𝛑- AI ( 16 )
- 08/04 Action Plan for a Chief Security Architect
- 02/24 A Practical Security Guideline for Generative AI
- 04/05 How to Build a Customized ChatGPT
- 10/29 DGA Detection with fasttext
- 10/01 Feature Engineering Notes (Part 2)
- 08/26 Malware Analysis and Data Science
- 05/10 IsolationForest for Anomaly Detection
- 05/05 Machine Learning Notes Compilation
- 05/04 First Attempt at Anomaly Detection
- 05/03 Built an AutoML Project
- 04/24 Plugging Keras Models into Sklearn's Pipeline
- 04/24 Sklearn and Feature Engineering
- 03/30 Text Summarization
- 02/13 ELK Notes
- 01/01 CNN Study Notes
- 09/14 My First Machine Learning Training Session - A Summary
- & ( 2 )
- 04/05 How to Build a Customized ChatGPT
- 03/25 Getting Out of the Anti-Scraping Trap
- Machine ( 14 )
- 04/05 How to Build a Customized ChatGPT
- 10/29 DGA Detection with fasttext
- 10/01 Feature Engineering Notes (Part 2)
- 08/26 Malware Analysis and Data Science
- 05/10 IsolationForest for Anomaly Detection
- 05/05 Machine Learning Notes Compilation
- 05/04 First Attempt at Anomaly Detection
- 05/03 Built an AutoML Project
- 04/24 Plugging Keras Models into Sklearn's Pipeline
- 04/24 Sklearn and Feature Engineering
- 03/30 Text Summarization
- 02/13 ELK Notes
- 01/01 CNN Study Notes
- 09/14 My First Machine Learning Training Session - A Summary
- Learning ( 14 )
- 04/05 How to Build a Customized ChatGPT
- 10/29 DGA Detection with fasttext
- 10/01 Feature Engineering Notes (Part 2)
- 08/26 Malware Analysis and Data Science
- 05/10 IsolationForest for Anomaly Detection
- 05/05 Machine Learning Notes Compilation
- 05/04 First Attempt at Anomaly Detection
- 05/03 Built an AutoML Project
- 04/24 Plugging Keras Models into Sklearn's Pipeline
- 04/24 Sklearn and Feature Engineering
- 03/30 Text Summarization
- 02/13 ELK Notes
- 01/01 CNN Study Notes
- 09/14 My First Machine Learning Training Session - A Summary
- Security ( 67 )
- 05/09 Git Workflow for the Multi-Agent Era
- 03/09 The Vibe Coding Survival Guide
- 01/17 AI Software Engineering in Practice: Building an Enterprise-Grade Agentic SOC Platform
- 11/30 AI Coding Best Practices — What I've Learned
- 10/19 Applied Cryptography Operations: What Practitioners Must Know
- 09/04 From Dropping the DB to Running Away: My Python Full-Stack Pitfall Log
- 08/04 Action Plan for a Chief Security Architect
- 07/01 Software Engineering in Practice: Python Edition
- 06/10 Some Thoughts on Passing the CISSP Exam
- 04/05 Understanding Clearing Networks: Business, Technology, and Security
- 02/24 A Practical Security Guideline for Generative AI
- 02/24 A Practical Security Guideline for Generative AI
- 12/16 Self-Cultivation of a Security Architect: From Principles to Practice
- 09/19 Reflections on Security Architecture Design in Financial Services
- 05/24 Security Operations — Design for Failure
- 03/17 Summary of Network and Cloud Security Architecture Design
- 01/05 What Are We Really Talking About When We Say Security by Default
- 08/15 Study Notes on Data Security Regulations
- 07/19 Security Operations Center (SOC) and Collective Intelligence
- 06/19 Data Security Architecture Summary and Case Studies
- 06/12 System and Architecture
- 02/09 Security Architecture in Practice: From Security Governance to Security Verification
- 01/15 Process Design and Optimization
- 01/05 Building Security Architecture
- 11/16 Building Security Specifications - A Practical Guide
- 11/03 Has Security Actually Shifted Left?
