Resources

This page has:

Scroll down to view each section.

Cyber Crisis by Dr. Eric Cole

Good overview for everyone to understand the threats and put in security into practice.

Cyber Crisis

Infosec Rock Star: How to Accelerate Your Career Because Geek Will Only Get You So Far by Ted Demopoulos

Read good recommendations on how to progress your information security and cybersecurity career.

Infosec Rock Star

Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon by Kim Zetter

Learn the many facets about Stuxnet: known technical implementation, political landscape, and the discovery. The book is almost written like a mystery novel, and has many footnote references.

Countdown to Zero Day

Dark Territory: The Secret History of Cyber War by Fred Kaplan

A really good overview on how the need for cybersecurity discovered and how it has progressed throughout the decades. This book is a good supplement to "Countdown to Zero Day" as it gives more insight into why Stuxnet was launched.

Dark Territory

My Presentations

Costly mistakes in serverless computing

Serverless computing has revolutionized cloud computing. It makes deploying code faster, cheaper, and more compact. Yet, with this convenience, we might be prone to making mistakes that weaken our cybersecurity posture. This presentation will highlight some costly mistakes to avoid when building our serverless applications.

Presented at OWASP 20th Anniversary · Representing VeriToll · September 24, 2021

How moving to serverless Nuxt sped up our time to market

One of the reasons we chose Nuxt was how it simplified Vue development. Routing, components, lifecycle events, and middleware was easier and more robust. Yet, we needed to prove to ourselves how Nuxt could operate in a fully serverless environment. In this talk, we will share our journey of Nuxt serverless development. Attendees will learn the benefits and drawbacks of single page applications and serverless deployments with Nuxt.

Presented at Nuxt Nation 2021 · Representing VeriToll · September 16, 2021

Audit, monitor and secure your cloud with serverless

We usually associate serverless with functions, API Gateways, and object storage. Did you know you can leverage serverless capabilities to audit, monitor, and secure your cloud? Serverless capabilities allow us to run functions, store findings, and send alerts which we can use for security. This talk will explore some use cases you can quickly adopt to improve your cloud security posture. The attendees will leave with the following key takeaways: performing auditing against security controls (e.g., CIS benchmarks), monitoring for security misconfigurations (e.g., public S3 buckets), and remediating findings (e.g., reset IAM password policy).

Insight Session at Cloud-Native Days 2021 · Representing VeriToll · August 5, 2021

Using Cookies to Store Your Postman Secrets

Storing your secrets in Postman environments might not meet your security requirements. See how you can leverage Postman cookies instead.

Lightning Talk at Postman Galaxy 2021 · Representing VeriToll · February 4, 2021

Whoops! I Committed It Again: Configuring Git to Prevent Accidental Commits

It’s so easy to accidentally commit a secret key or sensitive data in our git repository. This SnykCon lightning talk by Miguel A. Calles and Greg Thompson will explain how you can leverage git hooks to catch things before they get committed or pushed up to the git origin.

Lightning Talk at SnykCon 2020 · Representing VeriToll · October 21, 2020

Be Cyber Smart

Managing security threats is an ongoing battle. In this presentation, information security challenges related to COVID-19 will be discussed. Do your part.

Presentation at California State University, Fullerton TechDay 2020 · Representing VeriToll · October 23, 2020

Careers in Cybersecurity

Looking for a career in cybersecurity? Learn more about the trends in cybersecurity programs and the industry job market.

Presentation at California State University, Fullerton TechDay 2020 · Representing VeriToll · October 23, 2020

The Internet of Things and How it Relates to Your Privacy

Presentation at California State University, Fullerton Cybersecurity Awareness Month 2019 · Representing VeriToll · October 11, 2019

Internet of Things (IoT) Vulnerabilities

Presentation at California State University, Fullerton Cyber Security Day 2017 · Representing Raytheon · November 28, 2017

My Guest Blog Posts

Learning Cybersecurity Through Teaching, Presenting, and Writing on Apress

My Published Books

Serverless Security: Understand, Assess, and Implement Secure and Reliable Applications in AWS, Microsoft Azure, and Google Cloud

Apply the basics of security in serverless computing to new or existing projects. This hands-on guide provides practical examples and fundamentals. You will apply these fundamentals in all aspects of serverless computing: improving the code, securing the application, and protecting the infrastructure. You will come away having security knowledge that enables you to secure a project you are supporting and have technical conversations with cybersecurity personnel.

Get your copy at Amazon

Serverless Security: Understand, Assess, and Implement Secure and Reliable Applications in AWS, Microsoft Azure, and Google Cloud

Black Hat Chronicles: Preparing the Python Attack: A Hacker Short Novel

From a certified cybersecurity engineer: Get into the mind of a hacker with ill intent, also known as a Black Hat. This black hat hacker's goal is to instill fear by launching a sophisticated cyber attack at the right time. Get inside the mind of this black hat in this short story as the hacker describes how the attack was prepared...

Get your copy at Amazon

Black Hat Chronicles: Preparing the Python Attack: A Hacker Short Novel

Goo Goo Gaga: A Guide to Communicate with Your Baby (includes a Workbook)

From a parent of twins: This book is written with seven concise guidelines for communicating with your baby and establishing a strong relationship. As a bonus, this book contains a workbook to start applying these seven guidelines.

Your baby was born after having listened to you for nine months while still in the womb. She knows your voice and has already established a relationship with you. She has to learn to communicate with you, and she must learn this brand new environment--which can be cold, dark, and scary at times. Your responsibility as the parent is to leverage the trust she has from your words and to mentor her in her new career as a person.

As a parent of twin toddlers, at the time of this writing, I understand how little me-time is available. I know leisurely reading may be difficult to start, let alone reading for educational purposes. I empathize with your current parenting situation or the one you will soon start. This book is intentionally written to be short and to the point so you may start “doing” rather than just “reading.”

Get your copy at Amazon.com.

Goo Goo Gaga: A Guide to Communicate with Your Baby (includes a Workbook)


As an Amazon Associate I earn from qualifying purchases.