Welcome to Issue #6 of the Security Engineering Newsletter.

A super light one again this week – a sign I should send this newsletter out biweekly instead of weekly, but I haven't made a determination on that yet.

I've been reading Nuclear War: A Scenario by Annie Jacobsen. It is one of the most depressing non-fiction books I have ever read, but, at the same time, I can't put it down. I have probably read about half of it over the past two days. Jacobsen chronicles the harsh reality of what would happen if NK randomly fired a nuke or two at the United States (called "a bolt out of the blue" scenario). Turns out, it is really hard to shoot an ICBM out of the sky. 10/10 would recommend. Also watching Interview with the Vampire on AMC which is fantastic.

‎Nuclear War
‎History · 2024

Other than that, I am headed to the OFFICIAL Denver Cybersecurity Summit this week.

-- Andrew

Want to sponsor this newsletter? Hit me up!
Simplifying Pushing Docker Images to ECR With CodeBuild: The Ultimate How-To
Are you tired of manually pushing Docker images to Amazon Elastic Container Registry (ECR) every time you make changes to your images? It can be a tedious and time-consuming process that can slow down your development workflow. But fear not, because CodeBuild can simplify this process for you! 💪 In this

I had a need this week to set up a monthly automated workflow to pull the latest image from a DockerHub repo, push it to AWS ECR, and force deploy an AWS ECS Fargate service using the new image. I considered using GitHub Actions, but this article from Alexander Hose presents an easy, AWS-native way to do most of what I needed. The article doesn't cover the redeployment to Fargate part, but it was fairly easy to add it to the BuildSpec script. I ended up creating a CloudFormation template for the whole process 🥷

VMware makes Workstation Pro and Fusion Pro free for personal use
VMWare has made Workstation Pro and Fusion Pro free for personal use, allowing home users and students to set up their own virtualized test labs and play with another operating system at little to no cost.

I always assume there is some catch to announcements like this, but maybe I should just accept it as good news – VMware Workstation Pro and Fusion Pro are free for personal (non-commercial) use! 🎉

Endpoint vulnerability management at scale - Canva Engineering Blog
How we do endpoint vulnerability management at Canva.

Santiago Gutiérrez wrote a highly detailed article about performing endpoint vulnerability management at scale at Canva's (mainly) macOS shop. It is always interesting to see what other organizations are doing to solve this painful issue. There are so many moving parts: not ruining the end user experience, dealing with huge amounts of data, creating and routing tickets, reporting – it can be a mess. SentinelOne's application vulnerability feature was particularly notable for me. It seems like it is crucial in the process and has some nicely built-out APIs.

If you're a T1 SOC analyst, how do you get feedback on your work?
by u/Medical_Chipmunk3459 in cybersecurity

As someone who has never been a SOC analyst, I thought this Reddit thread was interesting. Based on the responses, it doesn't seem like most SOC analysts get feedback about the work they do. Most people assume that no feedback is good feedback. Without feedback or some quality control process, how can you be sure people are actually handling things correctly? 😶‍🌫️

‎The Cybersecurity Defenders Podcast: #124 - The intersection of CTI & Detection Engineering with Wade Wells, Lead Cybersecurity Threat Detection Engineer on Apple Podcasts
‎Show The Cybersecurity Defenders Podcast, Ep #124 - The intersection of CTI & Detection Engineering with Wade Wells, Lead Cybersecurity Threat Detection Engineer - May 15, 2024
‎Risky Business: Risky Business #748 -- New cyber rules for US healthcare are coming on Apple Podcasts
‎Show Risky Business, Ep Risky Business #748 -- New cyber rules for US healthcare are coming - May 14, 2024
‎Soft Skills Engineering: Episode 408: Terrible retrospectives and “hard to work with” on Apple Podcasts
‎Show Soft Skills Engineering, Ep Episode 408: Terrible retrospectives and “hard to work with” - May 13, 2024
Hello GPT-4o
OpenAI announced a new model today: GPT-4o, where the o stands for “omni”. It looks like this is the `gpt2-chatbot` we’ve been [seeing in the Chat Arena](https://simonwillison.net/2024/May/8/gpt2-chatbot-confirmed-as-openai/) the past few …

Simon Willison (the AI blogging GOAT) published a writeup on the new GPT-4 model. This is the gpt2-chatbot that I wrote about in an earlier newsletter. I've been using it extensively for the past few days, and the speed is incredibly apparent.


Thank you for reading this week's issue, and see you next week! If you have any feedback, hit me up!