Ken Muse
Understanding X.509 Certificates
Despite decades of use, certificates tend to be a mystery to most developers. At their root, they are largely more than a collection of name-value pairs and a public key. The majority of people that work with certificates regularly often run into situations where they need to understand the details of how they work. In this post, we’ll dive into the basics and learn what’s in these files.

Read more

GitHub Actions Injection
If you can code it, someone will find a way to exploit it ( accidentally or intentionally). Anytime development efforts are involved, it’s important to minimize security risks and bugs. This is also true with GitHub Actions, which allows you to script advanced automation solutions. Because of this, it’s important to understand where injection can occur and how to avoid it.

Read more

Security Theater

Security Theater

You might be less secure than you think! In a crowded market of security tools, developers are being sold a dream that quickly turns into a nightmare.

Read more