Git Product home page Git Product logo

Connect

Linkedin

Twitter

Plain old email

Gitlab

Github

Substack

Stackoverflow

About.me

Infoq

Hugging Face :)

Selected Presentations/Works at the Internet Engineering Task Force (IETF):

  1. Decentralized Identity - What Lies Ahead of Us: The Open (Interesting) Research Issues

  2. Byzantine Agreement Protocols for Large-Scale Decentralized Identity Management

  3. Applications for Quantum Information Network: Promising Use Cases and its Profound Implications on Existing Internet Applications

Selected Presentations/Works at OWASP Singapore:

  1. Malware Discovered in Popular NPM: Anatomy of Next-Gen Supply Chain Attacks. Tools and Guidelines to Secure Software Packages, Dependencies (NPM, PyPI, Maven, NuGet, Crates and RubyGems) to Guard against Supply Chain Attacks. How to setup Guardrails and not Roadblocks or Gates: Shift Left with Gitops plus integrating Fuzzing into DevSecOps. The importance of having Cloud Infrastructure Entitlements Management (CIEM) to enforce permissions and security identities across workloads and clouds.

  2. Securing the Multi-cloud, Portable, *-Tier Microservice Application: A live demo on Cloud-Native Application Security Platforms: Curiefense, Deepfense, Sysdig, Snyk Code, and Aqua Security Trivy & tfsec

  3. Deconstructing the Solarwinds Supply Chain Attack and Deterring it: Honing in on the Golden SAML Attack Technique

  4. Microservices Security, Container Runtime Security, MITRE ATT&CK® for Kubernetes (K8S) and Service Mesh for Security

  5. How Secure are you APIs? Securing your APIs: OWASP API Top 10 2019, Case Study and Demo

  6. Enabling Zero Trust Architecture (ZTA) with Least-Privilege Identity-Based Micro-segmentation using Service Mesh and Securing Production Identity Framework for Everyone (SPIFFE) (Demo) & Building Secure Software Factory (SSF) to Defend the Digital Cloud-Native Software Supply Chain against attacks: Helpful Cloud-Native Security Checklists and Demo on The Update Framework

  7. Deconstructing the Solarwinds Supply Chain Attack and Deterring it: Honing in on the Golden SAML Attack Technique - At the request of the team, translated to Japanese for Audience in Japan

Selected Presentations+Works on Blockchain/Distributed Ledger Technologies (DLT):

  1. Understanding the Limits and Potential of Blockchain Technology

  2. Presentation to Hyperledger Sweden: Hyperledger Ordering Service: Deep Dive into the Raft Consensus Algorithm

  3. Hyperledger Developer Showcase Series

  4. Decentralized Identity: The Elusive Key to Inclusive Growth

  5. Private Data Collections: A High-Level Overview

  6. Hyperledger Sawtooth, Seth and Truffle 101

Certifications:

  1. Microsoft Certified: Azure Solutions Architect Expert

  2. Microsoft Azure Fundamentals

  3. Microsoft Certified: Security, Compliance, and Identity Fundamentals

  4. AZ-400 Designing and Implementing Microsoft DevOps Solutions

  5. Prisma Certified Cloud Security Engineer

Others:

  1. IEEE Blockchain Technical Briefs Editorial Board

  2. World Blockchain Forum

  3. Bitcoin Magazine Profile

  4. Hyperledger Speakers Bureau

  5. Silliman University National Writers Workshop - 2012 Fellows

  6. Nathan Aw

  7. Chosen to attend National Writers Workshop at Philippines and awarded the Fellowship for writing.

  8. Poetry @ Nathan Aw Substack - Behold the pointless modern man!

Source/References:

https://sg.linkedin.com/in/awnathan

https://twitter.com/nathan_mk_aw

https://gitlab.com/nathanawmk

https://github.com/nathanawmk

https://nathanaw.substack.com/

https://stackoverflow.com/users/8588369/nathan-aw

https://about.me/mingkun.aw

https://datatracker.ietf.org/meeting/103/materials/slides-103-dinrg-decentralized-identity-01

https://datatracker.ietf.org/meeting/104/materials/slides-104-dinrg-byzantine-agreement-protocols-for-large-scale-decentralized-identity-management-01

https://datatracker.ietf.org/meeting/interim-2020-qirg-01/materials/slides-interim-2020-qirg-01-sessa-applications-for-quantum-information-network

https://github.com/OWASP/www-chapter-singapore/raw/master/assets/presos/Securing_Multi_cloud_Portable_Tier_Microservices_Applications_A_live_demo_on_cloud_native_application_security_platforms.pdf

https://owasp.org/www-chapter-singapore/assets/presos/Deconstructing_the_Solarwinds_Supply_Chain_Attack_and_Deterring_it_Honing_in_on_the_Golden_SAML_Attack_Technique.pdf

https://owasp.org/www-chapter-singapore/assets/presos/Microservices%20Security%2C%20Container%20Runtime%20Security%2C%20MITRE%20ATT%26CK%C2%AE%20%20for%20Kubernetes%20(K8S)%20and%20Service%20Mesh%20for%20Security.pdf

