Skip to content
View nathanawmk's full-sized avatar
😀
Hello! https://sg.linkedin.com/in/awnathan
😀
Hello! https://sg.linkedin.com/in/awnathan
35 followers · 71 following

Achievements

Achievement: Arctic Code Vault ContributorAchievement: Pull Shark
BetaSend feedback

Achievements

Achievement: Arctic Code Vault ContributorAchievement: Pull Shark
BetaSend feedback
Block or Report

Block or report nathanawmk

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
nathanawmk/README.md

Connect

Linkedin

Twitter

Plain old email

Gitlab

Github

Substack

Stackoverflow

About.me

Infoq

Hugging Face :)

Selected Presentations/Works at the Internet Engineering Task Force (IETF):

  1. Decentralized Identity - What Lies Ahead of Us: The Open (Interesting) Research Issues

  2. Byzantine Agreement Protocols for Large-Scale Decentralized Identity Management

  3. Applications for Quantum Information Network: Promising Use Cases and its Profound Implications on Existing Internet Applications

Selected Presentations/Works at OWASP Singapore:

  1. Malware Discovered in Popular NPM: Anatomy of Next-Gen Supply Chain Attacks. Tools and Guidelines to Secure Software Packages, Dependencies (NPM, PyPI, Maven, NuGet, Crates and RubyGems) to Guard against Supply Chain Attacks. How to setup Guardrails and not Roadblocks or Gates: Shift Left with Gitops plus integrating Fuzzing into DevSecOps. The importance of having Cloud Infrastructure Entitlements Management (CIEM) to enforce permissions and security identities across workloads and clouds.

  2. Securing the Multi-cloud, Portable, *-Tier Microservice Application: A live demo on Cloud-Native Application Security Platforms: Curiefense, Deepfense, Sysdig, Snyk Code, and Aqua Security Trivy & tfsec

  3. Deconstructing the Solarwinds Supply Chain Attack and Deterring it: Honing in on the Golden SAML Attack Technique

  4. Microservices Security, Container Runtime Security, MITRE ATT&CK® for Kubernetes (K8S) and Service Mesh for Security

  5. How Secure are you APIs? Securing your APIs: OWASP API Top 10 2019, Case Study and Demo

  6. Enabling Zero Trust Architecture (ZTA) with Least-Privilege Identity-Based Micro-segmentation using Service Mesh and Securing Production Identity Framework for Everyone (SPIFFE) (Demo) & Building Secure Software Factory (SSF) to Defend the Digital Cloud-Native Software Supply Chain against attacks: Helpful Cloud-Native Security Checklists and Demo on The Update Framework

  7. Deconstructing the Solarwinds Supply Chain Attack and Deterring it: Honing in on the Golden SAML Attack Technique - At the request of the team, translated to Japanese for Audience in Japan

Selected Presentations+Works on Blockchain/Distributed Ledger Technologies (DLT):

  1. Understanding the Limits and Potential of Blockchain Technology

  2. Presentation to Hyperledger Sweden: Hyperledger Ordering Service: Deep Dive into the Raft Consensus Algorithm

  3. Hyperledger Developer Showcase Series

  4. Decentralized Identity: The Elusive Key to Inclusive Growth

  5. Private Data Collections: A High-Level Overview

  6. Hyperledger Sawtooth, Seth and Truffle 101

Certifications:

  1. Microsoft Certified: Azure Solutions Architect Expert

  2. Microsoft Azure Fundamentals

  3. Microsoft Certified: Security, Compliance, and Identity Fundamentals

  4. AZ-400 Designing and Implementing Microsoft DevOps Solutions

  5. Prisma Certified Cloud Security Engineer

Others:

  1. IEEE Blockchain Technical Briefs Editorial Board

  2. World Blockchain Forum

  3. Bitcoin Magazine Profile

  4. Hyperledger Speakers Bureau

  5. Silliman University National Writers Workshop - 2012 Fellows

  6. Nathan Aw

  7. Chosen to attend National Writers Workshop at Philippines and awarded the Fellowship for writing.

  8. Poetry @ Nathan Aw Substack - Behold the pointless modern man!

Source/References:

https://sg.linkedin.com/in/awnathan

https://twitter.com/nathan_mk_aw

https://gitlab.com/nathanawmk

https://github.com/nathanawmk

https://nathanaw.substack.com/

https://stackoverflow.com/users/8588369/nathan-aw

https://about.me/mingkun.aw

https://datatracker.ietf.org/meeting/103/materials/slides-103-dinrg-decentralized-identity-01