- 10/23 Modern SDLC and Security Architecture Review
- 09/17 The Difficulty of Security Architecture
- 08/22 Let's Talk About Data Security Again
- 07/06 Design Your Security Architecture OKR
- 06/13 A Brief Introduction to Privacy Computing and Data Security
- 05/31 Architecture Discussion
- 03/16 More on Security Architecture, Part II
- 09/27 Applied Cryptography and Crypto Infrastructure
- 08/19 Revisiting Security Architecture (Part 1)
- 08/05 Thoughts on Business Unit Security Programs
- 06/24 Architecture Outline
- 05/31 My Take on Enterprise Security
- 03/09 Hashicorp Vault Advanced Tutorial For Enterprise
- 12/28 What is Security Architecture Part III
- 12/23 FTP services with Data At Rest Encryption
- 12/16 Encryption As A Services with softhsm2 and flask
- 12/14 Build a internal CA with Openssl and SoftHsm2
- 11/12 How to initialized Hashicorp Vault safely
- 08/07 Ramblings on Certificates in Enterprise
- 07/05 Working with Commercial Security Appliances
- 06/22 A Brief Talk on Data Security
- 06/02 Some Takeaways from CA/RA
- 05/04 What is Security Architecture (Part II)
- 04/15 A Few Lessons Learned from KMS/HSM
- 03/21 How to use mkcert
- 03/21 How to build your own Certificate Authority
- 03/21 Use Openssl To Convert Certificate Format
- 02/11 Talking About K8S Secret Manager
- 11/20 What is Security Architecture
- 11/03 A Few Lessons Learned from Jump Server
- 06/24 A Casual Take on Anti-Intrusion
- 05/09 "Massive Security" and Anti-Intrusion
- 04/14 DSMM Session 4 and My Take on Data Security
- 03/25 Getting Out of the Anti-Scraping Trap
- 01/07 Time to Play Around with Golang
- 12/08 A Survey of Computer Threat Detection
- 08/06 Anti-Spam (Registration / Login / KYC)
- 05/03 Built an AutoML Project
- 04/07 GIL and Python Parallel Programming (Part 1)
- 12/19 Writing YARA Modules and Cross-Platform Compilation with GYP
- 07/22 New Start: Webshell Detection
- and ( 20 )
- 08/20 ATT&CK and Intrusion Detection
- 06/29 Intrusion Through the Lens of HW
- 06/24 A Casual Take on Anti-Intrusion
- 05/09 "Massive Security" and Anti-Intrusion
- 12/08 A Survey of Computer Threat Detection
- 10/29 DGA Detection with fasttext
- 10/01 Feature Engineering Notes (Part 2)
- 08/26 Malware Analysis and Data Science
- 07/07 Thoughts on Content Security and an Anti-Spam Registration Incident Response
- 05/10 IsolationForest for Anomaly Detection
- 05/05 Machine Learning Notes Compilation
- 05/04 First Attempt at Anomaly Detection
- 05/03 Built an AutoML Project
- 04/24 Plugging Keras Models into Sklearn's Pipeline
- 04/24 Sklearn and Feature Engineering
- 03/30 Text Summarization
- 02/13 ELK Notes
- 01/01 CNN Study Notes
- 09/14 My First Machine Learning Training Session - A Summary
- 07/22 New Start: Webshell Detection
- Data ( 27 )
- 08/22 Let's Talk About Data Security Again
- 06/13 A Brief Introduction to Privacy Computing and Data Security
- 09/27 Applied Cryptography and Crypto Infrastructure
- 03/09 Hashicorp Vault Advanced Tutorial For Enterprise
- 12/28 What is Security Architecture Part III
- 12/23 FTP services with Data At Rest Encryption
- 12/16 Encryption As A Services with softhsm2 and flask
- 12/14 Build a internal CA with Openssl and SoftHsm2
- 11/12 How to initialized Hashicorp Vault safely
- 08/07 Ramblings on Certificates in Enterprise
- 06/22 A Brief Talk on Data Security
- 06/02 Some Takeaways from CA/RA
- 04/15 A Few Lessons Learned from KMS/HSM
