Publications
The followings are articles and publications on external websites/magazines I've contributed to.
Towards a holistic approach to container security: a strategy (02/2022)
Containers have become the de-facto standard for running modern and cloud native services, whether they’re provided as service to external stakeholders or used internally. In this article I go over a simple cybersecurity strategy for container-based workloads based on the NIST Cybersecurity Framework (CSF).
Appeared on: Astrokube blog
Fantastic! Public S3 Buckets and How to Find Them (02/2019)
Unwanted public S3 buckets are a continuous threat. They have been (and still are) causing havoc all over the web. In this blog post I go over the AWS S3 bucket permissions model and how to spot public buckets using SumoLogic and AWS command line tool.
Appeared on: Auth0 blog
Building Secure Network (09/2013)
As the security paradigm shifted from “static” to “dynamic” defense, network companies need to adequate its security arsenal, not only about network security, but also end point protection, monitoring and backup policies. In this article I talk about how improve networks security by taking an holistic approach that covers all assets connected to a network.
Appeared on: eForensics Magazine
Four Windows Xp Forensic Analysis Tips & Tricks (07/2013)
When conducting forensics analysis of a Windows XP system, it must be taken into account some particular behaviors that can lead to misleading conclusions if not properly handled. This article shows some peculiar FAT and NTFS behaviors on access and modified time for files and folders which could throw off the whole investigation.
Appeared on: eForensics Magazine
A Practical Approach to Timelining (06/2013)
As it is, timelining refers to the technique used to keep tracks of changes occurred in an operating system by creating a timeline of activities, pulled down from various data sources, as the investigation process requires. This article reports some tips on how to create effective timelines to help and speed up your investigation.
Appeared on: eForensics Magazine