massyn The AWS Security guy

PHP mySQL PDO guide

When coding in PHP, there are a few coding examples of how to securely connect to a database. // Connect to the database $dbi = new PDO('mysql:host=localhost;port=3306;dbname=databse',$username,$password, [ PDO::ATTR_PERSISTENT => true ]); // Return multiple records $sql = "SELECT * FROM myTable"; $sth = $dbi->prepare($sql); $sth->exe... Read more 30 Jun 2022 - less than 1 minute read

PHP Security Guide

According to W3techs.com, at least 77.6% of websites run on PHP. PHP, like any programming language, if implemented incorrectly, can cause you a lot of headaches. I’ve enjoyed coding over many years and I have developed a number of websites in Perl and PHP. Being a security specialist, I’ve also seen how websites can be implemented terribly, ... Read more 26 Jun 2022 - 16 minute read

Privilege escalation risks in AWS

A privilege escalation risk is where a user account within a system has the ability to elevate their privileges to a higher level than what was originally intended. This can have disastrous consequences, particularly if you have an insider threat. This type of risk is not limited to insiders only. Any user account with the right permissions c... Read more 30 Dec 2021 - 3 minute read

The us-east-1 outage of 2021

December 7th 2021 saw an outage in the us-east-1 region of AWS. The outage had a significant impact, not just on AWS, but for many customers all around the world. What happened? From reading the summary provided by AWS, it would seem that a software issue caused an autoscaling event on their backend services, that resulted in a massive networ... Read more 12 Dec 2021 - 5 minute read

Security Hygiene

Security hygiene is the practice of maintaining a computer system, by ensuring the basic controls are executed on a regular basis. It is, at its core, a precautionary practice, sometimes may be seen as mundane, yet still critical to the safe operation of your IT system. So what is security hygiene? Any computer system has some sort of infrastr... Read more 08 Dec 2021 - 6 minute read