DevSecOps
Lessons from the field. Always landing on my feet.
AKS Runtime Security: Binary Drift, Anti-Malware & Gated Deployment with Defender for Cloud
In December, I published a post on securing the container supply chain β SBOM generation, image signing, and build provenance with GitHub Actions. That covered build-time security: making sure the image you ship is the image you built. But what β¦
Secure Your Container Supply Chain: SBOM, Signing & Attestation with GitHub Actions
Over the last couple of weeks, Iβve been diving deep into container supply chain security. Between high-profile incidents like SolarWinds, Log4Shell, and the xz Utils backdoor, itβs clear that securing the build pipeline is just as critical as β¦
Terraform 1.11's Game-Changer: Keep Secrets Out of State for Good
If youβve worked with Terraform and secrets, youβve probably wondered: βWait, is my password actually in that state file?β The answer has historically been: yes. The sensitive = true flag does a great job hiding values from CLI output, but the state β¦