Links
Add
HPKE: Standardizing public-key encryption (finally!)
https://blog.cloudflare.com/hybrid-public-key-encryption
HPKE (RFC 9180) was made to be simple, reusable, and future-proof by building upon knowledge from prior PKE schemes and software implementations. It is already in use in a large assortment of emerging Internet standards and has a large assortment of interoperable implementations. This article provides an overview of this new standard, going back to discuss its motivation, design goals, and development process.
RFC 9180: Hybrid Public Key Encryption
https://www.rfc-editor.org/rfc/rfc9180.html
The Big List of Engineering Management Resources – March 2022
https://practicallyleading.dev/the-big-list-of-engineering-management-resources-march-2022
My Inspirations
Now as a Director of Engineering at Docker, I’ve been doing some type of engineering leadership for the last decade.
I have learned from the best over the years, and many resources have shaped who I am and philosophies for how I lead....
Added 1 month ago
GitHub Actions Security Best Practices [cheat sheet included]
https://blog.gitguardian.com/github-actions-security-cheat-sheet/
Learn how to secure your GitHub Actions with these best practices! From controlling credentials to using specific action version tags, this cheat sheet will help you protect against supply-chain attacks. Don't let a malicious actor inject code into your repository - read now!
Added 1 month ago
Enable SLO-as-Code with Nobl9 and GitLab | GitLab
https://about.gitlab.com/blog/2022/05/09/enable-slos-as-code/
https://github.com/cirruslabs/tart
https://github.com/cirruslabs/tart
macOS and Linux VMs on Apple Silicon to use in CI and other automations - cirruslabs/tart
Nobl9 Shares SLO-as-Code Methodology - DevOps.com
https://devops.com/nobl9-shares-slo-as-code-methodology/
Nobl9 has released an open specification for defining SLOs and, in addition, has defined a repeatable SLO methodology.
Introduction | asdf
https://asdf-vm.com/guide/introduction.html
Manage multiple runtime versions with a single CLI tool
Added 1 month ago
Show HN: Restfox – Open source lightweight alternative to Postman
https://restfox.dev
A REST client for the Web
Added 1 month ago
aurae-runtime/aurae: Distributed systems runtime daemon written in Rust.
https://github.com/aurae-runtime/aurae
Distributed systems runtime daemon written in Rust. - aurae-runtime/aurae
Added 1 month ago
Vulhub: Pre-Built Vulnerable Environments Based on Docker-Compose
https://news.ycombinator.com/item?id=32963636
Install EKS-D with MicroK8s - General Discussions / microk8s - Discuss Kube
https://discuss.kubernetes.io/t/install-eks-d-with-microk8s/21479
What is EKS-D
Amazon EKS Distro (EKS-D) is a Kubernetes distribution based on and used by Amazon Elastic Kubernetes Service (Amazon EKS). It provides latest upstream updates as well as extended security patching support…
Added 1 month ago
Non-Pharmacological ADHD Treatment - Australian ADHD Clinical Practice Guid
https://adhdguideline.aadpa.com.au/non-pharmacological/
There is a need to evaluate the effectiveness of non-pharmacological treatment options to guide Australian clinicians and people with ADHD when choosing appropriate evidence-based intervention options.
Libre Tools from the National Cybersecurity Competence Center of Luxembourg
https://opensource.nc3.lu
Added 1 month ago
Launch HN: Idemeum (YC S21) – Passwordless access to apps and infrastructur
https://news.ycombinator.com/item?id=33346183
Free: Dastardly from Burp Suite | Blog - PortSwigger
https://portswigger.net/blog/free-dastardly-from-burp-suite
Introducing Dastardly - a free, lightweight web application security scanner for your CI/CD pipeline, from the makers of Burp Suite. Secure web development ain't easy Ensuring your code is written sec
https://github.com/ballerine-io/ballerine
https://github.com/ballerine-io/ballerine
Open-source infrastructure and data orchestration platform for risk decisioning - ballerine-io/ballerine
Added 1 month ago
How to mitigate OWASP vulnerabilities while staying in the flow | The GitHu
https://github.blog/2022-11-04-how-to-mitigate-owasp-vulnerabilities-while-staying-in-the-flow/
Explore how GitHub Advanced Security can help address several of the OWASP Top 10 vulnerabilities
Spotify’s Vulnerability Management Platform - Spotify Engineering : Spotify
https://engineering.atspotify.com/2022/11/spotifys-vulnerability-management-platform/
We started developing our vulnerability management platform (VMP) at Spotify in Q2, 2020, and now that we’ve implemented it and use the system in our day-to-day work, we wanted to take a moment to share our journey to help reduce security risks in an efficient and scalable manner.
Added 1 month ago
Spotify Introduces Kitsune Vulnerability Management Platform
https://www.infoq.com/news/2022/11/spotify-kitsune-platform/
Spotify recently introduced its security vulnerability management platform, Kitsune. Right from vulnerability detection to providing insights based on metrics, Kitsune manages the overall security vul
Added 1 month ago
Git Notes: Git's Coolest Most UnlovedFeature
https://tylercipriani.com/blog/2022/11/19/git-notes-gits-coolest-most-unloved-feature/
Added 1 month ago