I appreciate training and am always eager to learn something new, but I have yet to settle on a preferred form of instruction. However, there is one that I find particularly challenging, and since I've recently been considering the possibility that the effectiveness of the security training and awareness we provide may vary depending on the mode of delivery, I thought I would write down my thoughts. Here are my personal choices.
The beach "Kolokytha" (which means pumpkin) is on the Kalydon Peninsula, the same peninsula as is the infamous, last active leper colony in Europe of Spinalonga. Despite being October, the sea was quite warm and pleasant.
Recently I wanted to set up 2 new Home Assistant instances, and I installed the same add-ons I am using for my "main" instance. They are tested and I have automations built with them; one being the Signal Add-on.
Three years after my last appearance in a conference due to COVID-19 lockdowns, I was invited to present to the 9th Information Security Conference in Greece. The conference theme was Enabling a Secure Future: Managing Risks in a Constantly Changing World. The conference was virtual / online and was held on the 17th of February, 2022.
If you're developing for the web (or something else) and you need to connect to an Oracle database, such as an Oracle Autonomous Database that comes for free with oracle cloud free tier, you may run to the typical problem of storing db connection credentials in configuration files and scripts. Nevertheless, Oracle has, since ages, a functionality called Oracle Wallet that can help you manage these connections more securely. Keep in mind that Oracle migrates away from Wallets, but my understanding is that this is a response to usability concerns, as the security standard is not maintained in the new set-up.
Once upon a time I spent a total of 4 hours (over three days) in meetings, stating that I will definitely not approve a security exception. At least, not until someone demonstrates that the exception requested, removes the root cause or is a valid workaround.