Skip to main content

Blog

Writing

Technical notes, lab writeups, and lessons from work across DevOps, cloud infrastructure, and cybersecurity.

AllDevOpsCybersecurityCI/CDDevSecOpsAWSMSc CybersecuritySOCAnsibleinfrastructurecybersecuritypipeline securityIncident ResponsePenetration TestingIaCAzureSecurity OnionSIEMdevopsidempotencyLinuxsecurityDigital ForensicsAutopsyVolatilityInsider ThreatDMIDockerMicroservicesSpring BootObservabilityWeb SecurityOWASPBurp SuiteFile UploadSecrets ManagementCloud SecurityGitHub ActionsAzure DevOpsMITRE ATT&CKRed TeamSecurity AssessmentTerraformState ManagementZeekSuricataAutomationNginxlinuxubuntupythonmigrationautomationcareer transitionbuilding in publiccloud infrastructureportfolioproductionhardeningSSHauditdfail2bandefence in depthshift-left securitycloud securitycareersystems-thinkinglearningcloudCloudArchitectureSecurityLab
Latest Post
6 min read

The Credential Problem Nobody Talks About in Pipeline Tutorials

Every CI/CD tutorial ends with a working deployment. What they don't show is the secret sitting in that .yml file, who can read it, and what happens when it expires at 3am.

DevOpsCI/CDSecrets ManagementDevSecOps
Read Post
9 min read

Why DevOps and Security Keep Fighting (And How to Stop It)

The friction between DevOps and security teams is structural, not personal. It comes from misaligned incentives — and the fix is not compromise, it is integration. Here is what shift-left security actually looks like in practice, from someone who has lived on both sides.

DevSecOpsshift-left securityCI/CD
Blog | Sonny Enchill