Welcome to Issue #5 of the Security Engineering Newsletter.

This one will be pretty.. pretty.. light. All of my time recently has been taken up by homelabbing and procrastinating with productivity tools. I recently bought an Intel NUC to mess around with some of the things I write about in this blog like Tailscale, Pyinfra, Grafana, Tracecat, etc.

I will probably write a post about this, but I decided to hook into Tines to handle some interactions with NextDNS and Canary tokens in my homelab environment. Yes, I use Canary tokens at home because why the hell not? They're free and awesome. Throw them into iCloud, throw them into your password manager.

Example of my Tines usage at home: querying NextDNS to get stats from blocklists every week and then checking DNS blocks for weird countries (use your imagination). Pushover is a service to send yourself push notifications to your devices.

Want to sponsor this newsletter? Hit me up!

Apple Platform Security Guide – Updated May 2024

Apple updated their Platform Security Guide for May 2024. This is some heavy duty reading – maybe not Ross Anderson-tier, but definitely not for the faint of heart. Thankfully, they provide a search bar for all of the docs, so you can just drop in when you want to look something up specifically.

Google Threat Intelligence

Google recently unveiled their new threat intelligence offering. From what I can gather, it seems like a suite of features that combines of data from a few places: Mandiant's services, VirusTotal's services, and Google's data from their portfolio of services. Generative AI also plays some role in GTI, and I thought this exchange about it below was somewhat reassuring.

Overall, there are some incredibly nice ingredients and features (alert enrichment), going into this, and it would be interesting to see what the result is.

Ratatui TUI App Showcase

Do you like text user interfaces (TUIs)?! Then look no further! Ratatui (a TUI framework for Rust) has a showcase on their site of various TUI apps such as atuin and csvlens. Definitely worth a look – especially atuin which is a magical shell history app.

I also discovered while writing this that there are also TUI frameworks for Python like Textualize. If you want to learn even more about TUIs, check out this informative thread on HN.

Free Breach Notification Service

Don't have the money to pay for "dark web monitoring" for your company? Why not just spam Mastodon's search API every 5 minutes for your company's name? This guy will notify you for free. /s

This was inspired by the comms around the Zscaler breach (that is turning out to be a nothing burger, thankfully).

‎Risky Business: Risky Business #747 -- Lockbit Leader Has A Very Bad Day on Apple Podcasts
‎Show Risky Business, Ep Risky Business #747 -- Lockbit Leader Has A Very Bad Day - May 7, 2024
‎The Cybersecurity Defenders Podcast: #122 - Platformization in cybersecurity with Maxime Lamothe-Brassard, Founder & CEO of LimaCharlie on Apple Podcasts
‎Show The Cybersecurity Defenders Podcast, Ep #122 - Platformization in cybersecurity with Maxime Lamothe-Brassard, Founder & CEO of LimaCharlie - May 6, 2024
‎Soft Skills Engineering: Episode 407: I’m too territorial and should I quiet quit? on Apple Podcasts
‎Show Soft Skills Engineering, Ep Episode 407: I’m too territorial and should I quiet quit? - May 6, 2024

Security Operations Engineer 1 @ Jamf

Senior Security Operations Engineer (Azure) @ Jamf

Senior Security Engineer 1 @ Samsara

Senior Security Engineer @ Mattermost

Pssst... want the Google Search query I use to find these? Just replace the YYYY-MM-DD with a week ago to get fresh results: "security engineering" "remote" site:greenhouse.io OR site:lever.co after:YYYY-MM-DD

Thank you for reading this week's issue, and see you next week! If you have any feedback, hit me up!