GHAS - How to use CodeQL custom queries?

Over the last two years, I have seen a growing awareness when it comes to zero trust computing. When organizations look at zero trust computing, the first thing that comes into mind is getting the infrastructure secure. Assuming breach, ensuring that there are multiple layers of security applied. As an engineer I love seeing this growing awareness. What a lot of organizations seem to forget is that perhaps the most important part of securing its data starts with analyzing the source code of its proprietary software. Continue reading

How to prepare for the Azure Cybersecurity Architect SC-100 exam

Frustration! If one word should describe the learning experience using Microsoft Learn (other words could have been: indigestable, wut?!, uncohesive etcetera). I have never encountered a Microsoft Learning path that was so hard to digest. Then you could ask yourself: “Is the subject that hard?”. It is not the subject, it is the way the self-study was written. In this blog post, I will share the way I prepared for this exam. Continue reading

Project Volterra - Windows Dev Kit 2023 - take 1

At Xpirit we have an Innovation Day multiple times per year. The idea of an Innovation Day is to work on technologies or topics that spark your interest. Anything is allowed, as long as it has nothing to do with any customer assignments. Learning and knowledge sharing is the goal of such a day. At our last Innovation Day in november, I picked up the idea to get some hands on experience with the Windows Dev Kit 2023 also known as Project Volterra. Continue reading

Minikube, a lightweight Kubernetes-to-go!

From time-to-time I find myself tinkering with Kubernetes. I love the idea that I can create any type of workload (e.g. a simple webapp or a backend service), pick it up and put it somewhere else to run. Not having to care if it is in the cloud or on an on-premise cluster. However developing your application, testing its core in a local docker container and then deploying it to kubernetes can sometimes be cumberstone. Continue reading

Real world mocking! Http Service testing in C# using Wiremock.Net

At Xpirit we have a culture of never ending learning. One of the best ways of learning new things, is by doing it. To take the plunge and do the deep dive. In this case my colleague Kristoff Riebbels learned me some new tricks by introducing me into the world of WireMock.Net. Together we wrote a magazine article for Xpirit Magazine #13. In this blog post I want to share this article with you. Continue reading

Just do it! Work on your certifications.

If you asked me 5 years ago if I would do any Microsoft exam, I would have told you that getting certified is something that you need to do at the start of your career. Besides that I would have told you that once your work experience and technical influence increases, you can rely on your seniority. I have to admit that for a long time I could get away with using the correct buzzwords at the correct moment supported by a certain arrogance. Continue reading

Over-The-Air device update - IoT with C#

Developing solutions for IoT devices can be a challenging task, this can also apply for getting a device at its final destination in order to do its job. When time passes by, it is likely that either requirements or conditions are changing and that the device is not capable anymore of doing its job. In other words, it needs to be updated. This is where the real problems may start. In many cases devices are not physically accessible or there are simply too many devices in the field to do manual updates. Continue reading