https://blog.cjmay.dev/best-practices-5-risks-to-assess-for-a-secure-ci-pipeline/2025-12-09T06:21:34.000Zhttps://cdn-images-1.medium.com/max/800/0*IyAtkl8S-WdLXPjW.png0*IyAtkl8S-WdLXPjW.pnghttps://blog.cjmay.dev/ciso-roadmap-the-first-90-days/2025-12-09T06:13:30.000Zhttps://blog.cjmay.dev/content/images/2025/12/roadmap.pngroadmap.pnghttps://blog.cjmay.dev/jaws-research/2025-12-09T04:49:26.000Zhttps://blog.cjmay.dev/content/images/2025/12/jawslogo.pngjawslogo.pnghttps://blog.cjmay.dev/learning-experience-gitlab-and-reverse-proxies/2025-12-09T04:49:18.000Zhttps://blog.cjmay.dev/content/images/2025/12/gitlablogosmall.pnggitlablogosmall.pnghttps://blog.cjmay.dev/project-browser-ception/2025-12-09T04:49:11.000Zhttps://blog.cjmay.dev/content/images/2025/12/foxception-1.pngfoxception-1.pnghttps://blog.cjmay.dev/black-box-seccomp-profiling/2025-12-09T04:49:04.000Zhttps://blog.cjmay.dev/content/images/2025/12/seccompdocker.pngseccompdocker.pnghttps://blog.cjmay.dev/reverse-shell-anywhere/2025-12-09T04:48:53.000Zhttps://blog.cjmay.dev/content/images/2025/12/understanding-reverse-shells.jpgunderstanding-reverse-shells.jpghttps://blog.cjmay.dev/identity-lifecycle-management-for-nhis-key-security-challenges/2025-09-14T14:10:00.000Zhttps://cdn-images-1.medium.com/max/800/0*Bz_DrgfjNiqeO2jL.png0*Bz_DrgfjNiqeO2jL.pnghttps://blog.cjmay.dev/ssh-certificates-a-complete-guide/2025-03-10T00:00:05.000Zhttps://cdn-images-1.medium.com/max/800/0*PnSJu5JL-Z2gDh_K0*PnSJu5JL-Z2gDh_Khttps://blog.cjmay.dev/balancing-security-and-velocity-in-modern-software-development/2025-02-20T16:06:52.000Zhttps://cdn-images-1.medium.com/max/800/0*skaQl7yGUEvq6ye0.png0*skaQl7yGUEvq6ye0.pnghttps://blog.cjmay.dev/self-hosting-infisical-a-guide-to-securing-your-homelabs-secrets/2025-02-12T00:00:20.000Zhttps://cdn-images-1.medium.com/max/800/0*dBG_NPTvPN1MrdEj.jpg0*dBG_NPTvPN1MrdEj.jpghttps://blog.cjmay.dev/detection-engineering-a-case-study/2024-12-27T17:45:48.000Zhttps://cdn-images-1.medium.com/max/800/0*Bukzq4nX0CnzzgpX.png0*Bukzq4nX0CnzzgpX.pnghttps://blog.cjmay.dev/how-to-handle-secrets-in-configuration-management-tools/2024-12-20T14:45:08.000Zhttps://cdn-images-1.medium.com/max/800/0*xTSItnORGEJheMX1.png0*xTSItnORGEJheMX1.pnghttps://blog.cjmay.dev/security-culture-the-best-tool-money-cant-buy/2024-11-06T17:01:20.000Zhttps://cdn-images-1.medium.com/max/800/0*ZZ5o0ndtDaqQQKn5.png0*ZZ5o0ndtDaqQQKn5.pnghttps://blog.cjmay.dev/making-sense-of-open-source-vulnerability-databases-nvd-osv-and-more/2024-07-26T16:00:57.000Zhttps://cdn-images-1.medium.com/max/800/0*-5CWT_FgYPZMc2tm.png0*-5CWT_FgYPZMc2tm.pnghttps://blog.cjmay.dev/pipeline-integrity-and-security-in-devsecops/2024-05-14T16:30:54.000Zhttps://cdn-images-1.medium.com/max/800/0*G8yxU46dZY_RyDnS.png0*G8yxU46dZY_RyDnS.pnghttps://blog.cjmay.dev/secure-by-design-software-in-devsecops/2024-04-24T15:00:43.000Zhttps://cdn-images-1.medium.com/max/800/0*5aomIFNgxzBMnxdv.png0*5aomIFNgxzBMnxdv.pnghttps://blog.cjmay.dev/vulnerability-management-lifecycle-in-devsecops/2024-03-27T18:55:40.000Zhttps://cdn-images-1.medium.com/max/800/0*aaeqoEYJteRCBe6X.png0*aaeqoEYJteRCBe6X.pnghttps://blog.cjmay.dev/how-to-handle-mobile-app-secrets/2024-02-23T16:00:46.000Zhttps://cdn-images-1.medium.com/max/800/0*EW56oFDIqT1hoxdf.png0*EW56oFDIqT1hoxdf.pnghttps://blog.cjmay.dev/how-to-become-great-at-api-key-rotation-best-practices-and-tips/2023-12-28T11:46:43.000Zhttps://cdn-images-1.medium.com/max/800/0*n1RJ114FEhAowu0x.png0*n1RJ114FEhAowu0x.pnghttps://blog.cjmay.dev/secure-code-review-best-practices-cheat-sheet-included/2023-07-26T12:52:44.000Zhttps://cdn-images-1.medium.com/max/800/0*fvoMZOfor7U3Q6l7.jpg0*fvoMZOfor7U3Q6l7.jpghttps://blog.cjmay.dev/best-practices-for-securing-infrastructure-as-code-iac-in-the-devops-sdlc-cheat-sheet-included/2023-04-13T15:01:00.000Zhttps://cdn-images-1.medium.com/max/800/0*Pd8dojdQRc1AAhmU.png0*Pd8dojdQRc1AAhmU.pnghttps://blog.cjmay.dev/thinking-like-a-hacker-finding-source-code-leaks-on-github/2022-12-07T16:35:41.000Zhttps://cdn-images-1.medium.com/max/800/0*o89WtQpag1JHXrGc.png0*o89WtQpag1JHXrGc.pnghttps://blog.cjmay.dev/thinking-like-a-hacker-stealing-secrets-with-a-malicious-github-action/2022-10-13T12:10:17.000Zhttps://cdn-images-1.medium.com/max/800/1*IczpllqNdqh5c5rOIgh4qg.png1*IczpllqNdqh5c5rOIgh4qg.pnghttps://blog.cjmay.dev/thinking-like-a-hacker-commanding-a-bot-army-of-compromised-twitter-accounts/2022-09-26T16:30:03.000Zhttps://cdn-images-1.medium.com/max/800/1*IczpllqNdqh5c5rOIgh4qg.png1*IczpllqNdqh5c5rOIgh4qg.pnghttps://blog.cjmay.dev/thinking-like-a-hacker-aws-keys-in-private-repos/2022-08-12T14:00:52.000Zhttps://cdn-images-1.medium.com/max/800/1*IczpllqNdqh5c5rOIgh4qg.png1*IczpllqNdqh5c5rOIgh4qg.pnghttps://blog.cjmay.dev/thinking-like-a-hacker-abusing-stolen-private-keys/2022-07-21T16:00:22.000Zhttps://cdn-images-1.medium.com/max/800/1*IczpllqNdqh5c5rOIgh4qg.png1*IczpllqNdqh5c5rOIgh4qg.pnghttps://blog.cjmay.dev/securing-containers-with-seccomp-part-2/2022-04-01T15:05:00.000Zhttps://cdn-images-1.medium.com/max/800/0*uv3SBbKnnFHX1j-r.jpg0*uv3SBbKnnFHX1j-r.jpghttps://blog.cjmay.dev/securing-containers-with-seccomp-part-1/2022-03-24T12:58:30.000Zhttps://cdn-images-1.medium.com/max/800/0*SioprgAOvcFBcCjz.png0*SioprgAOvcFBcCjz.png