What are Dev Containers?
A brief on dev containers, pre-configured Docker containers for fully featured development environments.
Topic
DevSecOps
A collection of posts on DevSecOps.
Test Your Secret Management Skills with OWASP WrongSecrets
A brief on OWASP WrongSecrets, an intentionally vulnerable web app focused on secret management hygiene.
So, The Software Supply Chain is Broken. How Do We Fix It?
This post describes a logical model to improve trust and transparency in software supply chain security.
Software Supply Chain Threats and Vulnerabilities
A brief on the software supply chain, and its associated threats and vulnerabilities.
Generate Infra-as-Code and Config Files with AI
A brief guide to generating IaC templates, bash scripts and config files with AIaC.
Open-Source Postman Alternative with Hoppscotch
A brief guide to deploying Hoppscotch, an open-source alternative to Postman API client, on Railway.
Dockerize a Node.js App using a Distroless Image
A brief guide to dockerizing a Node.js application with a Google distroless container image.
Passwordless SSH Login with YubiKey Security Key
A brief guide to passwordless SSH login with FIDO2-compliant YubiKey hardware security key.
Immutable Transparency Logs with Sigstore Rekor
A step-by-step guide on creating an immutable ledger and storing transparency logs with Sigstore Rekor.
Sign Software Artifacts with Sigstore Cosign
A step-by-step guide on signing code and software artifacts with Sigstore Cosign.