Resources
DevSecOps guides and notes
Practical references for vulnerability management, DNS, web security, APIs, and platform operations.
DNS records for email security
How MX, SPF, DKIM, and DMARC records work together to reduce spoofing and phishing.
dnsemaildmarc
Security headers that matter for modern web apps
The headers that provide meaningful browser-side protection and how to roll them out safely.
headersweb securitycsp
How to prioritize CVEs with KEV and EPSS
A practical workflow for combining CVSS, CISA KEV, EPSS, exposure, and asset criticality.
cveepsskevvulnerability management