Practical Technology

For better or worse, I’m back on the business travel road again. And, friends, let me tell you, it’s miserable out there these days. Here are some woes my friends and I have faced — and what you can do to avoid them. First, remember that COVID-19…Read More

Back in the 2010s, I averaged almost 100,000 miles a year on business travel. I went to endless Linux, open-source, and cloud conferences. When COVID-19 hit, I went from flying around the country and to Europe every few weeks to driving to the…Read More

Wikipedia states that Log4Shell was a zero-day vulnerability in Log4j, the popular Apache logging program. The key word is “was.” Log4Shell, even though there have been patches for it since Log4j2 2.17.1 was released in February, is still alive, well…Read More

Your first question when you read that headline was probably my first question. What is “Out-of-Band” security? Usually, I consider it to be an emergency security patch for a zero-day disaster. For example, when Microsoft steps on its foot and issues…Read More

Software Bill of Materials (SBOM)s aren’t optional anymore. If we really want the applications we’re running in containers to be secure, we must know what’s what within them. To make that easier, Codenotary, a leading software supply chain security…Read More

We can all agree today that we really need to know what’s what with your software supply chain. If you don’t know why I recommend you to look up the SolarWinds security fiasco and the ongoing Log4Shell dumpster fire. But, what’s in a good, secure…Read More