Skip to main content

Filed under

Security

43 entries

  1. Open Source·6 min read·

    Grading GitHub Repos: Six-Dimension Hygiene Scores from repo-health-report

    A static-analysis tool that grades any GitHub repo across security, testing, docs, architecture, devops, and maintenance. The methodology is still WIP, but the findings are consistent: most repos are skipping the basics.

  2. Security·8 min read·

    Signed USB Rescue Boot: aegis-boot and the QEMU+OVMF Persona Harness

    A UEFI-Secure-Boot-preserving rescue USB for any ISO, and the companion QEMU harness that validates it against ~100 hardware personas without physical Frameworks, ThinkPads, or Dells on a lab bench.

  3. Security·6 min read·

    Investigating the Trivy Supply Chain Compromise with AI Agents

    How I used AI-assisted investigation to triage the trivy-action supply chain attack across my homelab repos — and some thoughts on weekend incident response and community notification gaps.

  4. Ai·8 min read·

    Consensus Voting With AI Models: When Three Opinions Beat One

    How multi-model consensus voting catches blind spots that single models miss. The research behind adversarial roles, Bayesian aggregation, and structured deliberation across Claude, Gemini, and Codex.

  5. Cloud·11 min read·

    Building a Private Cloud in Your Homelab with Proxmox and Security Best Practices

    Learn to build and secure a production-grade private cloud using Proxmox VE. Covers network segmentation, backup strategies, security hardening, and resource management with real homelab implementation lessons.

  6. Security·10 min read·

    Hardening Docker Containers in Your Homelab: A Defense-in-Depth Approach

    Eight security layers that stopped real attacks in homelab testing: minimal base images, user namespaces, seccomp profiles, network segmentation, and more. Defense-in-depth without Kubernetes overhead.

  7. Security·12 min read·

    Building a Homelab Security Dashboard with Grafana and Prometheus

    Real-world guide to monitoring security events in your homelab. Covers Prometheus configuration, Grafana dashboards, and alerting rules for threat detection.

  8. Supply Chain·10 min read·

    NodeShield: Runtime SBOM Enforcement Stops 98% of Supply Chain Attacks

    NodeShield enforces SBOMs at runtime using CBOM policies to prevent supply chain attacks. Homelab Docker deployment guide with attack simulations, 98.3% prevention rate, and <1ms overhead.

  9. Siem·10 min read·

    SIEM for Homelab: Wazuh vs Graylog Performance Comparison

    Deploy and benchmark Wazuh and Graylog SIEM solutions in your homelab. Performance analysis, resource usage, and integration patterns for security monitoring.

  10. Computational Science·32 min read·

    Preparing Your Homelab for the Quantum Future: Post-Quantum Cryptography Migration

    Implement post-quantum cryptography with CRYSTALS-Kyber and Dilithium—prepare homelab for quantum threats using NIST-approved algorithms.

  11. Ethics·18 min read·

    Building a Privacy-First AI Lab: Deploying Local LLMs Without Sacrificing Ethics

    Build privacy-first AI lab with local LLMs—run models up to 34B on RTX 3090 (24GB VRAM) with network isolation, traffic monitoring, and real privacy controls.

  12. Automation·11 min read·

    Automated Security Scanning Pipeline with Grype and OSV

    Build automated security scanning pipelines with Grype, OSV, and Trivy—integrate vulnerability detection into CI/CD workflows with actionable reporting.

  13. Homelab·8 min read·

    IoT Security in Your Home Lab: Lessons from OWASP IoTGoat

    Test IoT security with OWASP IoTGoat—practice firmware extraction, API exploitation, and hardware hacking in secure lab environments.

  14. Automation·18 min read·

    Building a Smart Vulnerability Prioritization System with EPSS and CISA KEV

    Prioritize vulnerabilities with EPSS and CISA KEV catalog—move beyond CVSS scores to risk-based patch management using exploitation probability metrics.

  15. Automation·5 min read·

    Building Your Own MITRE ATT&CK Threat Intelligence Dashboard

    Build MITRE ATT&CK threat intelligence dashboard with Python—track adversary tactics and techniques using open-source threat feeds.

  16. Homelab·16 min read·

    Implementing Zero Trust Microsegmentation with VLANs

    Implement zero trust with VLAN segmentation—secure homelab networks using micro-segmentation and layer 3 firewalls for defense in depth.

  17. Cryptography·13 min read·

    Self-Hosted Password Manager Migration: Bitwarden Deep Dive

    Migrate to self-hosted Bitwarden—deploy secure vault with backup strategies, SSL certificates, and database encryption for full control.

  18. Homelab·13 min read·

    Building a Network Traffic Analysis Lab with Suricata

    Deploy Suricata IDS/IPS for real-time network threat detection—configure rule management, performance tuning, and SIEM integration for homelab monitoring.

  19. Docker·12 min read·

    Docker Runtime Security Hardening with Linux Security Modules

    Harden Docker containers using AppArmor and SELinux for isolation without orchestration overhead. LSM profiles, seccomp filters, and capability dropping at homelab scale.

  20. Automation·9 min read·

    Vulnerability Management at Scale with Open Source Tools

    Build enterprise vulnerability management with open source—deploy scanning, remediation tracking, and compliance using Nessus and OpenVAS.

