Danny Gershman | Radius Method

AFD: Airgap First Development: Securing Kubernetes, Terraform, and Containers

October 22, 2023ByDanny GershmanAirgaparticle0

In an era where cybersecurity threats loom large, the concept of “Airgap First Development” has emerged as a paramount strategy for safeguarding critical infrastructure and data. This approach prioritizes security by minimizing network connections to external repositories and services, thereby reducing vulnerabilities. In this article, we will explore the concept of Airgap First Development in...

Beyond the Illusion of CVEs: Why Known Vulnerabilities Aren’t Enough for Comprehensive Defense

September 24, 2023ByDanny GershmanSupply Chain Riskarticle0

In today’s cybersecurity landscape, where threats evolve relentlessly, organizations cannot rely solely on tracking known vulnerabilities and Common Vulnerabilities and Exposures (CVEs) to safeguard their digital assets. While CVE tracking is essential, it’s just the tip of the iceberg. This article delves into why depending solely on CVEs is insufficient for defending against attacks and...

RADIUS METHOD WINS SUBCONTRACT TO PROVIDE INNOVATION IN CONTAINERIZATION SECURITY ON PLATFORM ONE IRON BANK

September 17, 2023ByDanny GershmanNewsnews0

RADIUS METHOD WINS SUBCONTRACT TO ADVANCE ZERO TRUST INITIATIVES FOR AIR FORCE CLOUD NATIVE ACCESS POINT

September 9, 2023ByDanny GershmanNewsnews0

Unveiling Supply Chain Risks: Code Obfuscation’s Hidden Dangers

August 30, 2023ByDanny GershmanSupply Chain Riskarticle0

POC: https://github.com/radiusmethod/lortnoc In an age where digital interconnectedness dominates, supply chain risks have taken on a new form – one that lurks within the lines of code itself. This article delves into a compelling proof of concept known as “Lortnoc,” which has demonstrated the potential supply chain vulnerabilities stemming from code obfuscation. The intricate nature...

RADIUS METHOD WINS SUBCONTRACT TO BRING DEVSECOPS SOFTWARE FACTORY EXPERTISE TO PLATFORM ONE PARTY BUS

August 7, 2023ByDanny GershmanNewsnews0

The Resurgence of Port Knocking: A Stealthy Access Control Technique

July 29, 2023ByDanny GershmanCountermeasuresarticle0

Source Code: https://github.com/radiusmethod/knock In the world of cybersecurity, the constant battle between attackers and defenders has led to the evolution of innovative techniques to safeguard network infrastructures. Among these, “Port Knocking” has emerged as a unique and increasingly popular method for enhancing network security. Originally conceived as an obscure concept, port knocking has experienced a...

RADIUS METHOD WINS SUBCONTRACT TO HELP DRIVE SECURE KUBERNETES DEVELOPMENT ON PLATFORM ONE BIG BANG

July 28, 2023ByDanny GershmanNewsnews0

Zarf Agent Enhancement Journey

July 2, 2023ByDanny GershmanAirgaparticle0

For one of our customers, we had a requirement to use ArgoCD to serve up applications inside a Big Bang-based Kubernetes Cluster deployed with Zarf. There is a lot to unpack there. ArgoCD is a tool in the GitOps space that enables sort of an inversion of control pattern in a Kubernetes cluster (very similar...

Battling Certificate Errors with Entrust + DISA

April 18, 2023ByDanny GershmanTroubleshootingarticle0

A colleague of mine noticed that an automated process that he maintains stopped being able to retrieve a file from a Cloudfront hosted site that DISA maintains. Essentially he started receiving TLS related errors. I looked into this with him and we noticed that the SAN certificate was issued by Entrust and was renewed 5...

1 2