Information exposure. Many servers send a helpful banner out with the specific name and version of the software. This can in turn attract low-level attacks that use tools like Shodan.io to find vulnerable hosts. CWE-200 suggests we need to remove the information...
Idenity: Authentication a user in a simple, secure way, with two-factor authentication, and allowing the user to interact with API are the key to success.
SMS (text) has no place in your 2-factor authentication world. Remove it now and rely on a physical device (e.g. YubiKey) or TOTP (e.g. Authenticator app).
Secure. Reliable. Economical. All three. We have embraced failures to create a reliable municipal hybrid cloud with unreliable components, economically.
Email security. A complex patchwork. Enable MTA-STS to get strict transport security on your STARTTLS.
Whether your app is municipal, industrial, financial, or just vacation-booking-HR, it needs a strong, 2-factor auth system. Else you teach bad habits.
Take internal applications usable only by City staff with Active Directory, and make them Internet, Web, OpenID Connect, Secure, Simple, Fast. Easy!
Team Agilicus moves to new permanent offices, assembles some desks, attends Oktoberfest. Progress!
Declarative. It becomes a way of life. We have chosen kustomize to safely build our inventory of YAML, including Istio and Cert-Manager. But, it has proven incredibly non-DRY. After some refactoring etc, I made a few Generators and Transformers to cover some of the...
Prevent accidents from happening on un-merged feature branches with GitFlow and kustomize.
Subscribe for updates
We'd love to stay in touch. There are two groups you might consider, the 'Announcements' are infrequent things we have to say about our progress, and 'Blog' is a more frequent set of updates (that you can also get via web-push notifications by clicking the bell in the lower-right).
Don't worry, you can unsubscribe anytime, and we don't sell or transfer this list. It's just between us.