Captain's Log, Stardate 2021.11.12


Visualizing Congestion at America’s Busiest Port | Visual Capitalist / Marcus Lu

2021-11-12 Captains Log - JupiterOne

As of November 2, 2021, the Port of Los Angeles reported that it had 93 vessels waiting in queue. Altogether, these ships have a maximum carrying capacity of roughly 540,000 containers (commonly measured in twenty-foot equivalent units or TEUs).

On the other side of the equation, the port processed 468,059 import containers in September (the most recent data at the time of writing). Because the port does not operate on Sundays, we can conclude that the port can load roughly 18,000 containers each day.

That capacity seems unlikely to reduce the congestion. Over a two-week timeframe in September, 407,695 containers arrived at the Port of Los Angeles, which averages to around 29,000 containers arriving each day.

Read the full story...


Modern Cybersecurity: Tales from the Near-Distant Future | Book Download

Modern Cybersecurity - Hardcopy or Digital - JupiterOne JupiterOne recently released a book featuring seven security practitioners telling their stories (Target, DoD USAF, sweetgreen, Cobalt, NTT Data Services, JupiterOne, Cyber Leadership Forum). The stories describe the details of major business problems experienced when implementing cybersecurity - and how they overcame them.

We had over 900 downloads and figured, "Hey, people found it interesting. Let's keep going!" The book is available on Amazon, or you can download the digital copy for free.

SMS About Bank Fraud as a Pretext for Voice Phishing
 | KrebsOnSecurity

2021-11-12 Captains Log Image 02

KrebsOnSecurity recently heard from a reader who said his daughter received an SMS that said it was from her bank, and inquired whether she’d authorized a $5,000 payment from her account. The message said she should reply “Yes” or “No,” or 1 to decline future fraud alerts.

Since this seemed like a reasonable and simple request — and she indeed had an account at the bank in question — she responded, “NO.”

Seconds later, her mobile phone rang.

“When she replied ‘no,’ someone called immediately, and the caller ID said ‘JP Morgan Chase’,” reader Kris Stevens told KrebsOnSecurity. “The person on the phone said they were from the fraud department and they needed to help her secure her account but needed information from her to make sure they were talking to the account owner and not the scammer.”

Read the full story...

Dune Foresaw—and Influenced—Half a Century of Global Conflict | Wired / Andy Greenberg

2021-11-12 Captains Log - JupiterOne

JUST BEFORE HIS deployment to Iraq in 2003, Ryan Kort spotted a paperback copy of Dune in a bookstore near Fort Riley, Kansas. 

Kort read the book during moments of downtime over the next weeks, as he led his platoon of 15 soldiers and four tanks through the Kuwaiti desert, and later when they took up residence in a powerless, abandoned building in Baghdad. It told the story of a young man who leaves a lush green world and arrives on the far more dangerous and arid planet of Arrakis, which holds beneath its sands a critical resource for all of the universe’s competing great powers. (“At the time, when people said ‘This is a war for oil,’ I would kind of roll my eyes at them,” he notes regarding the Iraq War. “I don’t roll my eyes about that anymore.”)

The parallels felt uncanny, he remembers. As the call to prayer rose up around him one afternoon in that darkened building in Iraq’s capital, he says he sensed a connection to Dune

Read the full story...

5 Minute DevOps: Continuous Delivery FAQ' | Medium / Bryan Finster

2021-11-12 Captains Log - JupiterOneThere are many misconceptions about CD. There are also many things about CD that are not obvious on the surface. If you are “CD curious”, perhaps this will help.

Build and deploy automation are important. Test automation is even more important. It takes people, process, and automation to execute CD. Automation is about 10% of the CD problem though.

Continuous delivery is continuous product development and continuous quality feedback. The robots enable us to standardize and accelerate delivery to reduce the cost and improve the safety of change. This makes it viable for us to deliver very small changes to get feedback on quality immediately. People frequently underestimate the definition of “small”.

Read the full story...


Captain's Log, Stardate is an ongoing series, published every Friday, highlighting interesting cyber news from the past week. To continue the discussion on any of these topics, join us on Slack



Modern Cybersecurity - Hardcopy or Digital - JupiterOne




Posted By Mark Miller

Mark Miller speaks and writes extensively on DevOps and Security, hosting panel discussions on tools and processes within the DevOps Software Supply Chain.

Mark actively participates in the DevOps/DevSecOps community by building DevSecOps tracks at security conferences such as RSA Conference, InfoSec Europe, CD Summit, AppSec USA and AppSec EU. He is the Senior Storyteller and Senior Director of Community and Content at JupiterOne.

As well, Mark is Executive Producer of the DevSecOps Podcast Series (300K+ listens), and the Executive Editor of the LinkedIn DevOps Group (124K+ members).

To hear more from Mark, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.


cyber-security 1

Ad Title Placeholder

Lorem ipsum dolor sit amet, consectetur adipiscing elit.