Danny Gershman

By

In an era where cybersecurity threats loom large, the concept of “Airgap First Development” has emerged as a paramount strategy for safeguarding critical infrastructure and data. This approach prioritizes security by minimizing network connections to external repositories and services, thereby reducing vulnerabilities. In this article, we will explore the concept of Airgap First Development in...
In today’s cybersecurity landscape, where threats evolve relentlessly, organizations cannot rely solely on tracking known vulnerabilities and Common Vulnerabilities and Exposures (CVEs) to safeguard their digital assets. While CVE tracking is essential, it’s just the tip of the iceberg. This article delves into why depending solely on CVEs is insufficient for defending against attacks and...
POC: https://github.com/radiusmethod/lortnoc In an age where digital interconnectedness dominates, supply chain risks have taken on a new form – one that lurks within the lines of code itself. This article delves into a compelling proof of concept known as “Lortnoc,” which has demonstrated the potential supply chain vulnerabilities stemming from code obfuscation. The intricate nature...
Source Code: https://github.com/radiusmethod/knock In the world of cybersecurity, the constant battle between attackers and defenders has led to the evolution of innovative techniques to safeguard network infrastructures. Among these, “Port Knocking” has emerged as a unique and increasingly popular method for enhancing network security. Originally conceived as an obscure concept, port knocking has experienced a...
For one of our customers, we had a requirement to use ArgoCD to serve up applications inside a Big Bang-based Kubernetes Cluster deployed with Zarf. There is a lot to unpack there. ArgoCD is a tool in the GitOps space that enables sort of an inversion of control pattern in a Kubernetes cluster (very similar...
A colleague of mine noticed that an automated process that he maintains stopped being able to retrieve a file from a Cloudfront hosted site that DISA maintains. Essentially he started receiving TLS related errors. I looked into this with him and we noticed that the SAN certificate was issued by Entrust and was renewed 5...
1 2