Level Up Cybersecurity with Kasm Workspaces
Ever look at plethora of browser tabs staring back at you with “I’ll check this out later” vibes and feel the urge to mercy-close the ones that just wont get done anytime soon? Browser tabs are now another subtle, nagging to-do list that gets neglected or ignored. I’m specifically referring ... Read More
Let’s Encrypt for non-webservers
Let’s say you want to use Let’s Encrypt for something that isn’t a website. So you download certbot, you get things going with your manual cert, and you realize that when it goes to rotate you will need to restart some services. When you go look through the docs, it’s ... Read More
When Man Pages Go Weird
You may not realize that I got my start in the technology world in the early 1990s learning Unix. From my first Netcom account to my high school allowing me, A JUNIOR, to have and run a Slackware machine directly connected to the Internet. My first Linux kernel was a ... Read More
Ten Things Companies Get Wrong About CIAM
Customer Identity and Access Management (CIAM) is a core component of creating your digital user experience. If you are unfamiliar with Customer Identity and Access Management, it is the process by which companies grant access to their digital assets (like websites, mobile apps, and even chatbots) to their customers, as ... Read More
Protect Yourself and Freeze Your Credit
Breaches are never ending, and if you have not already put freezes on your credit reports, make a late New Year’s resolution and do it now. There are a couple of steps you will need to take for each of the four bureaus (yes four). Before you freeze, get in ... Read More
Selective Domain Filtering with Postfix and a SPAM Filtering Service
Yes, that title was a mouthful, but I’m trying to make sure I’m descriptive enough for the next guy who is in this situation. I was facing something interesting lately. There is a spambot network that is ignoring whatever you put in the MX record, and trying to send emails ... Read More
Taking Stock of Identity Solutions in the Age of AI
Security pros can use ITDR and DCI in conjunction to combat security threats in the age of AI ... Read More
PCI DSS 4.0 and TLS
In 2015, I published an addendum to our PCI DSS 4th Ed. book that covered version 3.1. I titled it, “PCI DSS 3.1: The Standard that Killed SSL” because that version removed the ability to use old and outdated versions of the standard in favor of the improved TLS standard ... Read More
Why APA is Important in your Masters Journey
Another semester has closed and the reviews are in. As always, I had one student who rails on their hatred of APA formatting and one student who loved it. OK, maybe not loved it, but mentioned that it made a positive impact on their journey. The goal of this post ... Read More
Writing a Book in Markdown with GitHub
December is the month! PCI Compliance, 5th Edition is ready for pre-order and will be shipping on the 22nd. James & I are so excited to hear what you think! But of course, this project is several years in the making. Even before James & I sat down in early ... Read More
