Category
Security practice
Identity, access, logging, policy, storage security and risk reduction.
By date
Months in this category
Notes
Latest first
Old container images can break TLS
A simple field note on why stale container images can cause TLS errors, and the routine that helps prevent it.
Cloud security posture is mostly maintenance
A field note on why secure cloud environments depend on repeatable checks, not one big heroic review.
Azure Storage security starts with boring checks
A short field note on the simple storage account settings I like to review before they become a bigger problem.
A note on why logs need someone to read them
A short field note on logs need an owner, written as part of an older learning archive.
A small lesson about turning security recommendations into actual fixes
A short field note on security recommendations and real fixes, written as part of an older learning archive.
Learning to notice checking public exposure
A short field note on public exposure checks, written as part of an older learning archive.
Why I kept thinking about reviewing old access without drama
A short field note on old access and quiet risk, written as part of an older learning archive.
A note on least privilege in real life
A short field note on least privilege in real environments, written as part of an older learning archive.
A small lesson about evidence as part of security work
A short field note on security evidence that helps later, written as part of an older learning archive.
Learning to notice storage settings that are easy to ignore
A short field note on storage security checks, written as part of an older learning archive.
Why I kept thinking about temporary permissions that stop being temporary
A short field note on temporary permissions in cloud systems, written as part of an older learning archive.
A note on why logs need someone to read them
A short field note on logs need an owner, written as part of an older learning archive.
A small lesson about turning security recommendations into actual fixes
A short field note on security recommendations and real fixes, written as part of an older learning archive.
Learning to notice checking public exposure
A short field note on public exposure checks, written as part of an older learning archive.
Why I kept thinking about reviewing old access without drama
A short field note on old access and quiet risk, written as part of an older learning archive.
A note on least privilege in real life
A short field note on least privilege in real environments, written as part of an older learning archive.
A small lesson about evidence as part of security work
A short field note on security evidence that helps later, written as part of an older learning archive.
Learning to notice storage settings that are easy to ignore
A short field note on storage security checks, written as part of an older learning archive.
Why I kept thinking about temporary permissions that stop being temporary
A short field note on temporary permissions in cloud systems, written as part of an older learning archive.
A note on why logs need someone to read them
A short field note on logs need an owner, written as part of an older learning archive.
A small lesson about turning security recommendations into actual fixes
A short field note on security recommendations and real fixes, written as part of an older learning archive.
Learning to notice checking public exposure
A short field note on public exposure checks, written as part of an older learning archive.
Why I kept thinking about reviewing old access without drama
A short field note on old access and quiet risk, written as part of an older learning archive.
A note on least privilege in real life
A short field note on least privilege in real environments, written as part of an older learning archive.
A small lesson about evidence as part of security work
A short field note on security evidence that helps later, written as part of an older learning archive.
Learning to notice storage settings that are easy to ignore
A short field note on storage security checks, written as part of an older learning archive.
Why I kept thinking about temporary permissions that stop being temporary
A short field note on temporary permissions in cloud systems, written as part of an older learning archive.
A note on why logs need someone to read them
A short field note on logs need an owner, written as part of an older learning archive.
A small lesson about turning security recommendations into actual fixes
A short field note on security recommendations and real fixes, written as part of an older learning archive.
Learning to notice checking public exposure
A short field note on public exposure checks, written as part of an older learning archive.
Why I kept thinking about reviewing old access without drama
A short field note on old access and quiet risk, written as part of an older learning archive.
A note on least privilege in real life
A short field note on least privilege in real environments, written as part of an older learning archive.
A small lesson about evidence as part of security work
A short field note on security evidence that helps later, written as part of an older learning archive.
Learning to notice storage settings that are easy to ignore
A short field note on storage security checks, written as part of an older learning archive.
Why I kept thinking about temporary permissions that stop being temporary
A short field note on temporary permissions in cloud systems, written as part of an older learning archive.
A note on why logs need someone to read them
A short field note on logs need an owner, written as part of an older learning archive.
A small lesson about turning security recommendations into actual fixes
A short field note on security recommendations and real fixes, written as part of an older learning archive.
Learning to notice checking public exposure
A short field note on public exposure checks, written as part of an older learning archive.
Why I kept thinking about reviewing old access without drama
A short field note on old access and quiet risk, written as part of an older learning archive.
A note on least privilege in real life
A short field note on least privilege in real environments, written as part of an older learning archive.
A small lesson about evidence as part of security work
A short field note on security evidence that helps later, written as part of an older learning archive.
Learning to notice storage settings that are easy to ignore
A short field note on storage security checks, written as part of an older learning archive.
Why I kept thinking about temporary permissions that stop being temporary
A short field note on temporary permissions in cloud systems, written as part of an older learning archive.
A note on why logs need someone to read them
A short field note on logs need an owner, written as part of an older learning archive.
A small lesson about turning security recommendations into actual fixes
A short field note on security recommendations and real fixes, written as part of an older learning archive.
Learning to notice checking public exposure
A short field note on public exposure checks, written as part of an older learning archive.
Why I kept thinking about reviewing old access without drama
A short field note on old access and quiet risk, written as part of an older learning archive.
A note on least privilege in real life
A short field note on least privilege in real environments, written as part of an older learning archive.
A small lesson about evidence as part of security work
A short field note on security evidence that helps later, written as part of an older learning archive.
Learning to notice storage settings that are easy to ignore
A short field note on storage security checks, written as part of an older learning archive.
Why I kept thinking about temporary permissions that stop being temporary
A short field note on temporary permissions in cloud systems, written as part of an older learning archive.
A note on why logs need someone to read them
A short field note on logs need an owner, written as part of an older learning archive.
A small lesson about turning security recommendations into actual fixes
A short field note on security recommendations and real fixes, written as part of an older learning archive.
Learning to notice checking public exposure
A short field note on public exposure checks, written as part of an older learning archive.
Why I kept thinking about reviewing old access without drama
A short field note on old access and quiet risk, written as part of an older learning archive.
A note on least privilege in real life
A short field note on least privilege in real environments, written as part of an older learning archive.
A small lesson about evidence as part of security work
A short field note on security evidence that helps later, written as part of an older learning archive.
Learning to notice storage settings that are easy to ignore
A short field note on storage security checks, written as part of an older learning archive.
Why I kept thinking about temporary permissions that stop being temporary
A short field note on temporary permissions in cloud systems, written as part of an older learning archive.
A note on why logs need someone to read them
A short field note on logs need an owner, written as part of an older learning archive.
A small lesson about turning security recommendations into actual fixes
A short field note on security recommendations and real fixes, written as part of an older learning archive.
Learning to notice checking public exposure
A short field note on public exposure checks, written as part of an older learning archive.
What security taught me about assumptions
A short note on why cloud security work starts by checking what people think is already true.