Phishing-as-a-Service (PHaaS) – A Case Study
You’ve been there – an email and a question. Is this legit? Of course not. What else can we say about a campaign?
Cautiously Configuring Copilot
Security folks do not like Copilot for several reasons. One of the main concerns is the leakage of secrets. Basically, we are searching for the configuration that would prevent this – adhering to the principle of least privilege: third parties do not need our secrets.
Vault Operator for k8s
Secret management isn’t an easy task, especially in bigger companies. At Kiwi.com we have tried multiple ways to tackle this problem over the years. At the end of January 2023, we publicly released our vault operator.
BigQuery data in Google Sheets using Data connector
Big data is becoming a significant challenge for businesses as the amount of data grows. To address this challenge, many businesses are turning to cloud-based storage solutions for their data and using easily scalable business intelligence (BI) tools. Google offers a vast range of tools and services for managing and analyzing data, most of which are free to use.
code.kiwi.com 2022 wrap-up
2023 finally arrived, and we cannot be more excited about the upcoming tech community projects, but let’s take a moment to look at all the amazing things that happened in code.kiwi.com in 2022. Grab a cup of your favorite something and.. hey ho let’s go! The number of the year — 121. This is how often you could […]
Pentesting, Part 2: You’d Like To Buy Some?
I got a message from my friend in the lines of: “Hi! I remember you did penetration tests, we want it. Where can we order some penetration tests?” Dear friend, I sincerely hope to answer your question in this post. Why ? Let’s quickly summarize why you would even do such a thing. There are […]
Looker Onboarding Obstacles
We’ve been using Looker as a self-service and reporting tool in Kiwi.com for more than 3 years. Onboarding this tool has been an interesting journey led by many, sometimes too late, realizations. And many, many of them could have been avoided if we knew what we know today.That’s why we have decided to record our […]
7 Similarities Between Cybersecurity and (Tech) Community Management
Ithas been a year since I decided to heed the call of my heart, leave my beloved field of cybersecurity and a nice corporate job, and go for a new career in tech community management. What a ride it’s been! With no regrets. This anniversary gave me pause to reflect on how this decision affected […]
Pentesting, part 1: What is pentesting?
Do you want to know about pentesting but don’t know where to start? Not sure what the difference is between hacking and pentesting? Eager to learn how the pentesters know where to stop their activities? Want to hear all about it with a bit of a snarky attitude and in “human” language? Then today is […]
Type-safe arguments in Jetpack Navigation Compose
Jetpack Navigation Compose is the Jetpack Navigation library enhanced for usage in Compose. But the actual “enhancement” is a bit limited and different from the View-based navigation. Most importantly, there are no SafeArgs — a type-safe compile time solution for passing arguments between destinations. Navigation for Compose uses a simple URL pattern — arguments have to […]