Probossibly my last post here, a breadcrumb: Find me on blooskee.

Dusted off the ol' blog:.Source & Binary has ceased operations.

Disappointed though I am, Mastodon is a pain in the ass and I guess I'm coming back here where my friends are.

Felt funny, might delete later.

The character was ‘@’ and the language was PHP. We kept it.

Once my boss and I both independently wrote patches to address a serious security flaw, intending to compare them before merging. Our many-lined patches, which IIRC included variable declarations, differed by a single character. Seems like some people need to hear this today.

Standing AWS access doesn’t have to be a security nightmare and JIT access doesn’t automatically mean it’s better.

Release Notes Notes 2024.04 featuring bugs fixed, talks (to be) given, and Sideshow.

One giant AWS account is technical debt you can’t afford.

I have made a thing!. I wanted web-based slide presentations that were still good HTML documents, so I made exactly that.

Substrate’s far from the only thing startups can adopt to improve their reliability. Here’s @kelp on getting every engineer into an on-call rotation:.

/me looks at how many replies he just fired off. @samkottler chose the wrong day to bring up SOC 2, when I'm fired up after finishing 9,000 words on the topic.

The final part in my series about SOC 2 compliance is out, covering how to approach your second audit, change your controls, and become more efficient.

Wondering what's actually going to happen during your first SOC 2 audit? Wonder no more because part three in our series about SOC 2 compliance for startups and first-timers is here!.

Muad’Dib: [bursts into song].Well there’s chocolate, and there’s choc-o-late.Only Lisan-al-Gaib has family a-to-mics.

Release Notes Notes 2024.03:.- AWS public IPv4 charges and their effect on weird things on the Internet.- CI products are shockingly bad at posting success/failure to Slack.

Before your first SOC 2 audit you'll need to define controls that meet the SOC 2 criteria. Part two of our series on SOC 2 compliance explains what controls are, how to read the criteria, and how to define controls that work for your company.

Marketing folks say people don’t buy better, they buy “new capabilities.” Tough bar when you work with AWS. They do everything, technically, but they sure do make it a struggle. Substrate makes AWS easy, secure by default, and ready to grow. All by dinner.

Tools like Substrate are important for controlling access, change, and segmentation but there's so much more to a compliance program and now you've got (the beginning of) my map.

Part two in my SOC 2 compliance series will teach you how to read the SOC 2 criteria and design controls that work for your business. Part three will take you through your first audit. And part four will discuss operating your compliance program for the long term.