Personal

Much has changed since the last entry to this blog and as we approach retirement, I’ll start posting more personal content and my thoughts about the industry that I’ve spent the last 43 years to support.

This post, however, is to announce our first Superb Owl Party down in Tucson. Our new house is still being furnished but please join use for the Big Game playing on the outside TV (weather permitting) along with appetizers, drinks, and a chance to get to know new and old friends here in Tucson.

When I logged in to my FreshRSS installation running on a spare Mac mini server I noticed that the Autoblog RSS feed was having problems. It’s been a couple of days since I read articles on the site and a quick investigation shows the site had been sold and they discontinued the RSS feed.

I could subscribe to them through the normal Facebook, Twitter, Instagram, or other social media platform but that is not a substitute for directly reading the articles through an RSS feed. Admittedly, Autoblog had switched to just including the headline in the RSS feed which was fine as I then clicked through to the article to read if necessary.

Google Domains was recently sold to Squarespace so I decided to move stad.us to Porkbun, a registrar with a funny name but good service. To do that I had to remove the old Pages configuration I had at GitLab and replace it with a new configuration. This is just a test to make sure everything still works.

Other than that, still at Workiva and enjoying the challenge.

It’s been a hot minute since my last post here so I decided to drop some text and an update. As a cloud security architect I’ve been working with my colleagues around the world on a number of recent events.

It started with the Log4Shell vulnerability. We worked through a number of sleepless nights to ensure we were not affected by the vulnerability and then patching the few instances where 3rd party products used the affected versions. In addition to the analysis and patching (actually rebuilding, no need for patching anymore), we developed a number of new tools and employed a number of open source products to identify our software bill-of-materials (SBOM). We settled on Syft to scan our containers and images building a constantly updated SBOM.

This has been an absolutely crazy year on a number of fronts, political, social, medical, and personal. I’ve switched jobs during a pandemic and have witnessed both the good and the bad in people.

I hope this message finds you and yours safe and secure this New Year’s Eve and that 2021 will bring better times and happier days.

I have been attending a number of virtual conferences over the last few months and I’ve come to the conclusion that I miss in person conferences. From Kubecon to re:Invent, I miss the interaction with other people in the field. Talking at birds of a feather sessions help to understand where the industry is moving and help solve common problems we all face.

Not to mention the fact that I miss going to Las Vegas for re:Invent. I don’t gamble but I do enjoy all the lights, buzz, and activity around the conference. Plus it’s my one time each year that I replenish my t-shirt supply. The old t-shirts are not forgotten, however, they end up and Goodwill or are donated to the local shelter.

I am moving on from my position as a Senior Security Analyst at Bank of America to become a Cloud Security Architect at Workiva. I’ve decided to move back in to the development side of the business but still keep my Security focus. I look forward to the new opportunity and am grateful for being able to make such a move during the pandemic.

Welcome to the new home of Software Tool & Die. Here you will find my occasional musings on software development, security research, kubernetes, containers, and just about anything else that is on my mind.

Software Tool & Die is my consulting company based in Denver, CO. When I decide to strike out on my own and work 1099, STAD comes to the rescue.

This site is rendered using a static site generator called Hugo with a customized theme. It is then deployed to GitLab Pages.