avatarTeri Radichel

Free AI web copilot to create summaries, insights and extended knowledge, download it at here

10824

Abstract

yle="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*VRsacGrH9UkJT8HHnDSKZQ.png)"></div> </div> </div> </a> </div><div id="0608" class="link-block"> <a href="https://readmedium.com/making-code-reviews-easier-3894189411ea"> <div> <div> <h2>Making Code Reviews Easier</h2> <div><h3>Why you might want to keep using them — with some changes</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*I5LMJ7LJ29mllgK2txNwtA.png)"></div> </div> </div> </a> </div><h2 id="2178">Programming Languages</h2><div id="84f1" class="link-block"> <a href="https://readmedium.com/evaluating-use-of-a-new-programming-language-04aaeef83897"> <div> <div> <h2>Evaluating Use of a New Programming Language ~ Rust</h2> <div><h3>Is it safe to use an open source language not supported directly by a vendor?</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*CqbkcuZFJJ2JwOthO__Vvw.png)"></div> </div> </div> </a> </div><div id="c6d3" class="link-block"> <a href="https://readmedium.com/why-use-golang-71d8350de904"> <div> <div> <h2>Security Benefits of Golang Concurrency</h2> <div><h3>Getting started with Go: Part 1</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*WwOXwAvsuGD83rnSJNB30Q.png)"></div> </div> </div> </a> </div><div id="f2e4" class="link-block"> <a href="https://readmedium.com/which-programming-language-should-you-use-86f590691a57"> <div> <div> <h2>Which Programming Language Should You Use?</h2> <div><h3>ACM.53 Choosing a programming language for short term and long term projects</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*47Hv03tWDmGNpVNHJDtwmA.png)"></div> </div> </div> </a> </div><h2 id="96a5">Github Security</h2><div id="250c" class="link-block"> <a href="https://readmedium.com/git-and-github-security-8728bef0a057"> <div> <div> <h2>Git, GitHub, and AWS CodeCommit Security</h2> <div><h3>Stories about securing git, GitHub, and your code</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*LQ5l21ueAnPOGOnhukzTCQ.png)"></div> </div> </div> </a> </div><h2 id="9767">Abstraction in Cybersecurity</h2><div id="c1ce" class="link-block"> <a href="https://readmedium.com/abstraction-in-cybersecurity-bd7a3db8d1bf"> <div> <div> <h2>Abstraction in Cybersecurity</h2> <div><h3>135. Simplifying cybersecurity policies and code to limit risk and reduce overhead</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/0*JyMgyLOWEKGQrYy9.png)"></div> </div> </div> </a> </div><div id="f95d" class="link-block"> <a href="https://readmedium.com/abstraction-and-mitre-att-ck-4d6b8376332e"> <div> <div> <h2>Abstraction and MITRE ATT&CK</h2> <div><h3>Leveraging abstraction to come up with primary points of attack</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*Fa9u3-4IRFU_6ApoPqutLQ.png)"></div> </div> </div> </a> </div><div id="3951" class="link-block"> <a href="https://readmedium.com/the-principle-of-abstraction-c569df6daf81"> <div> <div> <h2>The Principle of Abstraction</h2> <div><h3>Reduction of a topic to the essential bits</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*YuTwzNqwL5P_dtvHDj6biA.png)"></div> </div> </div> </a> </div><div id="8d2a" class="link-block"> <a href="https://readmedium.com/configuration-and-abstraction-2edd2909de6b"> <div> <div> <h2>Configuration