@kylerankin 2: Many #devops orgs deploy to prod straight from CI. Jenkins is red team gold. Always separate dev/prod completely. Dev access should never lead to prod access.
Notices by Kyle Rankin (kylerankin)
-
Kyle Rankin (kylerankin)'s status on Friday, 12-Apr-2019 03:54:29 UTC Kyle Rankin -
Kyle Rankin (kylerankin)'s status on Sunday, 23-Dec-2018 16:07:39 UTC Kyle Rankin My Mom got a new phone 6 months ago and only shared her new # with me and 3 others. Months later she bought a new laptop and registered Microsoft Word (which apparently requires her phone # now?). A day or two later she started getting a stream of telemarketing calls. #privacy
-
Kyle Rankin (kylerankin)'s status on Monday, 24-Sep-2018 17:28:17 UTC Kyle Rankin The thing I am most excited about with the Librem Key is its integration with Heads to make detecting tampering easy. It's something that doesn't exist anywhere else and in this deep dive post I explain the technical details. #infosec https://puri.sm/posts/the-librem-key-makes-tamper-detection-easy/