#DevSecOpsView all tags

• Red Teaming Infrastructure: Turning Attacks into Regression Tests

  December 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Rust/Go Secure Coding Patterns: The Bugs That Still Happen

  November 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Secure Configuration: Policy-as-Code and Guardrails

  October 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Backup/Restore as a Protocol: RPO/RTO with Adversaries

  September 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Observability at Scale: Traces, Cardinality, and Cost

  August 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Rate Limiting & Load Shedding: Protecting Reliability SLOs

  July 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Multi-Region Design: Failover That You Can Actually Test

  June 1, 2022 · 4 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Kubernetes Hardening: RBAC, NetworkPolicy, and Pod Security

  May 1, 2022 · 4 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Runtime Security: eBPF, Policy, and Drift Detection

  April 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Secrets Hygiene: Rotation, Scoping, and Runtime Delivery

  March 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Reproducible CI/CD: Determinism as Defense

  February 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Supply Chain Security: SLSA, SBOM, and Build Provenance

  January 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Post-Quantum Readiness at the Edge: Constraints and Migration

  December 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Anomaly Detection: What 'Baseline' Means in Industrial Systems

  November 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Secure Remote Access: Bastions, Just-in-Time, and Audit

  October 1, 2021 · 3 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Offline-First Edge: Consistency During Intermittent Connectivity

  September 1, 2021 · 3 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Safety-Critical vs Security-Critical: Integrating Two Worlds

  August 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Gateway Architecture: Protocol Translation Without Becoming a Bottleneck

  July 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Time-Series at Scale: Ingestion, Downsampling, and Query Isolation

  June 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Zero Trust for IIoT: Network Segmentation and Policy Enforcement

  May 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Firmware Update Pipelines: Rollouts, Canary, and Recovery

  April 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Edge-to-Cloud Messaging: MQTT, OPC UA, and Threat Models

  March 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Secure Telemetry: Integrity, Nonce Discipline, and Replay Protection

  February 1, 2021 · 3 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Device Identity: Provisioning, Attestation, and Lifecycle

  January 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Incident Response for Crypto Systems: Key Compromise Playbooks

  December 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• KMS/HSM Threat Models: When 'Managed' Doesn't Mean 'Safe'

  November 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Multi-Tenant Isolation: Crypto Boundaries vs Kernel Boundaries

  October 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Cryptographic Agility: Designing for the Algorithm You Haven't Met Yet

  September 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Logging for Forensics: Tamper Evident Event Pipelines

  August 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• TLS Beyond Defaults: Ciphersuites, ALPN, and Operational Reality

  July 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Secure Firmware Updates: Signed Manifests and Rollback Protection

  June 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Side Channels: Constant-Time, Cache Attacks, and Real Threat Models

  May 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Hardware Roots of Trust: TPM, Secure Boot, and Attestation

  April 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Secrets vs Capabilities: Token Design in Microservices

  March 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Key Management at Scale: Rotation, Audit, and Blast Radius

  February 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• PKI as an Operating System: Certificates, Policies, and Expiration

  January 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps