articles - $ sam

2025-08-29 intelligence_systems

Improving My Insight

It's important that we maintain access to fact-based, diverse perspectives on global and local issues that affect us. I've created an app that curates information from a wide range of reputable sources and creates custom daily reporting for me on events and trends that I care about.

ai_insight.md

2025-08-18 ai_vulnerability_management

Beyond the CVE Part 2: AI-Enhanced Contextual Vulnerability Management

How artificial intelligence transforms vulnerability management from static data points into dynamic, context-aware intelligence that dramatically improves both accuracy and operational efficiency.

ai_vuln_mgmt_part2.md

2025-08-15 vulnerability_management

Beyond the CVE Part 1: Contextualizing Findings for Holistic Vulnerability Management

CVEs get a lot of attention, but they are at the tip of a pyramid when it comes to vulnerability management. This article contextualizes CVE findings to show teams how to build a solid foundation for effective vulnerability management.

beyond_cve.md

2025-08-04 digital_transformation

The Rise of the "Transformation Engineer" - And Why Your Organization Must Empower Them

A new type of engineer is emerging - the "transformation engineer." Understanding and empowering them may be crucial for competitive advantage in the tumultuous times ahead.

transformation_engineer.md

2025-07-18 compliance_automation

Compliance Reporting Is Easy - Validation Is The Hard Part

Why most compliance automation fails at the engineering reality check, and how to build validation that actually works using unit and function tests.

compliance_validation.md

2025-05-27 opa_policy

Same Code, Every Government: How OPA Unlocks Global Markets

How Open Policy Agent (OPA) transforms compliance from a cost center into a competitive advantage for cloud service providers.

opa_global_markets.md

2025-05-14 sbom

The Many Uses of an SBOM

Discover how Software Bills of Materials (SBOMs) are transforming cloud security and compliance practices.

sbom_guide.md

2025-04-28 devsecops

Harden First, Patch Less: The Economics of Secure CI/CD

Exploring why hardened components in your CI/CD pipeline are essential for security, from DIY approaches to vendor solutions.

secure_cicd.md

2025-04-18 cybersec_strategy

When Complexity Itself Becomes the Most Critical Risk

Exploring how complexity itself has emerged as a meta-risk that overshadows conventional cybersecurity threats.

complexity_risk.md

2025-04-10 container_security

See What Attackers See (Part II): Defining and Tracking An Inventory of Ephemeral Components

Learn how organizations can define and track ephemeral technology components in containerized environments.

ephemeral_inventory.md

2025-03-25 cybersecurity

See What Attackers See: Validating the Security of Public Asset Inventories Using Free, Open-Source Tools

Learn how to ethically assess the thoroughness of public asset inventory practices using free, open-source tools like Nmap, Masscan, Amass, and Shodan.

attacker_perspective.md

2025-03-13 artificial_intelligence

DIY AI: Running an LLM On Any Standard Laptop For Free

Learn how to unlock the power of AI on your ordinary laptop - no subscriptions, no privacy concerns, and no fancy hardware required.

diy_ai_laptop.md

2025-02-25 cloud_security

Cost-Effective Vulnerability Management in AWS

How to implement a comprehensive vulnerability management workflow in AWS for under $50,000

aws_vuln_mgmt.md

2025-02-01 compliance_as_code

Building a Compliance Automation Pipeline in AWS For Less Than $5000

How to implement compliance-as-code in AWS using GitOps and automated security control validation

compliance_pipeline.md

2025-01-19 vpn_analysis

Investigating ProtonVPN's Persistence Mechanisms: A Security Deep Dive

Going down the rabbit hole while attempting to uninstall ProtonVPN - persistence mechanisms and security implications

protonvpn_analysis.md

sam_aydlette

all_articles