programming web-development infosec
-
Automating LetsEncrypt Certificates With Ansible for AWS Instances
Posted on August 12, 2017, Level intermediate Resource Length medium
Alagesan Palani tutorial explaining how to make your AWS instance safer by automatically generating LetsEncrypt certificates. Conveniently.
Tags ansible aws infosec
-
7 Best Practices for JSON Web Tokens
Posted on May 28, 2017, Level intermediate Resource Length medium
Neil Madden has written about best practices for JSON Web Tokens (JWTs, pronounced "jots").
Tags json infosec web-development
-
Managing Shared Secrets
Posted on May 15, 2017, Level beginner Resource Length long
Jakob Holderbaum article about managing shared secrets when working on a shared codebase.
Tags infosec programming
-
Detecting Bots in Apache & Nginx Logs
Posted on March 12, 2017, Level intermediate Resource Length medium
Mark Litwintschik put together this article to help server admins with separating bot and human-generated traffic in web server logs, which can be challenging.
Tags nginx servers infosec
-
Dovecot - World's most popular email server praised as near-impenetrable
Posted on January 29, 2017, Level beginner Resource Length short
It isn't often that good news makes headlines, especially in the security world. Dovecot bucked the trend earlier this month, with a cybersecurity audit that praised the mail server as "near-impenetrable".
Tags servers infosec
-
Learn how to use JSON Web Tokens (JWT) for much Authentication win!
Posted on January 21, 2017, Level beginner Resource Length long
Learn how to use JSON Web Token (JWT) to secure your Web and/or Mobile Application!
Tags infosec
-
SSH Encryption and Connection Process
Posted on January 20, 2017, Level beginner Resource Length medium
Article explains internals of SSH. SSH, or secure shell, is a secure protocol and the most common way of safely administering remote servers.
Tags infosec