- 03/21 How to use mkcert
- 03/21 How to build your own Certificate Authority
- 03/21 Use Openssl To Convert Certificate Format
- 04/14 DSMM Session 4 and My Take on Data Security
- 10/29 DGA Detection with fasttext
- 10/01 Feature Engineering Notes (Part 2)
- 08/26 Malware Analysis and Data Science
- 05/10 IsolationForest for Anomaly Detection
- 05/04 First Attempt at Anomaly Detection
- 04/24 Plugging Keras Models into Sklearn's Pipeline
- 04/24 Sklearn and Feature Engineering
- 03/30 Text Summarization
- 01/01 CNN Study Notes
- 09/14 My First Machine Learning Training Session - A Summary
- Mining ( 10 )
- 10/29 DGA Detection with fasttext
- 10/01 Feature Engineering Notes (Part 2)
- 08/26 Malware Analysis and Data Science
- 05/10 IsolationForest for Anomaly Detection
- 05/04 First Attempt at Anomaly Detection
- 04/24 Plugging Keras Models into Sklearn's Pipeline
- 04/24 Sklearn and Feature Engineering
- 03/30 Text Summarization
- 01/01 CNN Study Notes
- 09/14 My First Machine Learning Training Session - A Summary
- Intrusion ( 10 )
- 08/20 ATT&CK and Intrusion Detection
- 06/29 Intrusion Through the Lens of HW
- 06/24 A Casual Take on Anti-Intrusion
- 05/09 "Massive Security" and Anti-Intrusion
- 12/08 A Survey of Computer Threat Detection
- 10/29 DGA Detection with fasttext
- 02/13 ELK Notes
- 01/05 Cuckoo Sandbox Gotchas You Should Know
- 12/19 Writing YARA Modules and Cross-Platform Compilation with GYP
- 07/22 New Start: Webshell Detection
- Detection ( 10 )
- 08/20 ATT&CK and Intrusion Detection
- 06/29 Intrusion Through the Lens of HW
- 06/24 A Casual Take on Anti-Intrusion
- 05/09 "Massive Security" and Anti-Intrusion
- 12/08 A Survey of Computer Threat Detection
- 10/29 DGA Detection with fasttext
- 02/13 ELK Notes
- 01/05 Cuckoo Sandbox Gotchas You Should Know
- 12/19 Writing YARA Modules and Cross-Platform Compilation with GYP
- 07/22 New Start: Webshell Detection
- Tool ( 1 )
- 05/03 Built an AutoML Project
- R&D ( 3 )
- 03/09 The Vibe Coding Survival Guide
- 05/03 Built an AutoML Project
- 07/22 New Start: Webshell Detection
- AI-and-ML ( 2 )
- 09/20 Randomness in Fuzzing and Sample Generation with Char-RNN
- 04/09 Text Classification with Keras and CNN
- Fuzzing ( 8 )
- 07/31 Fuzzing Learning Notes - binutils with AFL
- 07/31 Fuzzing Learning Notes: libssh with fuzzer-test-suite
- 07/31 Fuzzing Learning Notes - Firefox with Grizzly
- 07/30 Fuzzing Learning Notes: sqlite3 with fuzzer-test-suite
- 07/27 Fuzzing Learning Notes: libfuzzer and Chromium
- 07/27 Fuzzing Tutorial - Linux Kernel Fuzzing
- 07/27 Fuzzing Learning Notes - Getting Started with AFL
- 09/20 Randomness in Fuzzing and Sample Generation with Char-RNN
- Learning-Data-Mining ( 1 )
- 04/09 Text Classification with Keras and CNN
- AI-and-machine-learning ( 1 )
- 05/15 Lessons Learned Using Machine Learning in Web Security Detection
- learning-data-mining ( 2 )
- 05/15 Lessons Learned Using Machine Learning in Web Security Detection
- 03/02 Before the Data Breach
- intrusion-detection-and-anti-intrusion ( 1 )
- 05/15 Lessons Learned Using Machine Learning in Web Security Detection
- AWS ( 2 )
- 07/07 Deploy Cryptocurrency Wallet Nodes Across Multiple AWS Regions with Terraform
- 07/02 K8S and SecDevOps on AWS
- IAC ( 2 )
- 10/12 Terraform Training
- 07/07 Deploy Cryptocurrency Wallet Nodes Across Multiple AWS Regions with Terraform
- Tools ( 13 )
- 03/09 Hashicorp Vault Advanced Tutorial For Enterprise
