In an era where cybersecurity threats loom large, the concept of “Airgap First Development” has emerged as a paramount strategy for safeguarding critical infrastructure and data. This approach prioritizes security by minimizing network connections to external repositories and services, thereby reducing vulnerabilities. In this article, we will explore the concept of Airgap First Development in...

In today’s cybersecurity landscape, where threats evolve relentlessly, organizations cannot rely solely on tracking known vulnerabilities and Common Vulnerabilities and Exposures (CVEs) to safeguard their digital assets. While CVE tracking is essential, it’s just the tip of the iceberg. This article delves into why depending solely on CVEs is insufficient for defending against attacks and...

POC: https://github.com/radiusmethod/lortnoc In an age where digital interconnectedness dominates, supply chain risks have taken on a new form – one that lurks within the lines of code itself. This article delves into a compelling proof of concept known as “Lortnoc,” which has demonstrated the potential supply chain vulnerabilities stemming from code obfuscation. The intricate nature...

Source Code: https://github.com/radiusmethod/knock In the world of cybersecurity, the constant battle between attackers and defenders has led to the evolution of innovative techniques to safeguard network infrastructures. Among these, “Port Knocking” has emerged as a unique and increasingly popular method for enhancing network security. Originally conceived as an obscure concept, port knocking has experienced a...

While setting up a platform for one of our customers, our team noticed that it would be beneficial if we could update the banner background color and the banner text color for ArgoCD. ArgoCD is a tool that enables a Kubernetes cluster to pull changes directly from a Git repository using Helm, also known as...

For one of our customers, we had a requirement to use ArgoCD to serve up applications inside a Big Bang-based Kubernetes Cluster deployed with Zarf. There is a lot to unpack there. ArgoCD is a tool in the GitOps space that enables sort of an inversion of control pattern in a Kubernetes cluster (very similar...

A colleague of mine noticed that an automated process that he maintains stopped being able to retrieve a file from a Cloudfront hosted site that DISA maintains. Essentially he started receiving TLS related errors. I looked into this with him and we noticed that the SAN certificate was issued by Entrust and was renewed 5...

There are times when security compliance and auditing make sense.  At times, there can be regulations and facilities requirements that exist that require that from a perspective indeed do qualify as security requirements and lead to the implementation of controls. Enter Policy As Code (PaC).  The sole purpose of security is to enable the business...

Terraform is a programming language that allows for describing an Application Programming Interface (API) with the additional benefit of state management and locking. In this example, we are managing AWS (Amazon Web Services) resources with Infrastructure-As-Code. There are several vulnerabilities that have been found in the last few days to layer into the Log4J vulnerabilities...

BeyondCorp is an implementation ideal surrounding Zero Trust Networking and Architecture. I wrote an article for US CyberSecurity Magazine called “Identity and Transmission Based Authentication” right before the pandemic started, not knowing how spot-on I was going to be. The proliferation with work-from-home however, I could not have calculated to occur so rapidly. Organizations were...