-
Vulnerability management ecosystem
Relationships between concepts Relationships between concepts in the cybersecurity vulnerability management ecosystem (CVE, CPE, CVSS, etc) Links MITRE CVE NIST CPE NIST NVD FIRST CVSS
-
OSCAL model relationships
Model relationships Links NIST OSCAL
-
Audit and compliance cost
One-off evaluation Point in time evaluations are expensive and lose value quickly Manual effort is error-prone Recurring evaluations Multiple, recurring evaluations consume all your budget
-
Rapid technical assessment
Rapid technical assessment This pack covers an approach I use to creating consistent technical assessment and evaluations using a quality model based on ISO 25010. Rapid technical asssessment (PDF slides) Rapid technical asssessment (XLSX worksheet)
-
Codebase evaluation checklist
Codebase checklist Highly opinionated checklist, but each of these items will make it faster (for me) to onboard and contribute to a codebase. Project self-containment Backing services are defined in the project and under version control External dependencies are limited to a runtime and task runner Test presence and separation Unit tests can be run without any further setup or configuration tasks Clear separation of unit and types of non-unit tests Test runner is idiomatic Tests can be executed using project task runner Test results are reported in human and machine readable forms (e.
Read moreā¦ -
Exploring team scalability
Exploring team scalability with models An informal exploration of team scalability and performance using network communication models. Team performance modeling (PDF slides)
-
Leadership aspects
Leadership aspects Source
-
Binary reversing approaches
Based on https://justintaft.com/blog/2021/11/07/binary-reversing-methodologies Source
-
git flow sample
git flow sample Source git / ci/cd relationship
-
Architecture concerns
Relationships Components (sample) Source Components (sample - PlantUML) Source