- 11/12 How to initialized Hashicorp Vault safely
- 03/21 How to use mkcert
- 03/21 How to build your own Certificate Authority
- 03/21 Use Openssl To Convert Certificate Format
- 09/01 Getting Started with Openresty
- 07/07 Deploy Cryptocurrency Wallet Nodes Across Multiple AWS Regions with Terraform
- 02/13 Notes on Man-in-the-Middle (MITM) Attacks
- 02/13 ELK Notes
- 01/05 Cuckoo Sandbox Gotchas You Should Know
- 12/19 Writing YARA Modules and Cross-Platform Compilation with GYP
- 09/10 Nginx SubDomain and Proxypass Jupyter notebook
- 08/19 Building Redis Cluster with Ansible
- basic-security ( 1 )
- 07/02 K8S and SecDevOps on AWS
- Crawlers ( 1 )
- 07/07 Thoughts on Content Security and an Anti-Spam Registration Incident Response
- Anti-Crawlers ( 1 )
- 07/07 Thoughts on Content Security and an Anti-Spam Registration Incident Response
- Operations ( 12 )
- 10/19 Applied Cryptography Operations: What Practitioners Must Know
- 05/24 Security Operations — Design for Failure
- 11/12 How to initialized Hashicorp Vault safely
- 08/07 Ramblings on Certificates in Enterprise
- 07/05 Working with Commercial Security Appliances
- 06/02 Some Takeaways from CA/RA
- 04/15 A Few Lessons Learned from KMS/HSM
- 11/03 A Few Lessons Learned from Jump Server
- 06/24 A Casual Take on Anti-Intrusion
- 05/09 "Massive Security" and Anti-Intrusion
- 03/25 Getting Out of the Anti-Scraping Trap
- 12/08 A Survey of Computer Threat Detection
- Archive ( 9 )
- 12/10 Thoughts on Fast Incident Response(FIR)
- 11/12 How to initialized Hashicorp Vault safely
- 03/21 How to use mkcert
- 03/21 How to build your own Certificate Authority
- 03/21 Use Openssl To Convert Certificate Format
- 07/31 Fuzzing Learning Notes - binutils with AFL
- 07/31 Fuzzing Learning Notes: libssh with fuzzer-test-suite
- 07/31 Fuzzing Learning Notes - Firefox with Grizzly
- 07/30 Fuzzing Learning Notes: sqlite3 with fuzzer-test-suite
- Legacy ( 1 )
- 07/27 Fuzzing Tutorial - Linux Kernel Fuzzing
- Migration ( 1 )
- 07/27 Fuzzing Tutorial - Linux Kernel Fuzzing
- archived ( 1 )
- 07/27 Fuzzing Learning Notes - Getting Started with AFL
- tools ( 3 )
- 10/12 Terraform Training
- 02/10 The "Small" Matter of Watermarks
- 08/25 Memory Forensics, Password Extraction, and Using Volatility
- Incident ( 1 )
- 12/10 Thoughts on Fast Incident Response(FIR)
- Response ( 1 )
- 12/10 Thoughts on Fast Incident Response(FIR)
- Development ( 10 )
- 05/09 Git Workflow for the Multi-Agent Era
- 11/30 AI Coding Best Practices — What I've Learned
- 12/23 FTP services with Data At Rest Encryption
- 12/16 Encryption As A Services with softhsm2 and flask
- 12/14 Build a internal CA with Openssl and SoftHsm2
- 01/07 Time to Play Around with Golang
- 08/06 Anti-Spam (Registration / Login / KYC)
- 04/07 GIL and Python Parallel Programming (Part 1)
- 03/26 OWASP Top 10 and the Security Developer's Guide
- 12/19 Writing YARA Modules and Cross-Platform Compilation with GYP
- Anti-Intrusion ( 2 )
- 06/24 A Casual Take on Anti-Intrusion
- 05/09 "Massive Security" and Anti-Intrusion
- Counter-Intrusion ( 4 )
- 08/20 ATT&CK and Intrusion Detection
- 06/29 Intrusion Through the Lens of HW
- 12/08 A Survey of Computer Threat Detection
- 07/22 New Start: Webshell Detection
- Secure ( 1 )
- 03/26 OWASP Top 10 and the Security Developer's Guide
- Architecture ( 43 )
- 05/09 Git Workflow for the Multi-Agent Era
- 03/09 The Vibe Coding Survival Guide
