Privacy is not Security
While privacy and security are two concepts that closely follow each other, they are two different things. What exactly is the difference between these topics?
The personal website of Phil MassynΒΆ
Digital Ocean is (probably not) better than AWS
Earlier this week, while browsing through my Twitter feed, I saw a post where someone was saying that Digital Ocean was better than AWS. Having used both of them extensively, the post caught my attention, and after reading through the comments, it became very clear to me that there was a huge misunderstanding between the two services. Let's break it down.
Why did I get hacked?
It's a question I get asked frequently. Friends and family have faced this numerous times. "My Facebook account got hacked! How did this happen?"
PHP mySQL PDO guide
When coding in PHP, there are a few coding examples of how to securely connect to a database.
Accessing your EC2 instances securely
Cloud-native applications are certainly the way to go to maximize your cloud investment, however, for many organizations, redeveloping their in-house applications to be cloud-native can be a daunting (and expensive) exercise. So in many cases, it makes sense to lift-and-shift the on-prem servers to the cloud to utilize at least some of the benefits of cloud infrastructure.
Having those servers in the cloud is one thing, how do you connect securely to them to perform your support tasks?
PHP Security Guide
According to W3techs.com, at least 77.6% of websites run on PHP. PHP, like any programming language, if implemented incorrectly, can cause you a lot of headaches.
Authenticating with AWS Cognito from PHP
AWS Cognito is a service that handles user creation and authentication for your application, allowing you to focus on the key aspects of your application.
Privilege escalation risks in AWS
A privilege escalation risk is where a user account within a system has the ability to elevate their privileges to a higher level than what was originally intended. This can have disastrous consequences, particularly if you have an insider threat. This type of risk is not limited to insiders only. Any user account with the right permissions can result in unwanted elevated permissions.
The us-east-1 outage of 2021
December 7th 2021 saw an outage in the us-east-1 region of AWS. The outage had a significant impact, not just on AWS, but for many customers all around the world.
Security Hygiene
Security hygiene is the practice of maintaining a computer system, by ensuring the basic controls are executed on a regular basis. It is, at its core, a precautionary practice, sometimes may be seen as mundane, yet still critical to the safe operation of your IT system.