Slack Slash Command security

Slack "Slash Commands" can be a very useful tool to write a CLI to interact with other applications that you manage. In short the contract works something like this; from within a slack channel that the commands are available you would type: /my-command [text arguments] Seems simple enough, however you need to implement a REST … Continue reading Slack Slash Command security

Batch processing commands

If you secure your entire infrastructure at the transport layer with end to end SSL for both internal and external traffic, then you likely have a ton of endpoints, each with their own SSL software stacks and a wide array of different certificates, some CA signed, others not etc. Both the amount of these and … Continue reading Batch processing commands

Migrating APIs to Tyk

In the recent past I was helping on a project who's objective was to migrate off of a very costly proprietary appliance based API gateway solution, and move into a cheaper alternative; preferably an open source api gateway offering. The main challenge was that a large percentage of the APIs to be migrated were legacy … Continue reading Migrating APIs to Tyk

Google Wifi router, port forwarding, you have no devices, privacy

Had an Asus router die today, so in a pinch I went out and bought a Google WiFi router after hearing "good things". I have a few wired devices and several wifi connected devices and I also have needs for port forwarding. The first thing you will notice that is quite different from other routers … Continue reading Google Wifi router, port forwarding, you have no devices, privacy

Safely build docker images with git svn ssh private keys

Often when building a docker container, your Dockerfile needs to pull down some code from a privately secured source control system like Git or SVN via SSH. In order to do this, the build process will need a valid ssh configuration local to the build that includes the necessary components to make this work (such … Continue reading Safely build docker images with git svn ssh private keys

Encrypting and storing powershell credentials

Please see: Recently I had the need to store some credentials for a powershell script (i.e. credentials that I ultimately needed in a PSCredential object). The other requirement is that these credentials be portable and "user" independent, meaning that they could not be encrypted using the DPAPI (windows data protection api) as that binds … Continue reading Encrypting and storing powershell credentials