https://owasp.org/www-chapter-singapore/assets/presos/Securing_your_APIs_-_OWASP_API_Top_10_2019,_Real-life_Case.pdf

https://owasp.org/www-chapter-singapore/assets/presos/Securing_Production_Identity_Framework_for_Everyone_(SPIFFE),_Building_End_to_End_Secure_Software_Factory_and_Protecting_Cloud-Native_Supply_Chain_Helpful_Cloud-Native_Security_Checklists_and_Demo_on_SPIFFE_and_Not.pdf

https://www.nasdaq.com/articles/guest-post%3A-understanding-the-limits-and-potential-of-blockchain-technology-2017-11-09

https://www.youtube.com/watch?v=GN_6dEcDsAQ

https://www.hyperledger.org/blog/2017/12/05/developer-showcase-series-nathan-aw-ntt-data

https://blockchain.ieee.org/technicalbriefs/editorial-board#nathan-aw

https://twitter.com/hyperledger/status/1143898717419921409

https://bitcoinmagazine.com/authors/nathan-aw

https://www.hyperledger.org/participate/speakersbureau

https://wiki.hyperledger.org/download/attachments/2392948/Decentralized%20Digital%20Identity_%20%20The%20Elusive%20Key%20to%20Inclusive%20Growth%20%281%29_FINAL.pptx

http://nathan-mk-aw.s3-website-ap-southeast-1.amazonaws.com/

https://en.wikipedia.org/wiki/Silliman_National_Writers_Workshop

https://owasp.org/www-chapter-singapore/assets/presos/Supply_Chain_Security_Securing_your_NPM,_PyPI,_Maven_and_Crates_(Rust),_Shift_Left_with_Gitops_and_Software_Fuzzing.pdf

https://www.credly.com/badges/38edcb62-9339-48a5-a500-4fa44199e04f

https://www.credly.com/badges/1df3e0be-2b1b-4ed4-8df0-9f2488168c99

https://www.credly.com/badges/cae19203-4eb1-4ae0-8e99-a1b2b3852eab

https://www.credly.com/badges/d55cd8db-2147-4f22-acd6-f11611fd71d5

https://www.certmetrics.com/paloaltonetworks/public/badge.aspx?i=37&t=c&d=2022-01-23&ci=PAN00218757

https://www.meetup.com/singapore-owasp-meetup-group/events/281710523/

https://www.meetup.com/singapore-owasp-meetup-group/events/280590027/

https://www.meetup.com/singapore-owasp-meetup-group/events/279796090/

https://www.meetup.com/singapore-owasp-meetup-group/events/276259224/

https://news.smu.edu.sg/news/2012/05/21/onward-next-50

https://nathanaw.substack.com/p/behold-the-pointless-modern-man

Nathan Aw's Projects

tyk icon tyk

Tyk Open Source API Gateway written in Go, supporting REST, GraphQL, TCP and gRPC protocols

using-blockchain-to-establish-software-provenance-thereby-securing-open-source-software-supply-chain icon using-blockchain-to-establish-software-provenance-thereby-securing-open-source-software-supply-chain

Establishing provenance in open source software has always been a challenge due to its fundamental nature of distributed contributions. Leveraging the attributes of blockchain/distributed ledger - transparency and provenance - it is now possible to establish the provenance of open source software thereby securing the open source software supply chain. For example, CI/CD workflows can be deployed as smart contracts on a blockchain. The process of signing and verifying of software artifacts can also be achieved through the use of smart contracts on the blockchain. This is a work in progress.

v6d icon v6d

vineyard (v6d): an in-memory immutable data manager. (Project under CNCF)

vagrant icon vagrant

Vagrant is a tool for building and distributing development environments.

valhalla icon valhalla

Open Source Routing Engine for OpenStreetMap

vault icon vault

A tool for secrets management, encryption as a service, and privileged access management

verdaccio icon verdaccio

📦🔐A lightweight private proxy registry build in Node.js

virtual-kubelet icon virtual-kubelet

Virtual Kubelet is an open source Kubernetes kubelet implementation.

vitess icon vitess

Vitess is a database clustering system for horizontal scaling of MySQL.

volcano icon volcano

A Kubernetes Native Batch System (Project under CNCF)

vue-tagsinput icon vue-tagsinput

A simple tags input with typeahead (autocomplete) built with Vue.js 2.

vulcan icon vulcan

A web application to streamline the development of STIGs from SRGs

wagi icon wagi

Write HTTP handlers in WebAssembly with a minimal amount of work

wasi icon wasi

WebAssembly System Interface

wasm3 icon wasm3

🚀 The fastest WebAssembly interpreter, and the most universal runtime

wasmcloud icon wasmcloud

wasmCloud is a universal host runtime for actors built with WebAssembly and capability providers

wasmedge icon wasmedge

WasmEdge Runtime is a high-performance, extensible, and hardware optimized WebAssembly Virtual Machine for automotive, cloud, AI, and blockchain applications.

wasmtime icon wasmtime

Standalone JIT-style runtime for WebAssembly, using Cranelift

weave icon weave

Simple, resilient multi-host containers networking and more.

weggli icon weggli

weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interesting functionality in large codebases.

wg-best-practices-os-developers icon wg-best-practices-os-developers

The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.