The Trivy Breach: Why Network Egress Controls Matter More Than Ever

The Trivy supply chain compromise stole CI/CD secrets from thousands of pipelines. Organizations with default-deny egress on their build infrastructure would have stopped the exfiltration cold. Most don't have it.
March 27, 2026
Bad Firewall Requests Part 6: Tribal Knowledge Is Poisoning Your Firewall Ruleset

When there's no good reference for how to write a firewall request, people copy old tickets. The problem is those old tickets were wrong too.
March 14, 2026
Bad Firewall Requests Part 5: How Deadline Pressure Turns Firewall Rules Into Technical Debt

When vague requests meet tight timelines, firewall teams approve broader rules than they should. Those rules never get tightened. Here's how the cycle works and how to break it.
March 11, 2026
Bad Firewall Requests Part 4: Nobody Reads the Docs (and Your Firewall Pays the Price)

Vendor docs list ports for every feature the product offers. Teams that don't understand which ones they actually need just request all of them. The result is an ever-growing attack surface built on uncertainty.
March 8, 2026
Bad Firewall Requests Part 3: Your Firewall Request Form Is Setting People Up to Fail

If your firewall request form was designed by security people for security people, it might be the reason your tickets keep coming back incomplete.
March 6, 2026
Bad Firewall Requests Part 2: The Translation Gap - Why App Teams and Firewall Teams Speak Different Languages

Application developers think in services. Firewall engineers think in IPs and ports. That gap is the single biggest reason firewall requests come in broken.
March 4, 2026
Bad Firewall Requests Part 1: The Hidden Cost of Poorly Written Firewall Requests

Every bad firewall request triggers a quiet chain reaction of wasted hours, delayed projects, and security compromises nobody talks about. This is the overview of a six-part series digging into why it happens and what to do about it.
March 2, 2026