and Abstraction</h2> <div><h3>Reduce your code base and improve code integrity</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*Tfkt4uADh-TYldnDppRp6g.png)"></div> </div> </div> </a> </div><div id="d8fd" class="link-block"> <a href="https://readmedium.com/the-principle-of-abstraction-9536d18009fb"> <div> <div> <h2>Abstraction</h2> <div><h3>I’ve written about the principle of abstraction in a few of my blog posts. Recently, I came across a different use of…</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/0*H9Ew1KCl-29nZiPR.jpeg)"></div> </div> </div> </a> </div><div id="9dc6" class="link-block"> <a href="https://readmedium.com/managing-application-code-356a4d643000"> <div> <div> <h2>Managing Application Code</h2> <div><h3>ACM.231 Creating a directory structure, abstracting out common code, and testing deployments</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*_m1Y085-2uJz091EJJTv_w.png)"></div> </div> </div> </a> </div><div id="7dfe" class="link-block"> <a href="https://readmedium.com/cryptographically-secure-random-73fcf3531f19"> <div> <div> <h2>Cryptographically Secure Random</h2> <div><h3>ACM.51 Generating a random value for batch job IDs</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*YXjr6vxpFXkxkfUGHVSSlA.png)"></div> </div> </div> </a> </div><h2 id="8c8f">The Dry Principle</h2><div id="531f" class="link-block"> <a href="https://readmedium.com/dry-dont-repeat-yourself-30e7a582ea4"> <div> <div> <h2>DRY — Don’t Repeat Yourself</h2> <div><h3>Posts by Teri Radichel on applying the DRY Principal to Cybersecurity</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*wNIn_wrUH0nsO881QZyy0A.png)"></div> </div> </div> </a> </div><h2 id="13ec">Container Security</h2><div id="1fbd" class="link-block"> <a href="https://readmedium.com/containers-101-and-why-use-them-1815d07f9066"> <div> <div> <h2>Containers 101 and Why Use Them?</h2> <div><h3>ACM.277 The basics of containers like Docker containers</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*R8tURYFgXjUIXovZvA4y_w.png)"></div> </div> </div> </a> </div><div id="5a15" class="link-block"> <a href="https://readmedium.com/threat-modeling-for-containers-ee105421b60"> <div> <div> <h2>Threat Modeling for Containers</h2> <div><h3>ACM.7 Security considerations for containers used by batch jobs</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*goH0Jf22VBTj4LfOKJqgWQ.png)"></div> </div> </div> </a> </div><div id="7e0c" class="link-block"> <a href="https://readmedium.com/installing-git-in-a-container-8b1324985160"> <div> <div> <h2>Installing Git in a Container</h2> <div><h3>ACM.278 Installing software in a container</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*7t5JM76TDzMuetflGUCdMg.png)"></div> </div> </div> </a> </div><div id="fc9c" class="link-block"> <a href="https://readmedium.com/how-to-tell-if-youre-inside-a-container-3686c12ba051"> <div> <div> <h2>How to Tell if You’re Inside a Container</h2> <div><h3>ACM.279 Commands you can execute to try to figure out if your commands are executing inside a container</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*D_kSSBRMNRjge-pNGyEvqw.png)"></div> </div> </div> </a> </div><div id="eb68" class="link-block"> <a href="https://readmedium.com/cloning-git-repositor

