From BSides Boulder 2024, many attempts to figure out who did what, when, where, and why in a git repository (and some lessons learned, too). This is an expanded set of slides and resources since ...

A modest abundance of Raspberry Pi computers means I simply must build a little Kubernetes cluster. Having lost my near-infinite supply of Azure credits, it’ll be a nice return to how I got starte...

About a week before I submitted my resignation from my last role, a spirited conversation happened in a Slack channel dedicated to employee compensation - specifically the well-known trend of new h...

I love the energy students bring to a college town. Now that the holidays are over and graduation is around the corner, many join in the local professional groups to network. It’s exciting to see...

Some containers are big and with a good enough reason to be big. Reliably reducing their size isn’t difficult or complicated, but it is work. Let’s see if we can find a shortcut. 🌟 Overview an...

Some containers are big, but reliably reducing their size isn’t difficult or complicated. Now that we know what goes into an image, let’s take one easy step to ship only what’s needed - the final ...

Some containers are big and with a good enough reason to be big. Reliably reducing their size isn’t difficult or complicated. Big images can be secure, too. Let’s unpack the relationship between...

Working with teams along their container adoption journey, I have a lot of conversations about “container size insecurity” from engineers comparing their new infrastructure to … anything, really. ...

One of the most misunderstood parts of software supply chain security is the difference between signing and attesting. It’s both getting more attention lately and with it, a lot more vendor FUD. ...

Let’s chat about that AI recorder in job interviews. Since I’ve been asked a few times about it on interviews, it can’t be that common yet. I’ve been using it a lot while in the hiring loop for v...