This is my personal blog, though much of it will reflect themes and issues which are relevant to my work (currently as Chief Security Architect at Red Hat).  My interests (professional) include:

  • blockchain, distributed ledgers and permissioned blockchains
  • container security
  • workload and host execution security
  • “the trusted data centre”, when and how to use hybrid cloud, etc.
    • including attestation, TEEs (Trusted Execution Environments/Enclaves), architectural decisions, storage, etc.
  • NFV and telco security
  • DevSecOps
  • compliance and certification
  • impact of ML and AI on system security
  • cryptographic usage, “crypto-agility” and the impact of quantum computing
  • future trends with Open Source security and usage
  • p2p security, authentication and trust
  • IoT security