Threat Landscape Briefings
Each edition covers specific attack vectors being observed in the wild — not broad categories, but actual techniques like port-knocking sequences or misconfigured iptables chains.
Stay current with firewall configurations, threat detection patterns, and access control strategies — practical knowledge for people who manage real infrastructure.
Each edition covers specific attack vectors being observed in the wild — not broad categories, but actual techniques like port-knocking sequences or misconfigured iptables chains.
Step-by-step breakdowns of real firewall configurations — explaining not just the what, but why a particular nftables policy was structured that way and what alternatives were considered.
Short, focused scenarios with defined constraints — diagnose a broken ACL in under 15 minutes, or audit an ingress ruleset against a given policy document. Practical skills built incrementally.
Summaries of how major frameworks — ISO 27001, NIST, CIS Controls — are being updated, with notes on which firewall-specific clauses have changed and what that means for audit readiness.
A consistent focus on firewall management — from perimeter rules to zero-trust segmentation — across every edition.
Network engineers, sysadmins, and security analysts who work directly with firewall rules — not executives reading about it, but practitioners doing the work. People who know what an egress policy is and want to get better at writing them.
Occasional contributions from Florentyna Kasprzak and Václav Sorel — both with backgrounds in enterprise network security — keep the content grounded in real deployment environments.
Six recurring elements, consistent across every edition of the newsletter.
A real or reconstructed scenario — a misconfigured DMZ, an unexpected outbound connection — that frames the rest of the edition around a concrete problem.
~400 wordsActual rule syntax with inline comments explaining each line's intent, common edge cases, and what happens when the rule is applied to asymmetric traffic.
Code-heavyA shortlist of recently disclosed vulnerabilities relevant to firewall software or adjacent tooling — with notes on affected versions and what mitigation actually looks like at the rule level.
Security-focusedOne tool per edition — not a feature list, but an honest look at where it works well, where it doesn't, and what kinds of environments it actually fits into based on use.
One toolA single, specific command or flag that most people either don't know about or tend to overlook. Explained with context, not just the syntax stripped of meaning.
PracticalOne question from readers, answered in detail. Questions about real problems — log parsing confusion, rule ordering behaviour, NAT asymmetry — get priority over general curiosity.
Community