It’s been a while since I wrote anything, so I figured I’d drop an update before the end of the year. Lots going on, but not a whole lot of interesting or worthwhile results to showcase, unfortunately. I might have one interesting post before the end of the year regarding Terraform use for Wiz, if there’s enough time.

I did pass my CISSP and CCSP on the first try, which was convenient. I took them at the same place about a week apart, and they were pretty standard tests, there wasn’t a ton of surprises on those exams. It was still nice to have those retries in my pocket, but in the future, I probably won’t bother buying retries up front. The next cert on the list is an AZ 900, this is something that my new employer would like me to get. I’ve been working on Azure for the last 4 years, so I don’t expect it to be too difficult. I’ll probably do the same thing I’ve been doing to study, which is youtube videos on 2x speed. I’m also asking my employer to fund a Kubestronaut cert next year, which is I think 6 certs offered by CNCF around Kubernetes bundled and priced a little lower than they are a la carte. That should probably cover my CPE credits for the year.

At the new gig, we’re deploying Wiz as a CNAPP, and doing some evaluation to compare it to the tools we’re presently using. At the previous job, the team deployed Wiz, and even though I wasn’t directly involved in that effort, I heard a few things that have been valuable to this project. This project has more specific requirements around custom findings, which have varying amounts of value compared to the built in finding types. I’m sure as we progress along this project, we’ll find that many of the checks we’re performing for compliance today may not actually have substantial value to our security posture.

Other than that, the leaves have mostly turned here, fall’s properly here, and temps are dropping. I’ll try to do one more update before the end of the year, hopefully something more interesting and in-depth than I’ve been talking about lately. Maybe I’ll finish the rest of HackerRank Python and share my thoughts here. Til next time!