Using Terraform with Google Cloud Platform — Part 1

This blog series is aimed at those who are interested in developing scalable cloud infrastructure and automating repetitive tasks. I’ll walk you through the setup process to get Google Cloud Platform and Terraform working together and show you how to create a basic virtual machine using 3 files and…

Implementing HTTPS and HTTP Headers in Nginx

There's been a lot of focus on internet security and encryption over the past several years. You'll find dozens of news reports every day about companies getting breached, individuals having their bank accounts compromised, and security researchers finding vulnerabilities in web services and encryption protocols. As someone who is passionate…

The Current State of DevOps and the Agile Movement in Japan

Last Friday I was fortunate enough to attend a seminar at Creationline, Inc. in the Akihabara district of Tokyo. The topic, as you may have already figured out, was on the current state of DevOps and the Agile Movement in Japan. I've been interested in learning more about how software…

Visualizing Threats and Preventing Intrusions: Part 2

Network intrusions are an incredibly common occurrence that happens just about every single second on high traffic web servers. With the increasing popularity of cloud based systems, the entire range of IP addresses owned by the provider are constantly scanned and checked for vulnerabilities and poor security configurations. This can…

An Introduction to the Ext4 Filesystem

A filesystem is a way in which binary data is organized on disk using a set of data structures and other programming methods to handle file and hardware properties. An operating system is formatted to a certain filesystem and thus logically organized using a directory structure or the location where…

Packet Capture Analysis of Ransomware

In the 2016 Data Breach Investigation Report, Verizon discovered that "ransomware is on the rise". Malware crafted to encrypt the victim's drive content, in lieu of a hefty Bitcoin payment to unlock the protected files, encompasses 39% of crimeware incidents in 2015. Hackers primarily targeted the public sector,…

Visualizing Threats and Preventing Intrusions: Part 1

For many years small and medium businesses would go unprotected and unaware of the dangers they face, leaving their web servers and private data susceptible to compromise. Sifting through thousands of lines worth of log data was often very tedious and difficult to accomplish without having a dedicated, well trained,…

The Relationship Between Incident Response and Risk Management

The relationship between Risk Management and Incident Response is an essential partnership between the technical and business aspects of an organization. In the past twenty years we’ve relied on technology to make businesses more efficient, but only the past decade or so has shown that protecting informational assets is…