Latest Posts

It has been a bit of time since I last wrote anything here, the past year and a bit has been interesting to say the least.  I have just come back from an idyllic week in Sherwood Forest, where I spent...

I have moved to a new hosting plan as such it may take a bit of time before this site is back and running properly

For the past few months I have spent quite a bit of time interviewing candidates for DevSecOps positions, we are not looking for any one particular position. We have a need for a number of people with...

So I finally was able to go to a test centre to sit my (ISC)2 CISSP exam, I was initially planning on doing this in April but the lockdown stopped me. I have spent the past month watching a number of Pluralsight...

It has been a busy month, where I spent most of my time studying for my CISSP exam, as such I failed to post this about the first ever virtual spice world conference from September. This is the annual...

Following on from my previous post about Network Security Groups, this post is about securing an App Service Environment. An Application Gateway with Web Application Firewall (WAF) is also included to...

Azure Network Security Groups (NSG) are a core tool that enables you to control the network traffic flow within an Azure Virtual Network. A Network Security Group is a collection of stateful layer 3/4...

Following on from an earlier post about incorporating penetration testing with OWASP ZAP into an Azure DevOps pipeline, I am going to talk about how to add vulnerability checks for your ARM Templates to...

One of the most effective ways of enhancing the security posture of a solution is to incorporate security into the development lifecycle and embed it within the normal CI/CD pipelines of a project. In...