- 01/17 AI Software Engineering in Practice: Building an Enterprise-Grade Agentic SOC Platform
- 11/30 AI Coding Best Practices — What I've Learned
- 08/04 Action Plan for a Chief Security Architect
- 06/10 Some Thoughts on Passing the CISSP Exam
- 04/05 Understanding Clearing Networks: Business, Technology, and Security
- 02/24 A Practical Security Guideline for Generative AI
- 12/16 Self-Cultivation of a Security Architect: From Principles to Practice
- 09/19 Reflections on Security Architecture Design in Financial Services
- 03/17 Summary of Network and Cloud Security Architecture Design
- 01/05 What Are We Really Talking About When We Say Security by Default
- 08/15 Study Notes on Data Security Regulations
- 07/19 Security Operations Center (SOC) and Collective Intelligence
- 06/19 Data Security Architecture Summary and Case Studies
- 06/12 System and Architecture
- 02/09 Security Architecture in Practice: From Security Governance to Security Verification
- 01/15 Process Design and Optimization
- 01/05 Building Security Architecture
- 11/16 Building Security Specifications - A Practical Guide
- 11/03 Has Security Actually Shifted Left?
- 10/23 Modern SDLC and Security Architecture Review
- 09/17 The Difficulty of Security Architecture
- 08/22 Let's Talk About Data Security Again
- 07/06 Design Your Security Architecture OKR
- 06/13 A Brief Introduction to Privacy Computing and Data Security
- 05/31 Architecture Discussion
- 03/16 More on Security Architecture, Part II
- 09/27 Applied Cryptography and Crypto Infrastructure
- 08/19 Revisiting Security Architecture (Part 1)
- 08/05 Thoughts on Business Unit Security Programs
- 06/24 Architecture Outline
- 05/31 My Take on Enterprise Security
- 03/09 Hashicorp Vault Advanced Tutorial For Enterprise
- 12/28 What is Security Architecture Part III
- 07/05 Working with Commercial Security Appliances
- 06/22 A Brief Talk on Data Security
- 06/02 Some Takeaways from CA/RA
- 05/04 What is Security Architecture (Part II)
- 04/15 A Few Lessons Learned from KMS/HSM
- 02/11 Talking About K8S Secret Manager
- 11/20 What is Security Architecture
- 11/03 A Few Lessons Learned from Jump Server
- Application ( 1 )
- 10/23 Modern SDLC and Security Architecture Review
- Fundamental ( 1 )
- 05/04 What is Security Architecture (Part II)
- Insights ( 1 )
- 08/04 Action Plan for a Chief Security Architect
- Co-creation ( 1 )
- 08/04 Action Plan for a Chief Security Architect
- Products ( 4 )
- 05/09 Git Workflow for the Multi-Agent Era
- 03/09 The Vibe Coding Survival Guide
- 01/17 AI Software Engineering in Practice: Building an Enterprise-Grade Agentic SOC Platform
- 11/30 AI Coding Best Practices — What I've Learned
- Engineering ( 1 )
- 01/17 AI Software Engineering in Practice: Building an Enterprise-Grade Agentic SOC Platform
- Dev ( 2 )
- 09/04 From Dropping the DB to Running Away: My Python Full-Stack Pitfall Log
- 07/01 Software Engineering in Practice: Python Edition
- Spider ( 1 )
- 03/25 Getting Out of the Anti-Scraping Trap
- Anti-Spider ( 1 )
- 03/25 Getting Out of the Anti-Scraping Trap
- intrusion ( 2 )
- 10/24 Reading Notes: Advanced Guide to Internet Enterprise Security
- 09/07 How to Design Your Anti-Intrusion KPI
- detection ( 2 )
- 10/24 Reading Notes: Advanced Guide to Internet Enterprise Security
- 09/07 How to Design Your Anti-Intrusion KPI
- security ( 11 )
- 08/24 Do We Really Need Security Architects?