Options

ies-in-a-container-e8b09c508d5f"> <div> <div> <h2>Cloning git Repositories in a Container</h2> <div><h3>ACM.280 Executing commands when building an image versus when you run a container based on the image</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*QwIJ4lIuWqdUC-5r0XnJUw.png)"></div> </div> </div> </a> </div><div id="434c" class="link-block"> <a href="https://readmedium.com/container-engines-and-runtimes-22d29e3d243c"> <div> <div> <h2>Container Engines and Runtimes</h2> <div><h3>ACM.278 Sorting all all the runtimes and why they exist</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*7trxQSRk9lKDSH_lKLYBcw.png)"></div> </div> </div> </a> </div><div id="559a" class="link-block"> <a href="https://readmedium.com/security-flaws-due-to-incorrectly-imported-libraries-c6ba7c3cb947"> <div> <div> <h2>Security Flaws Due To Incorrectly Imported Libraries</h2> <div><h3>Investigating why an import of boto3 throwing an OpenSSL error and pondering the implications</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/0*PJPPBSsRAp4sxqsR.png)"></div> </div> </div> </a> </div><h2 id="8a3d">Testing and QA</h2><div id="a3e6" class="link-block"> <a href="https://readmedium.com/test-automation-for-deployments-66bb49db1840"> <div> <div> <h2>Test Automation for Deployments</h2> <div><h3>ACM.26 Making sure code changes don’t break something else</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*unJLMBAr4qgkmQBcbvTp5Q.png)"></div> </div> </div> </a> </div><div id="f940" class="link-block"> <a href="https://readmedium.com/evaluating-use-of-a-new-programming-language-04aaeef83897"> <div> <div> <h2>Evaluating Use of a New Programming Language ~ Rust</h2> <div><h3>Is it safe to use an open source language not supported directly by a vendor?</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*CqbkcuZFJJ2JwOthO__Vvw.png)"></div> </div> </div> </a> </div><div id="da3b" class="link-block"> <a href="https://readmedium.com/the-value-of-testing-7d4dc90d56fb"> <div> <div> <h2>Better testing for better outcomes</h2> <div><h3>Infrastructure, disaster recovery, product, and penetration testing</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*lENCyTFqmpJ3MIsSuOWBWw.jpeg)"></div> </div> </div> </a> </div><div id="7a3f" class="link-block"> <a href="https://readmedium.com/love-your-qa-team-f0c2b4d3be32"> <div> <div> <h2>Love Your QA Team</h2> <div><h3>They prevent customers like me from finding YOUR bugs in production</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*p2C0tYrDjhZpiFN6RA6CLg.png)"></div> </div> </div> </a> </div><h2 id="0ae7">Precedence issues between Python 2 and Python 3</h2><div id="4846" class="link-block"> <a href="https://readmedium.com/potential-bugs-and-security-problems-due-to-change-in-module-precedence-from-python-2-to-python-3-a2cb3aee1cc6"> <div> <div> <h2>Potential Bugs and Security Problems Due to Change in Module Precedence from Python 2 to Python 3</h2> <div><h3>Is Python 3 on an AWS Ubuntu instance not behaving the way the documentation says it should?</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*4oxP4LXk8l8c3mpRvO7ejg.png)"></div> </div> </div> </a> </div><p id="d3e9">Many more application security stories embedded in this series of hundreds of blog posts.</p><div id="3427" class="link-block"> <a href="https://readmedium.com/automating-cybersecurity-metrics-890dfabb6198"> <div> <div> <h2>Automating Cybersecurity Metrics (ACM)</h2> <div><h3>A series of blog posts on cybersecurity metrics and security automation</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*L9lEIsaWt6xm2Op2ww-G5w.png)"></div> </div> </div> </a> </div><p id="9185">Your process affects how you effectively you get things done but you should also add security requirements into your scrum stories.</p><div id="2219" class="link-block"> <a href="https://2ndsightlab.medium.com/scrum-c4d301c1c8b2"> <div> <div> <h2>Scrum</h2> <div><h3>Posts about Simple Scrum for more efficient and secure software development processes by Teri Radichel</h3></div> <div><p>2ndsightlab.medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*rb4x4xfP9UFkqwpGLsvu1g.png)"></div> </div> </div> </a> </div><p id="4b4e">Also check out my posts on penetration testing and bug bounties:</p><div id="d6e4" class="link-block"> <a href="https://readmedium.com/pentesting-and-bug-bounties-46bd69ef486d"> <div> <div> <h2>Pentesting and Bug Bounties</h2> <div><h3>Stories about penetration testing, cloud pentesting, security testing, and cloud security assessments by Teri Radichel</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*nT0wIyzaJObeDS9FWJzAkA.png)"></div> </div> </div> </a> </div><p id="09c6">And this series on Machine Learning.</p><div id="6970" class="link-block"> <a href="https://readmedium.com/security-machine-learning-part-1-f5fb3e40fb84"> <div> <div> <h2>Security & Machine Learning — Part 1</h2> <div><h3>Basic machine learning terminology</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*ubjkPg6nfc3ds2bIa7Lx7A.jpeg)"></div> </div> </div> </a> </div><p id="f1a4">Error messages and bugs I’ve encountered and in some cases, how I resolved them, when possible. Python bugs, JSON, YAML and CloudFormation error messages are high up on the list, along with some Azure, AWS, and GCP errors, bugs, and feature requests.</p><div id="1845" class="link-block"> <a href="https://medium.com/bugs-that-bite"> <div> <div> <h2>Bugs That Bite</h2> <div><h3>Helping make the world a better place, one error message at a time.</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*VzAWfDm60qtT2yXbXOy-rg.png)"></div> </div> </div> </a> </div><p id="91a7">If you want to understand cybersecurity at a high level, my book at the bottom of this post explains all the basic concepts including networking, encryption, governance, incident response, risk management, and other things your security team is concerned about that developers and DevOps teams may not be responsible for in an organization.</p><p id="f171">Follow for updates.</p><p id="4a3a">Teri Radichel | <i>© <a href="https://2ndsightlab.com/?source=post_page---------------------------">2nd Sight Lab</a> 2023</i></p><div id="8b5f"><pre><span class="hljs-section">About Teri Radichel:

⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab</pre></div><div id="caae"><pre><span class="hljs-section">Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~</span>
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation</pre></div><div id="5a42"><pre>Follow <span class="hljs-keyword">for</span> more stories like <span class="hljs-keyword">this</span>:

❤️ Sign Up my Medium Email List ❤️ Twitter: <span class="hljs-meta">@teriradichel</span> ❤️ LinkedIn: https:<span class="hljs-comment">//www.linkedin.com/in/teriradichel</span> ❤️ Mastodon: <span class="hljs-meta">@teriradichel</span><span class="hljs-meta">@infosec</span>.exchange ❤️ Facebook: 2nd Sight Lab ❤️ YouTube: @2ndsightlab</pre></div><figure id="faf5"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/0*H9Ew1KCl-29nZiPR.jpeg"><figcaption></figcaption></figure></article></body>

Application Security

Stories on Application Security (AppSec) and Secure Code by Teri Radichel

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Check out my series on Automating Cybersecurity Metrics. The Code.

🔒 Related Stories: Data Breaches | Application Security | Secure Code

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

You can find a whole series of posts on secure code fundamentals here that may eventually become a book:

Other application security posts:

Programming Languages

Github Security

Abstraction in Cybersecurity

The Dry Principle

Container Security

Testing and QA

Precedence issues between Python 2 and Python 3

Many more application security stories embedded in this series of hundreds of blog posts.

Your process affects how you effectively you get things done but you should also add security requirements into your scrum stories.

Also check out my posts on penetration testing and bug bounties:

And this series on Machine Learning.

Error messages and bugs I’ve encountered and in some cases, how I resolved them, when possible. Python bugs, JSON, YAML and CloudFormation error messages are high up on the list, along with some Azure, AWS, and GCP errors, bugs, and feature requests.

If you want to understand cybersecurity at a high level, my book at the bottom of this post explains all the basic concepts including networking, encryption, governance, incident response, risk management, and other things your security team is concerned about that developers and DevOps teams may not be responsible for in an organization.

Follow for updates.

Teri Radichel | © 2nd Sight Lab 2023

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab
Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation
Follow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab
Appsec
Application Security
Code
Security
Topics
Recommended from ReadMedium
avatarAlexander Nguyen
The resume that got a software engineer a $300,000 job at Google.

1-page. Well-formatted.

4 min read
avatarTaimur Ijlal
The Cybersecurity Job market Is Changing... Are you ready for the next 5 years ???

The industry is changing .. Adapt or get left behind!

5 min read
avatarJan Kammerath
Why Tech Workers Are Fleeing Germany — A Reality Check

Over the past months and years I have seen a number of friends and colleagues leave Germany for good. Some of them were native Germans…

14 min read
avatarDeepak Gupta
WebAuthn: Passwordless Auth & Passkeys | Secure & Innovative

Discover the future of secure and innovative authentication with WebAuthn. Say goodbye to passwords and hello to passwordless auth and…

6 min read
avatarDerek Johnson
I’m Unemployed for Over Two Years (as a software engineer)

In 2022, I worked on a contract as a software engineer at Apple. Apple dissolved our entire team right before the 2022 tech recession…

3 min read
avatarAfan Khan
Microsoft is ditching React

Here’s why Microsoft considers React a mistake for Edge.

6 min read