Clik here to view.
Using Okta (and other SAML IdPs) with Rancher 2.0
Background At the time of this post’s writing, Rancher (an open-source kubernetes cluster manager) v2.0.7 has just landed, and it includes SAML 2.0 support for Ping Identity and Active Directory...
View ArticleClik here to view.
An introduction to Rancher 2.0
What is Rancher 2.0? For those who may not be familiar with it, Rancher 2.0 is an open-source management platform for Kubernetes. Here’s the relevant bits of their elevator pitch: Rancher centrally...
View ArticleClik here to view.
Cattle, not pets: infrastructure, containers, and security in our new,...
Pets My employer has always lived on the cloud. We started running on Google App Engine, and for the last decade, the platform has served us well. However, some of our complex workloads required...
View ArticleClik here to view.
Remote access to production infrastructure (death to the VPN!)
Views expressed within this post are entirely my own, and may not reflect the views of my employer, their leadership, or their security staff. One of the cooler things about how we run infrastructure...
View ArticleClik here to view.
We desperately need a way to rapidly notify people of high-impact...
tl;dr: I built a free and open service, bugalert.org, that is powered by GitHub. When the Log4j vulnerability was first discovered, it was reported, as most are, on Twitter. 13 hours passed between the...
View ArticleClik here to view.
Getting your money’s worth: making runtime logging more valuable
“Get your money’s worth” I like this phrase. I hadn’t really stopped to think about it until I wrote this blog post. I unpack it as: “Get the amount of value you expect to receive for the cost.” Today...
View ArticleClik here to view.
Using your existing devices for phish-proof MFA in Okta
IT and security professionals: you are free to copy and modify this content however you’d like without attribution. I encourage the reuse of this content for your own internal documentation or guides....
View ArticleClik here to view.
Passing a cookie with a headers dictionary in the Python Requests library
or: why does Python Requests override my ‘cookie’ header without asking me? The solution Usually my posts are long-form, but today I’m just putting a solution out there so I can easily find it when I...
View ArticleClik here to view.
The missing piece: the need for product management in security teams
A lack of product managers in the security function is burning out security leaders and making their direct reports miserable. Career transition In January of 2020, I took a new role at my B2B SaaS...
View ArticleClik here to view.
From rebuilds to reloads: hacking AWS Lambda to enable instant code updates
Integral Cloud is a cloud platform which helps knowledge workers write and run small Python applications. I learned a ton of new and interesting things while building this platform, and for the next...
View Article
