gleicon
@gleicon.bsky.social
I write about tech: The CTO Field Guide - https://ctofieldguide.com | Engineering, leadership. http://gleicon.substack.com | code: http://github.com/gleicon
I've just released my book goforgophers.com. It is a self published book based on the experience of helping teams to adopt Go as their main language with chapters that progressively add context until we implement a simple key/value memcached protocol based db.
Go for Gophers
goforgophers.com
June 4, 2025 at 5:38 PM
I've just released my book goforgophers.com. It is a self published book based on the experience of helping teams to adopt Go as their main language with chapters that progressively add context until we implement a simple key/value memcached protocol based db.
Reposted by gleicon
Three Trail of Bits engineers audited core Go cryptography for a month and found only one low-sev security issue... in unsupported Go+BoringCrypto! 🍾
Years of efforts on testing, limiting complexity, safe APIs, and readability have paid off! ✨
Yes I am taking a victory lap. No I am not sorry. 🏆
Years of efforts on testing, limiting complexity, safe APIs, and readability have paid off! ✨
Yes I am taking a victory lap. No I am not sorry. 🏆
Go Cryptography Security Audit
Go's cryptography libraries underwent an audit by Trail of Bits. Read more about the scope and results.
go.dev
May 19, 2025 at 7:08 PM
Three Trail of Bits engineers audited core Go cryptography for a month and found only one low-sev security issue... in unsupported Go+BoringCrypto! 🍾
Years of efforts on testing, limiting complexity, safe APIs, and readability have paid off! ✨
Yes I am taking a victory lap. No I am not sorry. 🏆
Years of efforts on testing, limiting complexity, safe APIs, and readability have paid off! ✨
Yes I am taking a victory lap. No I am not sorry. 🏆
Supply chain attacks on AI IDEs and copilots like Cursor can be mitigated by leveraging github.com/gleicon/mcp-osv as an IDE agent for scanning new dependencies.
thehackernews.com/2025/05/mali...
thehackernews.com/2025/05/mali...
GitHub - gleicon/mcp-osv: A MCP (Model Context Protocol) server to allow code security reviews using https://osv.dev (Open Source Vulnerabilities Database)
A MCP (Model Context Protocol) server to allow code security reviews using https://osv.dev (Open Source Vulnerabilities Database) - gleicon/mcp-osv
github.com
May 13, 2025 at 12:38 PM
Supply chain attacks on AI IDEs and copilots like Cursor can be mitigated by leveraging github.com/gleicon/mcp-osv as an IDE agent for scanning new dependencies.
thehackernews.com/2025/05/mali...
thehackernews.com/2025/05/mali...
www.theregister.com/2025/04/12/a...
For cursor and other MCP enabled IDEs OSV (osv.dev from google) can help prevent supply chain attacks: github.com/gleicon/mcp-osv
For cursor and other MCP enabled IDEs OSV (osv.dev from google) can help prevent supply chain attacks: github.com/gleicon/mcp-osv
AI code suggestions sabotage software supply chain
: Hallucinated package names fuel 'slopsquatting'
www.theregister.com
April 14, 2025 at 1:33 PM
www.theregister.com/2025/04/12/a...
For cursor and other MCP enabled IDEs OSV (osv.dev from google) can help prevent supply chain attacks: github.com/gleicon/mcp-osv
For cursor and other MCP enabled IDEs OSV (osv.dev from google) can help prevent supply chain attacks: github.com/gleicon/mcp-osv
Got "we have to do our planning"`ed ? No worries, here's my toolbox open.substack.com/pub/gleicon/...
Planning toolbox
Going from 0 to a plan
open.substack.com
January 17, 2025 at 1:10 PM
Got "we have to do our planning"`ed ? No worries, here's my toolbox open.substack.com/pub/gleicon/...
Starting up security - a collection of essays scrty.io - The hardest decision for tech companies is to pick where to start, the most common is to start by what the big customers questionnaires are requiring.
Starting Up Security
A collection of information security essays and links to help growing teams with risk.
scrty.io
October 17, 2024 at 1:24 AM
Starting up security - a collection of essays scrty.io - The hardest decision for tech companies is to pick where to start, the most common is to start by what the big customers questionnaires are requiring.
October 14, 2023 at 1:08 AM
Is this thing on ? Check out ctofieldguide.com for my book and gleicon.substack.com for stuff I write semi-regularly
The CTO Field Guide
ctofieldguide.com
October 14, 2023 at 1:02 AM
Is this thing on ? Check out ctofieldguide.com for my book and gleicon.substack.com for stuff I write semi-regularly