Giter Site home page Giter Site logo

Connect

Linkedin

Twitter

Plain old email

Gitlab

Github

Substack

Stackoverflow

About.me

Infoq

Hugging Face :)

Selected Presentations/Works at the Internet Engineering Task Force (IETF):

  1. Decentralized Identity - What Lies Ahead of Us: The Open (Interesting) Research Issues

  2. Byzantine Agreement Protocols for Large-Scale Decentralized Identity Management

  3. Applications for Quantum Information Network: Promising Use Cases and its Profound Implications on Existing Internet Applications

Selected Presentations/Works at OWASP Singapore:

  1. Malware Discovered in Popular NPM: Anatomy of Next-Gen Supply Chain Attacks. Tools and Guidelines to Secure Software Packages, Dependencies (NPM, PyPI, Maven, NuGet, Crates and RubyGems) to Guard against Supply Chain Attacks. How to setup Guardrails and not Roadblocks or Gates: Shift Left with Gitops plus integrating Fuzzing into DevSecOps. The importance of having Cloud Infrastructure Entitlements Management (CIEM) to enforce permissions and security identities across workloads and clouds.

  2. Securing the Multi-cloud, Portable, *-Tier Microservice Application: A live demo on Cloud-Native Application Security Platforms: Curiefense, Deepfense, Sysdig, Snyk Code, and Aqua Security Trivy & tfsec

  3. Deconstructing the Solarwinds Supply Chain Attack and Deterring it: Honing in on the Golden SAML Attack Technique

  4. Microservices Security, Container Runtime Security, MITRE ATT&CK® for Kubernetes (K8S) and Service Mesh for Security

  5. How Secure are you APIs? Securing your APIs: OWASP API Top 10 2019, Case Study and Demo

  6. Enabling Zero Trust Architecture (ZTA) with Least-Privilege Identity-Based Micro-segmentation using Service Mesh and Securing Production Identity Framework for Everyone (SPIFFE) (Demo) & Building Secure Software Factory (SSF) to Defend the Digital Cloud-Native Software Supply Chain against attacks: Helpful Cloud-Native Security Checklists and Demo on The Update Framework

  7. Deconstructing the Solarwinds Supply Chain Attack and Deterring it: Honing in on the Golden SAML Attack Technique - At the request of the team, translated to Japanese for Audience in Japan

Selected Presentations+Works on Blockchain/Distributed Ledger Technologies (DLT):

  1. Understanding the Limits and Potential of Blockchain Technology

  2. Presentation to Hyperledger Sweden: Hyperledger Ordering Service: Deep Dive into the Raft Consensus Algorithm

  3. Hyperledger Developer Showcase Series

  4. Decentralized Identity: The Elusive Key to Inclusive Growth

  5. Private Data Collections: A High-Level Overview

  6. Hyperledger Sawtooth, Seth and Truffle 101

Certifications:

  1. Microsoft Certified: Azure Solutions Architect Expert

  2. Microsoft Azure Fundamentals

  3. Microsoft Certified: Security, Compliance, and Identity Fundamentals

  4. AZ-400 Designing and Implementing Microsoft DevOps Solutions

  5. Prisma Certified Cloud Security Engineer

Others:

  1. IEEE Blockchain Technical Briefs Editorial Board

  2. World Blockchain Forum

  3. Bitcoin Magazine Profile

  4. Hyperledger Speakers Bureau

  5. Silliman University National Writers Workshop - 2012 Fellows

  6. Nathan Aw

  7. Chosen to attend National Writers Workshop at Philippines and awarded the Fellowship for writing.

  8. Poetry @ Nathan Aw Substack - Behold the pointless modern man!

Source/References:

https://sg.linkedin.com/in/awnathan

https://twitter.com/nathan_mk_aw

https://gitlab.com/nathanawmk

https://github.com/nathanawmk

https://nathanaw.substack.com/

https://stackoverflow.com/users/8588369/nathan-aw

https://about.me/mingkun.aw

https://datatracker.ietf.org/meeting/103/materials/slides-103-dinrg-decentralized-identity-01

https://datatracker.ietf.org/meeting/104/materials/slides-104-dinrg-byzantine-agreement-protocols-for-large-scale-decentralized-identity-management-01

https://datatracker.ietf.org/meeting/interim-2020-qirg-01/materials/slides-interim-2020-qirg-01-sessa-applications-for-quantum-information-network

https://github.com/OWASP/www-chapter-singapore/raw/master/assets/presos/Securing_Multi_cloud_Portable_Tier_Microservices_Applications_A_live_demo_on_cloud_native_application_security_platforms.pdf

https://owasp.org/www-chapter-singapore/assets/presos/Deconstructing_the_Solarwinds_Supply_Chain_Attack_and_Deterring_it_Honing_in_on_the_Golden_SAML_Attack_Technique.pdf

