I've always been interested in Security. My problem is, most of the time I am in over my head. I am not a developer, and cant program my way out of a paper bag. My background is hardware and PhySec...yet here I am in software.
BUT, like most people in IT, I have become really good at finding the answers. Places like StackOverflow and gitter.im chats fully prove the adage "you're not the first person to have to crack this nut." I am forever thankful to the community for daring to ask the "dumb questions" in public, so we can all learn behind them.
That's not what this blog is about though. No, this is about all those times when you are the first to ask the dumb questions, when it is your nut to crack, and your google-fu has failed. As a way of giving back, I have decided to start this blog. Here you will find snippets for things I had to figure out myself. As such, I promise there is probably a better way to "skin the cat": the code will be raw, and in rare cases may not work yet (I will always note that.)
The focuses will be on toolsets and Infra I currently use: AWS/Azure, cloudcustodian, cloudsploit/Aquasec, and maybe even some Linux Administration stuff in Bash.
If this sounds good to you, buckle up buttercup!