Security scanning Docker containers with InSpec

Docker makes running containers incredibly simple, a big reason for its popularity. I can quickly and easily run an Nginx container on my workstation, whether Mac, Windows or Linux based.

Using InSpec to DevOps GDPR compliance

Have you heard of GDPR? It stands for the General Data Protection Regulation. It’s an update to the original data protection regulations from 1995 and reflects the new ways that we store and process personal data in an increasingly digital society.

Automating Windows Local Security Policy

Enforcing security policy is tough, especially in a Windows environment where you are NOT using Group Policy. Think about usage patterns for Windows server on cloud. GPO certainly doesn’t always apply.

ISO 27001 Mandatory Documents

I have compiled a list of mandatory documents by looking through the ISO/IEC 27001:2005 standard and by pulling together online resources I am currently relying on for my own work towards ISO 27001 accreditation in my current role at CatN.