Archive for the ‘security’ Category

« Older posts
Newer posts »

AppSecUSA – Docker, DevOps, Security

19Sep14

Filed under: Docker, security   |  Comment
Tags: , ,

Network Intrusion Detection on VNS3

04Aug14

This post originally appeared on the CohesiveFT blog The Docker subsystem available since version 3.5 allows additional virtualized network functions (VNFs) to be run on VNS3. I’ve previously written about using this capability for content caching, SSL termination and load balancing. This time I’ll cover using it as a network intrusion detection system (NIDS). Introducing Suricata […]


Filed under: CohesiveFT, Docker, networking, security   |  Comment
Tags: , , , , , ,

Chicago Docker Meetup presentation on Security

22Jul14

This was a warm up for a presentation I’ll be doing at AppSec USA later in the year. I got some good feedback on the night, but if you have more then please make a comment below.


Filed under: CohesiveFT, Docker, presentation, security   |  Leave a Comment
Tags: , , , ,

Heartbleed – the Tortoise and the Hare

13May14

The dust is starting to settle now in the wake of Heartbleed[1] – those that are going to fix it have already, other servers that are suffering from the issue will remain vulnerable for years to come. It’s time now for reflection, so here’s mine. I was on a family vacation when Heartbleed was announced, and […]


Filed under: CohesiveFT, security   |  Leave a Comment
Tags: , , , , , ,

Security protocols in constrained environments

21Feb14

Update (13 Mar 2014) – this presentation is also available on YouTube I did a presentation at the open source hardware users group (OSHUG) last night. Click to the second slide to get the TL;DR version: With more time I’d like to get some quantitative material on the memory footprint of various cipher suites and […]


Filed under: Arduino, BeagleBone, presentation, Raspberry Pi, security   |  Comment
Tags: , , , , , , , , , , ,

Why Twitter’s 2FA is better than my bank’s

23Aug13

I got an email from my bank yesterday telling me that they’re rolling out two factor authentication (2FA) to protect their my money from fraudsters. It looks like a pretty standard one time password (OTP) based scheme that will have a choice between mobile and physical tokens. They’re being pretty inflexible about the deployment model […]


Filed under: identity, security   |  Comments
Tags: , , , , , , , , ,

Excited about etcd

15Aug13

There’s been a lot of buzz about Docker over the past few weeks[1], so I was intrigued when I read about CoreOS, which amongst other things is designed to be a minimal substrate for Docker. When Alex Polvi left a comment that they might be giving away t-shirts to people signing up for the Alpha that […]


Filed under: architecture, cloud, CohesiveFT, security, software   |  Leave a Comment
Tags: , , , , , , , , , , , , , , ,

CohesiveFT video overview

02Aug13

For those of you wondering what I do in my day job:


Filed under: cloud, CohesiveFT, security   |  Leave a Comment
Tags: , ,

Authorization

17May13

In which I examine why XACML has failed to live up to my expectations, even if it isn’t dead, which has been the topic of a massive blogosphere battle in recent weeks. Some background I was working with the IT R&D team at Credit Suisse when we provided seed funding[1] for Securent, which was one […]


Filed under: identity, security   |  Leave a Comment
Tags: , , , , , , , , , , , , , ,

A lack of discretion

23Apr13

There’s been a lot of Monday morning quarterbacking over last week’s shutdown of Boston during the pursuit of terror suspects. I have my own opinions about what went on, but don’t feel this is the time or place to get into that. The point of this post is to examine whether if many (or even […]


Filed under: security, wibble   |  Comments
Tags: , , , , ,
« Older posts
Newer posts »