The personal website of Phil Massyn¶

July 8, 2025
in security
4 min read

Zero Trust for Applications

The Zero Trust methodology has been around for a while, and many organisations have been implementing Zero Trust principles. When considering applications deployed in an enterprise, organisations typically implement zero trust at the infrastructure layer, protecting access to and from applications and securing network communications.

Infrastructure-level protection is essential, but there's another threat vector: the application itself. While SDLC processes and security tools help secure code, there's an opportunity to implement Zero Trust principles directly within applications.

June 14, 2025
in reporting
4 min read

Reporting Tools Overview

As a Cyber specialist, I have had to develop quite a few security dashboards over the years. This has lead me down a path of data engineering, combining my expertise in Cyber engineering with data. While working with different reporting tools, I have come to know some of them quite well, and in this blog post, I will share some of my thoughts on the different tools, and give you a bit of insight to which one to choose for your next project.

April 13, 2025
in aws, reporting
4 min read

HOWTO: Host your own reporting platform on AWS

Metabase and Grafana are both quite capable reporting platforms. Both vendors offer you the ability to run the software for free on your own infrastructure, so it's quite an attractive option for companies who would like to have some business intelligence capability without breaking the bank. In this guide, I will show you how can use the Cloudformation template to deploy these reporting tools on your aws environment.

April 12, 2025
in security, dashboard
4 min read

The Metric Library: Practical Security Metrics for Real Dashboards

"Build my cyber security dashboard, and put metrics on the board" - A statement I have heard all too often, and when you go into the design phase to choose the metrics, there are blank stares all around the room. We want to measure something, but we don't know what.

April 6, 2025
in security, compliance
4 min read

Security is not Compliance

Some companies like to combine their Security and Compliance teams into one entity. I've worked in environments like that before, and I can tell you from experience that it is usually a bad idea to mix the two. Let's dig into it.

March 23, 2025
in aws
4 min read

Who's using my certificates?

A few weeks ago, aws informed me that it was unable to renew some of my ACM, naturaly because I moved it all over to Cloudflare a few months ago. Things got interesting when I tried to clean it up..

March 9, 2025
in ai, coding
7 min read

Coding with AI

Tools like ChatGPT have been a game changer in a lot of industries. There is a fear floating that AI will replace programmers, displacing more jobs. Over the past year I have been using these tools in my own coding journey, and I learned a few things along the way.

February 15, 2025
in troubleshooting
12 min read

The Art of Troubleshooting

As technicians, we often have to solve some difficult problems. I've had my fair share of whoppers, were I thought the world is coming crashing down. After a while, I started learning a process for dealing with technical problems.

November 17, 2024
in python
8 min read

Generate documents with Jinja2 in Python

There are cases where you record data in a number of data sources, and then need to generate documentation from that data. One case I get involved in from time-to-time is to generate documentation from data collected in various data sources. Rather than copying-and-pasting, we can use code to dynmically generate documentation. In this post, I will show you some examples in how we can use jinja2 to generate markdown in Python.

November 16, 2024
in aws
3 min read

Update Route 53 dynamically

Route 53 is the DNS service on Amazon Web Services. It does everything from domain registration to the hosting and management of domain names.