- 02/27 Talking About Defense in Depth in Security Design
- 11/06 Modern Security Products
- 10/27 Operations Inside the Security Architect Role
- 10/18 A Quick Look at Microsoft's Security Products
- 08/31 A Practical Look at Endpoint Security and DLP Governance
- 03/21 A Quick Look at Imperva WAF Deployment Options
- 02/10 The "Small" Matter of Watermarks
- 10/24 Reading Notes: Advanced Guide to Internet Enterprise Security
- 09/30 On Major Security Events and How to Handle Them
- 09/07 How to Design Your Anti-Intrusion KPI
- architecture ( 6 )
- 08/24 Do We Really Need Security Architects?
- 02/27 Talking About Defense in Depth in Security Design
- 10/27 Operations Inside the Security Architect Role
- 08/31 A Practical Look at Endpoint Security and DLP Governance
- 03/21 A Quick Look at Imperva WAF Deployment Options
- 10/24 Reading Notes: Advanced Guide to Internet Enterprise Security
- operations ( 4 )
- 10/27 Operations Inside the Security Architect Role
- 03/21 A Quick Look at Imperva WAF Deployment Options
- 09/30 On Major Security Events and How to Handle Them
- 09/07 How to Design Your Anti-Intrusion KPI
- intrusion-detection ( 1 )
- 08/05 An Overview of Log Collection Solutions
- security-operations ( 1 )
- 08/05 An Overview of Log Collection Solutions
- data-mining ( 1 )
- 08/05 An Overview of Log Collection Solutions
- learning ( 1 )
- 05/04 Automatic Content Extraction from Web Pages and Word Cloud Visualization
- data ( 2 )
- 08/31 A Practical Look at Endpoint Security and DLP Governance
- 05/04 Automatic Content Extraction from Web Pages and Word Cloud Visualization
- mining ( 1 )
- 05/04 Automatic Content Extraction from Web Pages and Word Cloud Visualization
- endpoint ( 1 )
- 08/31 A Practical Look at Endpoint Security and DLP Governance
- fundamentals ( 1 )
- 02/27 Talking About Defense in Depth in Security Design
- insight ( 1 )
- 08/24 Do We Really Need Security Architects?
- development ( 1 )
- 02/10 The "Small" Matter of Watermarks
- legacy ( 2 )
- 03/21 A Quick Look at Imperva WAF Deployment Options
- 09/30 On Major Security Events and How to Handle Them
- post ( 1 )
- 03/21 A Quick Look at Imperva WAF Deployment Options
- products ( 2 )
- 11/06 Modern Security Products
- 10/18 A Quick Look at Microsoft's Security Products
- tips ( 1 )
- 03/02 Before the Data Breach
- data-security ( 1 )
- 03/02 Before the Data Breach
- forensics ( 1 )
- 08/25 Memory Forensics, Password Extraction, and Using Volatility