  21. Cryptography·6 min read·

    Implementing DNS-over-HTTPS (DoH) for Home Networks

    Deploy DNS-over-HTTPS with Pi-hole and dnscrypt-proxy—encrypt DNS queries for home network privacy and prevent ISP monitoring with DoH implementation.

  22. Ebpf·14 min read·

    eBPF for Security Monitoring: A Practical Guide

    Implement eBPF security monitoring for real-time kernel visibility—track syscalls and network activity with production-ready patterns for threat detection.

  23. Ai·8 min read·

    Local LLM Deployment: Privacy-First Approach

    Deploy local LLMs for privacy-first AI—run language models on homelab hardware with model selection, optimization, and deployment strategies.

  24. Homelab·5 min read·

    Building a Security-Focused Homelab: My Journey

    Build security-focused homelab with Proxmox, VLANs, and IDS/IPS—create testing environment for cybersecurity and family data protection.

  25. Ai·4 min read·

    Securing Your Personal AI/ML Experiments: A Practical Guide

    Secure personal AI experiments with model isolation and network segmentation—protect LLM deployments using privacy controls and threat modeling.

  26. Learning·7 min read·

    From IT Support to Senior InfoSec Engineer: My 15+ Year Journey

    Navigate IT support to senior InfoSec engineer path—learn from 15+ years securing federal systems with practical career transition advice.

  27. Homelab·6 min read·

    Raspberry Pi Security Projects That Actually Solve Problems

    Build Raspberry Pi security projects with Pi-hole, VPN gateway, and honeypots—deploy practical network monitoring and threat detection on budget hardware.

  28. Learning·9 min read·

    Continuous Learning in Cybersecurity: Strategies That Work

    Master continuous cybersecurity learning with lab exercises, research tracking, and community engagement—stay current without burnout.

  29. Automation·4 min read·

    Automating Home Network Security with Python and Open Source Tools

    Automate home network security with Python and Ansible—deploy patching, threat detection, and compliance scanning for homelab infrastructure.

  30. Llm·9 min read·

    LLM-Powered Security Alert Triage with Local Models

    Automate security alert analysis using local LLMs (Ollama) for privacy-preserving incident response. Reduce alert fatigue with AI-powered triage without cloud dependencies.

  31. Architecture·12 min read·

    Blockchain Beyond Cryptocurrency: Building the Trust Layer of the Internet

    Deploy blockchain beyond cryptocurrency with Ethereum and smart contracts—build decentralized trust for supply chain and identity verification.

  32. Container Orchestration·11 min read·

    Sandboxing Untrusted Containers with gVisor: Lessons from G-Fuzz Vulnerability Research

    Secure containers with gVisor sandboxing—prevent kernel exploits in Kubernetes clusters while managing 59% startup overhead for untrusted workloads.

  33. Architecture·25 min read·

    Zero Trust Architecture: A Practical Implementation Guide

    Implement zero trust with identity verification and micro-segmentation—secure networks using never-trust-always-verify principles.

  34. Privacy·9 min read·

    Zero-Knowledge Proof Authentication for Homelab Services

    Implement privacy-preserving authentication using ZK-SNARKs for homelab SSO. No passwords transmitted, cryptographic proof of identity without revealing credentials.

  35. Ai·14 min read·

    Large Language Models for Smart Contract Security: Promise and Limitations

    Test LLM smart contract security with GPT-4 and Claude—achieve 80% reentrancy detection accuracy but manage 38% false positives in production workflows.

  36. Ai·20 min read·

    AI: The New Frontier in Cybersecurity – Opportunities and Ethical Dilemmas

    Deploy AI-powered cybersecurity with automated threat detection—achieve 73% accuracy in anomaly detection catching attacks SIEM systems miss.

  37. Computational Science·9 min read·

    Quantum Computing and Defense: The Double-Edged Sword of Tomorrow's Technology

    Prepare for quantum computing threats with post-quantum cryptography—protect RSA and ECC encryption from quantum attacks using NIST-approved algorithms.

  38. Computational Science·11 min read·

    Preparing for the Quantum Leap: A Guide to Quantum-Resistant Cryptography

    Implement quantum-resistant cryptography with NIST post-quantum algorithms. Future-proof encryption against quantum attacks using Kyber and Dilithium.

  39. Devops·12 min read·

    Implementing Zero Trust Security: Never Trust, Always Verify

    Deploy zero trust security with continuous verification and identity-centric controls—implement never-trust-always-verify for Federal EO 14028 compliance.

  40. Ai·10 min read·

    The Deepfake Dilemma: Navigating the Threat of AI-Generated Deception

    Detect AI-generated deepfakes with neural network analysis and authentication methods—combat misinformation with 73% accuracy detection models.

  41. Python·8 min read·

    Building a Python Vulnerability Scanner with NVD API Integration

    Automate vulnerability detection in your homelab using Python and the National Vulnerability Database API. Track CVEs, scan dependencies, and integrate with monitoring systems.

  42. Cryptography·14 min read·

    Demystifying Cryptography: A Beginner's Guide to Encryption, Hashing, and Digital Signatures

    Learn cryptography fundamentals with AES-256, RSA, and SHA-3—implement encryption, hashing, and digital signatures for production security systems.

  43. Programming·10 min read·

    Writing Secure Code: A Developer's Guide to Thwarting Security Exploits

    Master secure code development with input validation, parameterized queries, and secrets management—prevent SQL injection and XSS in production systems.