Cloakable Tech Blog

Technical topics in the cybersecurity space

  • More Than Meets The Eye… Software Transformation vs Obfuscation

    More Than Meets The Eye… Software Transformation vs Obfuscation

    In the field of software security, the term ‘obfuscation’ is often used, particularly when it is desired to protect software in a fully automated, “hands-free” manner. Software obfuscation is the...

    Read Article
  • Jenkins in the cloud

    Jenkins in the cloud

    Continuous Integration, also know as CI, is an important part of modern software development. In fact it is a real game changer when Continuous Integration is introduced into an organisation,...

    Read Article
  • Cloakware Cate Teaches You Tools and Techniques of Hackers

    We’ve just introduced a new Youtube video series by Cloakware Cate.  Our Senior Architect, Catherine, will show you the tools and techniques hackers use to reverse engineer your apps in...

    Read Article
  • IoT Security Is Not One Chip Shopping

    This past week I’ve been reading the specifications for Trusted Platform Modules (TPM) published by the Trusted Computing Group of companies.  It seems to me they’ve done a lot of things right,...

    Read Article
  • Stacy, The Old-School Car Guy

    We’ve started creating short, succinct videos on YouTube to help explain key concepts and issues around protecting keys, code and data associated with embedded systems. One series is Stacy Janes...

    Read Article
  • Software Protection is Like a SPIDER Web…

    Software Protection is Like a SPIDER Web…

    Software Protection: Integrity, Diversity, Entanglement and Renewability (SPIDER) We’ve spent a lot of time finding a suitable analogy to explain the more subtle aspects of defense in depth and...

    Read Article
  • Security Baselining AWS Accounts

    Security Baselining AWS Accounts

    As someone who works with cloud solutions for a security company, I am very aware of the stories in various media about security breaches in cloud accounts. Usually these are along the lines of...

    Read Article
  • The Spectre of Un-Patchable Hardware Haunts Us All — Don’t Meltdown!

    The Spectre of Un-Patchable Hardware Haunts Us All — Don’t Meltdown!

    Ofttimes it has been difficult to explain the role of software protection in hardware-protected secure systems, but recently security researchers have helped us out by providing many examples of...

    Read Article
  • Make Yourself Less of a Target – A multi-layered Approach to Application Shielding

    Some of you will remember the Target and Home Depot cyberattacks in 2013 & 2014, which resulted in $202 million (Sruthi Ramakrishnan, 2017) and $134.5 million USD (Roberts, 2017) of damages...

    Read Article
  • The Perimeter is a lie – The Container Layer (part 3)

    The Perimeter is a lie – The Container Layer (part 3)

    Following on from previous posts (part 1, part 2) I wanted to drill down a bit more into the components from the container cluster node in the reference architecture as is shown on the image...

    Read Article
  • HOW-TO: Implement VPC Peering between 2 VPC’s in the same AWS account using CloudFormation

    HOW-TO: Implement VPC Peering between 2 VPC’s in the same AWS account using CloudFormation

    Introduction While investigating new solutions I was spinning up POC’s and decided that instead of either making a new jumphost every time or adding manually the access to my existing jumphost I...

    Read Article
  • Shedding light on CAP theorem for the pragmatic

    Shedding light on CAP theorem for the pragmatic

    In part 1 of this series of blog posts, we talked about how the choice between NoSQL and SQL databases is bound to the core design of the application and I promised to get deeper into what this...

    Read Article
  • The Perimeter is a lie – an approach (part 2)

    The Perimeter is a lie – an approach (part 2)

    In my previous post I advocated reducing the security perimeter to the smallest possible size – because perimeter based security is often not enough, the slightest ‘hole’ in the perimeter allows...

    Read Article
  • Using Spot Instances as build agents, or “How to save money without really trying.”

    Using Spot Instances as build agents, or “How to save money without really trying.”

    At Irdeto we have been working with AWS for some time. Our standard deployments are on AWS and this has led to improved visibility on costs. Of course, once you have that visibility there is...

    Read Article
  • Java is a first class citizen in a Docker ecosystem now

    Java is a first class citizen in a Docker ecosystem now

    Hosting a Java application in Docker is relatively easy and described in many howtos and tutorials. But what they don't tell us is how to run Java inside Docker in production... Let me explain.

    Read Article
  • The perimeter is a lie (part 1)

    The perimeter is a lie (part 1)

    I recall in early 2000's having a debate with a security expert about firewalls, at the time they were advocating the firewall model was fundamentally broken! Their argument was if any traffic...

    Read Article
  • Shedding light on NoSQL for a SQL-ized mind

    Shedding light on NoSQL for a SQL-ized mind

    When choosing the database technology for an application, the most important question is whether to stick with the good old SQL databases, or follow the trend and choose NoSQL. The answer to this...

    Read Article
  • AVTest annual malware report

    AVTest annual malware report

    AVTest.org produced their annual malware report recently and it's interesting reading. It charts of picture of an active battle between attackers trying to make money and defenders who are...

    Read Article
  • Why you should care about whitebox cryptography

    Why you should care about whitebox cryptography

    More and more security companies are including "white-box cryptography" in their product offerings. This is more than buzzword compliance; it's a recognition that white-box attacks are real, and...

    Read Article
  • Now you can trust the browser!

    Now you can trust the browser!

    In May Tim Charman and Ben Gidley presented a talk at CodeMotion in Amsterdam showing how you can use obfuscation, whitebox and integrity verification to secure communications from the browser...

    Read Article
  • loading
    Loading More...