Today, after a long while that I planned to do it, I crossed my fingers and approached the AWS Certified Security — Specialty exam, and fortunately passed it. I thought that it would be a good idea if i’d share my exam experience and generally provide tips to those of…

Jupyter notebooks are a useful piece of software. They have a variety of use-cases — from demonstrating some python code on a live manner, data visualizations, machine learning algorithm development, and even incident response automation. …

Introduction If you haven’t started writing your own blog until now, this is the time to start doing it. Blogging is a great way to show the world your way of thinking, and enhance some important soft skills like communication, open-mindedness, and creativity. It also forces you to deeply understand about…

As a security architect, you should insist on having good and clear visibility of the security status of your product/service. While that sentence covers a wide range of topics, I want to raise a different approach to security visibility and enforcement. …

IAM policies are a great way to enforce authorization for Groups / Users / Roles to specific services, under specific conditions. In high level, policies are a set of JSON statements which provide certain permissions to entities. Adding another security layer to that, there is an optional block under the…

Working a-lot with Ansible lately, I was encountering in a real blocking problem. As we were working on deploying our software on Windows targets, We were constantly trying to find ways to test our roles, but we encountered some issues, mostly related to our development environments. Writing these lines, i’m…

Until not long ago, I was using DuckDNS services to get my home webserver up and running. As my ISP is demanding a respectful amount of money to reserve a static IP address I was looking for dynamic dns solutions to point my home IP address to. I chose an…

During my work, I encountered several times in a need of architecting & developing internal systems, which requires access from specific people inside the company. In terms of visibility & security, you probably don’t want these systems to be available to the internet, and therefore you must find a solution. …

For a long period of time, I was using custom git hooks on my own ec2 instance that ran Gogs open source software as a git server. I was using these hooks to make sure that every push to the repository goes through and being deployed to our staging server. …