Skip to content

The Plaintext Problem: Why FTP, Telnet, and SNMP v1 Should Be Gone by Now

The Plaintext Problem: Why FTP, Telnet, and SNMP v1 Should Be Gone by Now
#firewall#insecure protocols#network security#compliance

Plaintext protocols persist in enterprise networks because nobody prioritises replacing them until credentials leak. Here is why FTP, Telnet, and SNMP v1/v2c are still the easiest way for an attacker to harvest passwords from your wire.

Read more →

April 25, 2026

Database Ports Don't Belong on the Open Network

Database Ports Don't Belong on the Open Network
#firewall#database security#network segmentation#security operations

Database ports should never be directly reachable from broad network segments, and what happens when they are ranges from data theft to full infrastructure compromise.

Read more →

April 11, 2026

Can Every Pod in Your Cluster Talk to Every Other Pod?

#kubernetes#network policy#network security#lateral movement#zero trust

If your Kubernetes cluster has zero NetworkPolicies, every pod can reach every other pod on every port. No restrictions. No segmentation. A flat, open network. Is that what you intended?

Read more →

April 3, 2026

Does Your CI/CD Pipeline Let Build Agents Talk to Any IP on the Internet?

#CI/CD security#supply chain security#network security#egress controls#zero trust

If your CI/CD build agents have unrestricted outbound network access, they are one compromised dependency away from exfiltrating every secret in your pipeline. Most organizations allow exactly that.

Read more →

April 1, 2026

Lock Down Your Management Ports Before Ransomware Does

#firewall#remote access#network security#jump host#zero trust

RDP abuse appeared in 90% of ransomware IR cases in 2023. Not phishing. Not zero-days. A firewall rule that seemed harmless six months ago.

Read more →

March 28, 2026

The Trivy Breach: Why Network Egress Controls Matter More Than Ever

The Trivy Breach: Why Network Egress Controls Matter More Than Ever
#supply chain security#network security#zero trust#CI/CD security

The Trivy supply chain compromise stole CI/CD secrets from thousands of pipelines. Organizations with default-deny egress on their build infrastructure would have stopped the exfiltration cold. Most don't have it.

Read more →

March 27, 2026

Bad Firewall Requests Part 6: Tribal Knowledge Is Poisoning Your Firewall Ruleset

Bad Firewall Requests Part 6: Tribal Knowledge Is Poisoning Your Firewall Ruleset
#firewall#network security#process improvement#security operations

When there's no good reference for how to write a firewall request, people copy old tickets. The problem is those old tickets were wrong too.

Read more →

March 14, 2026

Bad Firewall Requests Part 5: How Deadline Pressure Turns Firewall Rules Into Technical Debt

Bad Firewall Requests Part 5: How Deadline Pressure Turns Firewall Rules Into Technical Debt
#firewall#network security#process improvement#security operations

When vague requests meet tight timelines, firewall teams approve broader rules than they should. Those rules never get tightened. Here's how the cycle works and how to break it.

Read more →

March 11, 2026

Bad Firewall Requests Part 4: Nobody Reads the Docs (and Your Firewall Pays the Price)

Bad Firewall Requests Part 4: Nobody Reads the Docs (and Your Firewall Pays the Price)
#firewall#network security#process improvement#security operations

Vendor docs list ports for every feature the product offers. Teams that don't understand which ones they actually need just request all of them. The result is an ever-growing attack surface built on uncertainty.

Read more →

March 8, 2026

Bad Firewall Requests Part 3: Your Firewall Request Form Is Setting People Up to Fail

Bad Firewall Requests Part 3: Your Firewall Request Form Is Setting People Up to Fail
#firewall#network security#process improvement#security operations

If your firewall request form was designed by security people for security people, it might be the reason your tickets keep coming back incomplete.

Read more →

March 6, 2026

Next 2/2