https://owasp.org/www-chapter-singapore/assets/presos/Microservices%20Security%2C%20Container%20Runtime%20Security%2C%20MITRE%20ATT%26CK%C2%AE%20%20for%20Kubernetes%20(K8S)%20and%20Service%20Mesh%20for%20Security.pdf

https://owasp.org/www-chapter-singapore/assets/presos/Securing_your_APIs_-_OWASP_API_Top_10_2019,_Real-life_Case.pdf

https://owasp.org/www-chapter-singapore/assets/presos/Securing_Production_Identity_Framework_for_Everyone_(SPIFFE),_Building_End_to_End_Secure_Software_Factory_and_Protecting_Cloud-Native_Supply_Chain_Helpful_Cloud-Native_Security_Checklists_and_Demo_on_SPIFFE_and_Not.pdf

https://www.nasdaq.com/articles/guest-post%3A-understanding-the-limits-and-potential-of-blockchain-technology-2017-11-09

https://www.youtube.com/watch?v=GN_6dEcDsAQ

https://www.hyperledger.org/blog/2017/12/05/developer-showcase-series-nathan-aw-ntt-data

https://blockchain.ieee.org/technicalbriefs/editorial-board#nathan-aw

https://twitter.com/hyperledger/status/1143898717419921409

https://bitcoinmagazine.com/authors/nathan-aw

https://www.hyperledger.org/participate/speakersbureau

https://wiki.hyperledger.org/download/attachments/2392948/Decentralized%20Digital%20Identity_%20%20The%20Elusive%20Key%20to%20Inclusive%20Growth%20%281%29_FINAL.pptx

http://nathan-mk-aw.s3-website-ap-southeast-1.amazonaws.com/

https://en.wikipedia.org/wiki/Silliman_National_Writers_Workshop

https://owasp.org/www-chapter-singapore/assets/presos/Supply_Chain_Security_Securing_your_NPM,_PyPI,_Maven_and_Crates_(Rust),_Shift_Left_with_Gitops_and_Software_Fuzzing.pdf

https://www.credly.com/badges/38edcb62-9339-48a5-a500-4fa44199e04f

https://www.credly.com/badges/1df3e0be-2b1b-4ed4-8df0-9f2488168c99

https://www.credly.com/badges/cae19203-4eb1-4ae0-8e99-a1b2b3852eab

https://www.credly.com/badges/d55cd8db-2147-4f22-acd6-f11611fd71d5

https://www.certmetrics.com/paloaltonetworks/public/badge.aspx?i=37&t=c&d=2022-01-23&ci=PAN00218757

https://www.meetup.com/singapore-owasp-meetup-group/events/281710523/

https://www.meetup.com/singapore-owasp-meetup-group/events/280590027/

https://www.meetup.com/singapore-owasp-meetup-group/events/279796090/

https://www.meetup.com/singapore-owasp-meetup-group/events/276259224/

https://news.smu.edu.sg/news/2012/05/21/onward-next-50

https://nathanaw.substack.com/p/behold-the-pointless-modern-man

Nathan Aw's Projects

rekor icon rekor

Software Supply Chain Transparency Log

rio icon rio

Application Deployment Engine for Kubernetes

rke icon rke

Rancher Kubernetes Engine (RKE), an extremely simple, lightning fast Kubernetes distribution that runs entirely within containers.

rocksdb icon rocksdb

A library that provides an embeddable, persistent key-value store for fast storage.

rook icon rook

Storage Orchestration for Kubernetes

sast-scan icon sast-scan

Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!

schemahero icon schemahero

A Kubernetes operator for declarative database schema management (gitops for database schemas)

scope icon scope

Monitoring, visualisation & management for Docker & Kubernetes

scorecard icon scorecard

Security Scorecards - Security health metrics for Open Source

seal icon seal

Microsoft SEAL is an easy-to-use and powerful homomorphic encryption library.

secor icon secor

Secor is a service implementing Kafka log persistence

securing-ethereum-quorum-in-enterprise-environment icon securing-ethereum-quorum-in-enterprise-environment

Securing Ethereum/Quorum Nodes correctly and adequately is critical to ensuring the integrity of the blockchain. i.e., Poor configuration of Geth could result in increased attack surface leading to malware compromising geth nodes. The rest is history. This paper proposes a secure, end to end and holistic network architecture which secures the geth nodes from unwanted access.

seep.jl icon seep.jl

Seep.jl: a tensor flow like library for Julia

shimit icon shimit

A tool that implements the Golden SAML attack

sidetree icon sidetree

Sidetree Specification and Reference Implementation

sigstore icon sigstore

Common go library shared across sigstore services and clients

simp icon simp

A system automation and configuration management stack targeted toward operational flexibility and policy compliance.

skcodecfuzzer icon skcodecfuzzer

Fuzzing harness for testing proprietary image codecs supported by Skia on Android

skills-service icon skills-service

SkillTree is a micro-learning gamification platform supporting the rapid integration of a gamified tool training approach into new and existing applications.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.