Preparing for the CCNP 350-401 ENCOR Exam

Posted on January 10

January 31, 2020 update: No, you’re not crazy. Cisco changed the exam number from 300-401 to 350-401. If you’ve been studying for your CCNP R&S certification or are looking to recertify, you’ve probably considered whether to sit the existing CCNP ROUTE, SWITCH, or TSHOOT exams, or just wait until the CCNP ENCOR exam comes out […]

Finding Suspicious Traffic using CloudWatch Log Insights and VPC Flow Logs

Posted on July 28


While playing around with AWS CloudWatch Log Insights to analyze VPC flow logs, I thought of a couple of fun ways to identify (probably) malicious traffic. Finding Vulnerability Scanners These are the guys that hammer your box looking for anything from silly SQL injection attacks (so 2005) to CSRF vulnerabilities. The tell: look for hosts […]

Understanding the AWS Shared Responsibility Model

Posted on June 6

As an AWS customer, you share responsibility with AWS for the security of your data the cloud. There’s a mantra: AWS handles the security of the cloud, but you handle security in the cloud. But it turns out that’s not quite true. For more, check out my guide Operating within the AWS Shared Responsibility Model.

Science is About Discovering the Truth

Posted on June 3


As someone who works in IT, I hear and read a lot of comments about science. One common but unfortunate claim is that “science is not about finding truth.” While I won’t get into the underlying philosophical reasons behind this claim, I do want to at least respond to it on its face. Etymology of […]

Studying for the AWS Certified Solutions Architect: Associate Exam (SAA-C01)

Posted on May 29

Study Guides The AWS Certified Solutions Architect Study Guide: Associate SAA-C01 Exam 2nd Edition ($30) by David Clinton and myself covers more than you need to know to pass the exam. If you don’t believe me, just click the link and look at the reviews on Amazon. If you are fairly new to AWS, you’re […]