Sharing secrets with containers using Custodia

Di Original dated Aug 2, 2017 found at Distributing secrets in container environments is done dangerously more often than safely. This article gives an overview of secrets distribution using the open source Custodia package to distribute secrets safely in a really cool and novel way. Custodia will work in many more environments than this, […]

SOCMDB – a Security-oriented CMDB – Why and How

SOCMDB - security oriented CMDB configuration management data base database

The idea of a configuration management database (CMDB) is that it should be able to tell you all the interesting attributes of your environment. It’s not hard to imagine that just the right CMDB could be a great help in securing your systems and improving your security posture. In this article we’ll look in more detail at what a Security-Oriented CMDB (SOCMDB) should look like – and why you should care.

How the right CMDB can improve your security posture

How the right CMDB can improve your security posture

In a couple of earlier blog posts, I wrote an article about what characteristics would make a CMDB suitable for a “modern” DevOps-like environment. The first article talked about what characteristics one would like in such a CMDB. The second article evaluated the Assimilation Suite in terms of those characteristics. This article discusses how a CMDB can improve your security posture.

In today’s blog post, I’d like to do something similar – but looking at a CMDB from a security perspective. That is, this blog post is the first part of a discussion of what a security-oriented CMDB ought to look like and how it can improve your security posture.

How I Give Fun Talks

give fun talks

I couple of weeks ago, I gave my first ever talk at a security conference and had a great time at the Las Vegas B-sides conference (BsidesLV). I had a great time there, met some great people there. This note gives an overview of how it went, and gives a little information on how I give talks.