Diving into the Essential Eight strategies to mitigate security incidents (part 1: preventing delivery and execution of malware)
I introduced some of the security guides published by the Australian Cyber Security Centre and their Essential Eight mitigation strategies for businesses in my last post, and I’d like to dive deeper into the first four mitigation strategies for preventing delivery and execution of malware.
Top mitigation strategies from the Australian Cyber Security Centre
The Australian Cyber Security Centre provides a substantial amount of clear and actionable information on how to improve an organization’s security posture, ranging from basic guides for organizations that are just establishing their security teams, to its regularly updated Australian Government Information Security Manual, often referred to as the ISM.
JDK distributions, JDK distributions everywhereTaking a look at the number of JDKs, I'd like to start from a simple set of criteria to pick one to use for a new project, assuming zero budget and a desire for maximum flexibility.
Financial checklist for moving to the US for work
If you’re moving from Canada to the US for work, there are a few things that are helpful to do before and after moving that will make your short-term finances much, much easier, and I’ve put together a few of them based on conversations I had with a friend who relocated around a year after I did.
Diving into information security principles
I'm interested in how information security can be better integrated into software development, and how services can be developed in a way that makes good security a natural part of the process. It'll take a lot of effort to get there, but continual improvement in security is achievable at any scale.
There are new skills to develop and many segmented fields to learn from, which is both exciting and challenging, but the good thing is that there've been many lessons learned that we can take advantage of to develop more secure systems today.
Staging environments and deployment pipelinesA staging environment mimics the environment our users interact with as closely as possible, so that we can verify changes and catch issues that may not occur on a local developer environment before promoting changes to production.
Enabling regular expressions in SQLite with Rails
Recently I was looking into writing custom functions for SQLite in a Rails application, specifically to support regular expressions. It took a few attempts to find a good solution, so I thought it might be worth posting the end result.
Setting HTTP security headers in Rails
HTTP security headers are easy to configure, and provide a flexible way to mitigate several types of cross-site scripting and sniffing attacks.
subscribe via RSS