In case you weren’t aware, I moved over to Alert Logic in May of 2017. I am in the technical product marketing group, which is essentially a job where I do various tasks that generally involve helping bring technical people and marketing people together (those two groups at infosec vendors often don’t speak each other’s language). It’s a fun gig so far with plenty of challenges.
One of the tasks that I have been assigned is writing informative articles on the Alert Logic blog (you can subscribe to the RSS feed also). Below is a list of the pieces I have written over there. Go check them out when you have a second. I’ll be updating this post as more go up there, and I’ll probably be including any other resources from other pars of the Alert Logic website that are technical in nature and generally relevant as a whole (i.e. not total vendor speak, which is not my job anyway). I’ll keep the most recent ones at the top for ease of finding the latest.
- Posted on Sept 12, 2017 – The first of a 5 part blog series providing some tips on securing apps with SQL databases that are running on the cloud. A lot of the tips apply whether or not you’re running your apps in the cloud, but we focus on cloud here, so there you go.
- Posted on Sept 7, 2017 – An explanation of SQL Injection (SQLi). There are quite a few articles/posts out on the Web that explain this, but it is always good to have another take on it. And I give some pointers on how to fix SQLi, including code examples from Damn Vulnerable Web App. It’s another resource if you want to understand SQLi or need to give someone a pointer.
- Posted on June 29, 2017 – Post about PetrWrap/NotPetya/GoldenEye/Whatever. This was my first post at Alert Logic. A lot of folks put some time into this one because of the fact checking that needed to happen about the outbreak. But it is a good breakdown.
This is a Security Bloggers Network syndicated blog post authored by Michael Farnum. Read the original post at: An Information Security Place