What Is Zero Trust

This is the first post of a series that attempts to discuss Zero Trust in security from a conceptual and implementation perspective.

<span title='2020-10-31 00:00:00 +0000 UTC'>October 31, 2020</span>&nbsp;·&nbsp;3 min&nbsp;·&nbsp;David Xiao

Explain Border Gateway Protocol in 5 Minutes

This post attempts to explain the Border Gateway Protocol in plain English: what it is; how it works at a high level and some of the threats from a security perspective.

<span title='2020-10-30 00:00:00 +0000 UTC'>October 30, 2020</span>&nbsp;·&nbsp;4 min&nbsp;·&nbsp;David Xiao

IoT Security

IoT security is a relatively new area that presents its own unique challenges. This post discusses some of the security risks and possible solutions.

<span title='2020-10-29 00:00:00 +0000 UTC'>October 29, 2020</span>&nbsp;·&nbsp;1 min&nbsp;·&nbsp;David Xiao


The OWASP Top 10 represents a broad consensus about the most common and critical security risks to web applications. It can be used as reference for web application security.

<span title='2020-10-13 00:00:00 +0000 UTC'>October 13, 2020</span>&nbsp;·&nbsp;7 min&nbsp;·&nbsp;David Xiao

Diffie-Hellman Key Exchange in a Nutshell

DH key exchange is a critical component in virtually every PKI implementation. Having a working knowledge of what it is and how it works would help in understanding PKI as a whole.

<span title='2020-10-12 00:00:00 +0000 UTC'>October 12, 2020</span>&nbsp;·&nbsp;1 min&nbsp;·&nbsp;David Xiao