My latest course “Architecting for Security on AWS” is now available on Pluralsight! You’ll learn how to secure your data and AWS services using a defense-in-depth approach, including: Protecting your AWS credentials using identity and access management Capturing and analyze logs using CloudTrail, CloudWatch, and …

This month, security researchers released a whitepaper describing the Meltdown attack, which allows anyone to read the full physical memory of a system by exploiting a vulnerability in Intel processors. If that sounds bad, that’s because it is. It means that if you’re running workloads on a public cloud provider, and …

Security usually requires sacrificing convenience (or money). So naturally, we tend to get away with as little security as possible. But if you’re a glutton for punishment, here are 4 very inconvenient but highly effective measures you can take right now to protect yourself from the evils lurking on the interwebs. …

Whenever a tech fad comes to an end, it becomes so obvious why it failed. Yet during the hype, it’s easy to miss the problems lurking just below the surface. I want to explore some of the problems I see with public blockchain and why I think it’s not going to live up to the hype. Blockchain can’t track real things …

Still not convinced that you should learn Windows PowerShell? A popular conspiracy theory asserts that Russia used some awesome PowerShell tricks to hack the Democratic National Committee and get Donald Trump’s opposition research file. While you shouldn’t (and hopefully won’t) use PowerShell for international …