I'm Natalie, a DevSecOps engineer and consultant experienced in developer experience and consolidation within a wide array of security-focused environments. I work at the intersection of technology, people, and highly-regulated industries as a Principal Solutions Engineer for Public Sector atChainguard!

1. Using AI to open pull requests for dependency bumps: 👻 It's spooky season, so let's do something a little scary ... give AI a teeny tiny bit of power in one of my projects. I wrote yet another janky workaround for what Dependabot can't do today, now with 🤖 100% more AI! 🤖
2. End-to-end testing for custom GitHub Actions runners in Kubernetes: Expanding test coverage on your actions-runner-controller images is silly easy, once it's been offloaded to ephemeral Kubernetes clusters.
3. Container runtime fun time!: Let's pull apart the key security risks at each layer of the container ecosystem ... now let's look at the risks to our container's runtime.

• Container security -Container Escapes 101 anda gentle intro to container security
• Kubernetes -kubernoodles, self-hosted GitHub Actions runners made for humans
• Linux (mostly RHEL and Ubuntu these days) -fedora-acs-override
• Software development in highly regulated industries (NIST 800-171 and800-172 (CMMC), DoD IL 2-6, but also ITAR and RMF and some FedRAMP and FISMA too)
• Python for the most part, sometimes a bit ofGo, way morebash than I’ll admit to, and I’m still not sure if all that YAML counts
• GitHub Enterprise -enterprise security team,audit and compliance reporting
• but mostly, I work with people on all of the above! 💖

You can find me in our work Slack sharing all sorts of neat things you can do with all that fun stuff and probably find out how I've broken and maybe fixed something too. 😀

• All sorts of handy Raspberry Pi projects, including
  • Kodi set up on a television for local media (build directions)
  • OpenWRT router (build directions)
  • Pi-hole, for DNS and ad-blocking (build directions)
  • Ubiquiti UniFi network controller, inDocker of course
• I'm getting into theFlipper Zero lately - it's so handyand mischievous! (some fun uses)
• Video games in a Windows VM on my Fedora desktop with libvirt, KVM, and a custom Linux kernel to pass hardware to it. It's got about 5% or so performance drop (just looking at frame rates) over a native install. You should check it out -code andwrite-up on how it works.

I have an awesome life outside of tech, so while I have a few projects that I enjoy, nothing above is close to where I spend most of my time / energy. If you need anything of mine above fixed, please feel free to fork it and send me a pull request! ❤️

• 🌱 I’m currently studying to sit for myOSCP certification and learning the ropes at a container security startup.
• 🎤 Public speaking is fun! Check out what I've been up tohere.
• 😄 Pronouns: she/her
• ❓ Looking for my résumé? It'shere, but you can also find some of what I've been up to in my profile. If you want to know about where else I've worked and went to school, you should go toLinkedIn.
• 💬 Want to chat? I'm onMastodon.

PinnedLoading

1. kubernoodleskubernoodlesPublic

   k8s runners for GitHub Actions in the enterprise, made for humans

   Dockerfile 90 19

2. fedora-acs-overridefedora-acs-overridePublic

   Using the ACS override patch for Fedora to split identical hardware in the kernel

   Shell 54 18

3. gitlog-to-csvgitlog-to-csvPublic

   Creates a CSV file of `git log` data, useful for audit reports and other "chain of custody" type reports

   Shell 7

4. advanced-security/ghas-to-csvadvanced-security/ghas-to-csvPublic

   Play with GHAS API to provide posture data over time

   Python 39 18

5. jekyll-in-a-canjekyll-in-a-canPublic

   🧪🥫 - it's Jekyll in a container

   Dockerfile 5 1

6. advanced-security/enterprise-security-teamadvanced-security/enterprise-security-teamPublic

   Manage a uniform team of security managers for every organization in your enterprise

   Python 25 6