Dennis Irsigler

@[email protected]
10 Followers
277 Following
366 Posts
Cloud Engineer | CloudNative | Security | Golang
Bloghttps://irsigler.dev
GitHubhttps://github.com/dirsigler
Twitterhttps://twitter.com/dirsigler
Keyoxidehttps://infosec.exchange/@dirsigler
Dennis IrsiglerApr 14, 2023

Are people here automating #mysql queries done by Developers in some kind of #gitops style?

If yes I would like to hear from you how it is done or which tools to look at. At my place Developers have restricted access to prod MySQL and for now always request or run queries manually. Migrations are a no go (don't know why).

Dennis IrsiglerApr 13, 2023
Molly WhiteApr 12, 2023
*chefkiss*
Dennis IrsiglerApr 8, 2023
Daniel MartíApr 8, 2023

#golang 1.21's toolchain will be built without CGO (https://go.dev/issue/57007), meaning static binaries which can be cross-compiled easily (https://go.dev/issue/53862).

Not only does this simplify building and using the Go toolchain, but it also enables reproducing its builds with much less fuss (https://go.dev/issue/57120).

Most Go users won't notice, but this will be a big quality of life improvement in the long run!

cmd/dist: build cmd with CGO_ENABLED=0, so cmd/go uses pure Go net resolver · Issue #57007 · golang/go

Now that we've removed the .a files from the distribution, the only possible leakage of the host build environment into Go Linux releases is the dynamic libc.so.6 path embedded in the command binar...

GitHub
Dennis IrsiglerApr 2, 2023
David CrawshawApr 2, 2023

There is a standup channel at @tailscale where we each post updates on our work. It is usually silent on the weekends, but @catzkorn showed up for April 1 and said she was "implementing plain text username/passwords".

Half the company followed impromptu, posting a litany of terrible projects. IE6 support. MongoDB control plane. A Mac OS 8.6 client. I love working here.

Dennis IrsiglerFeb 25, 2023
The Deer Whisperer 🦌⚓Feb 25, 2023

Seattle, Washington last night.

#Photography #SpaceNeedle #Seattle #WashingtonState

photo by Steven T Luong

Dennis IrsiglerFeb 25, 2023
Sven RuppertFeb 25, 2023
JFrog Quick Tip - Extracting an #SBOM out of a #jfrog #buildinfo in less than a minute - #cybersecurity #cyberdefense #security #software https://youtu.be/UZRzHcnMDS0
@JFrogInc Quick Tip - How to extract the SBOM from BuildInfo?

YouTube
Dennis IrsiglerFeb 23, 2023
dan slimmonFeb 23, 2023
keep it boring. it's enterprise application infrastructure, not a fuckin TED talk #sre #devops
Dennis IrsiglerFeb 23, 2023
EINGFOAN  Feb 23, 2023

Is there any good site where I can dig in #apple universe ( #macOS, #ios, iwatch, …….) using it in enterprise #security best practices

Preferred also with which restrictions lead to what #ux downgrade.

Dennis IrsiglerFeb 22, 2023

I am currently sitting in front of a little project which includes scanning a data source for secrets, passwords and so on.

Problem is, there is no library which I could include into my #golang application.
Here something fitting would be that it just switches a Bool variable.

Other projects have done it the hard way and just hard coded the whole #regex into their application.

Also it seems I am not able to find any external collection of regex lists which I could just download or set aside my application to read in.

Dennis IrsiglerFeb 18, 2023

I saw now several talks about companies using #kyverno to restrict deployments made to production.
They only allow deployments where #trivy or other scanners report a certain low amount of vulnerabilities. Also #sboms are checked for existence. Sometimes even more restrictions apply.

How do these companies handle then third party #docker images needed ? For example some official Python images?
Having some kind of automatic mirror of requested applications to fetch them and build the needed things on their own systems ?
Just blocking and tell them “yeah please wait few days until we work on that ticket”

It seems I am confusing or missing something…