Dependency Management and Security

Security conscious developers can avoid security pitfalls in their own code, but what about the code that the developer did not write but is using?

A Newer Dev's Perspective on Learning OWASP

Why I'm learning Application Security as a blooming developer, and why other new programmers should consider it too! An overview of AppSec for beginners.

AppSec as a Requirement in the Development Process

A prediction that web application security will not be a post-development plugin you can add to your application in the decade of 2020-2030 and what you can do about it.

Xfinity is Man-in-the-Middle (MITM) Attacking my Internet

Did you know that Xfinity regularly launches security attacks against it's own customers?

Patch Production Faster with Security-oriented Agile Development Practices

Companies take too long to patch production leaving plenty of time for threats to attack! Here's how to fix it with security-oriented Agile practices.

The Case for 2FA, Post Rest-client Gem CVE

On 08/19/2019, a CVE was discovered on a popular Ruby gem called Rest-client. Although caught quickly, this could raise the case of 2FA being a requirement for Package Manager accounts like Rubygems and NPM.

Account Protection Policies to Cover Business Assets

Utilizing two factor authentication, strong passphrases, password managers, and NIST standards; private company accounts can remain secure. Cover your assets!

Restrict Who Can Push to Matching Branches on Github

On GitHub, you can enable branch restrictions allowing only certain users, teams, or apps to be able to push to a protected branch.

New Interview on Drifting Ruby

Recent Drifting Ruby Episode #183 interview with Frank Rietta, Web Application Security Architect.

Applying Agile and Security in Software Development Public Appearance at KSU

Frank will be presenting Applying Agile and Security in Software Development at the IS General Speaker Series #3 on 2/28/2018 at KSU in Marietta.