An overall Site Reliability strategy should always be based on data and metrics. However having the right metrics is a key challenge to evolve services and practices internally. The rise of agile, DevOps and...
Craftmanship / DevOps / Web development
by shenril
by shenril · Published 28/12/2020 · Last modified 29/12/2020
What is composer? Composer, created in 2012, is a dependency manager for PHP, it allows you to handle packages and their version to include in your project. You could compare it to Ruby Gem...
For me Threat Intelligence is not only the last buzzword for security products. It also means education of the day-to-day professionals who take care of network and system. It can be related to security...
Even though most of the security breaches nowadays come from applications, security is still an after thought in companies policies. Still too few resources are dedicated to improve security during the development process and...
This article is the follow-up to– Refactor your team Part 1– Refactor your team Part 2 Current status Here we are, in phase 3 of the team refactoring project. Following part 2, it took quite some...
This post follows the Refactor your Team Part 1 which I encourage you to read to understand the current situation and where we’re tending to. We continue our trek to improve practices and process of our...
This serie of article is on my experience as a coach in a recruiting company I joined 2 years ago, from the struggle to the solution implemented, and who knows, maybe it would give...
I used to work as a Security Engineer in Switzerland(Lausanne) for 5 years. Part of my job was Ethical Hacking and performed pentest on various projects with a speciality on web technologies. Right now I...
I will present you here a method i discovered in Japan and actually never seen elsewhere back in Europe. Fortuntately I’ll remediate to that and give you a quick explanation about it ! The KPT...
The primary aim of the OWASP Application Security Verification Standard (ASVS) is to normalize the range in the coverage and level of rigor available in the market when it comes to performing web application security verification. The ASVS standard provides a basis...
I created my first dynamic website when I was 14 years old using PHP4. It was my first programming language (besides HTML4) and I remember the feeling that I could do anything I wanted. At...
More
Ppl often release attack tools & write a paragraph on defensive possibilities.
We’re changing that.
Here’s a post on the thought-process involved in building a MySQL-dump canarytoken (touching on its SQL injection application)
https://blog.thinkst.com/2021/09/a-mysql-canarytoken.html
(It’s worth the read)
Amazon Detective offers Splunk integration
Amazon Detective, in coordination with the Splunk Trumpet project, has released the ability to pivot from an Amazon GuardDuty finding in Splunk directly to an Amazon Detective entity profile so that custom... https://aws.amazon.com/about-aws/whats-new/2021/09/amazon-detective-splunk-integration/
Wantedly Engineering Handbook が Web で読めるようになりました!
Wantedly の開発チームの概要を高速に理解できるように作っています。
常に更新され続ける社内ドキュメントの公開なので常に開発チームの最新状態がわかります。
今後の更新もお楽しみに!
https://docs.wantedly.dev/