https://datatracker.ietf.org/meeting/104/materials/slides-104-dinrg-byzantine-agreement-protocols-for-large-scale-decentralized-identity-management-01

https://datatracker.ietf.org/meeting/interim-2020-qirg-01/materials/slides-interim-2020-qirg-01-sessa-applications-for-quantum-information-network

https://github.com/OWASP/www-chapter-singapore/raw/master/assets/presos/Securing_Multi_cloud_Portable_Tier_Microservices_Applications_A_live_demo_on_cloud_native_application_security_platforms.pdf

https://owasp.org/www-chapter-singapore/assets/presos/Deconstructing_the_Solarwinds_Supply_Chain_Attack_and_Deterring_it_Honing_in_on_the_Golden_SAML_Attack_Technique.pdf

https://owasp.org/www-chapter-singapore/assets/presos/Microservices%20Security%2C%20Container%20Runtime%20Security%2C%20MITRE%20ATT%26CK%C2%AE%20%20for%20Kubernetes%20(K8S)%20and%20Service%20Mesh%20for%20Security.pdf

https://owasp.org/www-chapter-singapore/assets/presos/Securing_your_APIs_-_OWASP_API_Top_10_2019,_Real-life_Case.pdf

https://owasp.org/www-chapter-singapore/assets/presos/Securing_Production_Identity_Framework_for_Everyone_(SPIFFE),_Building_End_to_End_Secure_Software_Factory_and_Protecting_Cloud-Native_Supply_Chain_Helpful_Cloud-Native_Security_Checklists_and_Demo_on_SPIFFE_and_Not.pdf

https://www.nasdaq.com/articles/guest-post%3A-understanding-the-limits-and-potential-of-blockchain-technology-2017-11-09

https://www.youtube.com/watch?v=GN_6dEcDsAQ

https://www.hyperledger.org/blog/2017/12/05/developer-showcase-series-nathan-aw-ntt-data

https://blockchain.ieee.org/technicalbriefs/editorial-board#nathan-aw

https://twitter.com/hyperledger/status/1143898717419921409

https://bitcoinmagazine.com/authors/nathan-aw

https://www.hyperledger.org/participate/speakersbureau

https://wiki.hyperledger.org/download/attachments/2392948/Decentralized%20Digital%20Identity_%20%20The%20Elusive%20Key%20to%20Inclusive%20Growth%20%281%29_FINAL.pptx

http://nathan-mk-aw.s3-website-ap-southeast-1.amazonaws.com/

https://en.wikipedia.org/wiki/Silliman_National_Writers_Workshop

https://owasp.org/www-chapter-singapore/assets/presos/Supply_Chain_Security_Securing_your_NPM,_PyPI,_Maven_and_Crates_(Rust),_Shift_Left_with_Gitops_and_Software_Fuzzing.pdf

https://www.credly.com/badges/38edcb62-9339-48a5-a500-4fa44199e04f

https://www.credly.com/badges/1df3e0be-2b1b-4ed4-8df0-9f2488168c99

https://www.credly.com/badges/cae19203-4eb1-4ae0-8e99-a1b2b3852eab

https://www.credly.com/badges/d55cd8db-2147-4f22-acd6-f11611fd71d5

https://www.certmetrics.com/paloaltonetworks/public/badge.aspx?i=37&t=c&d=2022-01-23&ci=PAN00218757

https://www.meetup.com/singapore-owasp-meetup-group/events/281710523/

https://www.meetup.com/singapore-owasp-meetup-group/events/280590027/

https://www.meetup.com/singapore-owasp-meetup-group/events/279796090/

https://www.meetup.com/singapore-owasp-meetup-group/events/276259224/

https://news.smu.edu.sg/news/2012/05/21/onward-next-50

https://nathanaw.substack.com/p/behold-the-pointless-modern-man

Popular repositories

  1. top-10-cicd-security-risks top-10-cicd-security-risks Public

    Forked from cider-security-research/top-10-cicd-security-risks

    3 1

  2. Blockchain-as-the-new-Middleware-PaaS Blockchain-as-the-new-Middleware-PaaS Public

    Blockchain can and should be the next middleware and/or Platform as a Service (PaaS) layer due to its decentralised nature.

    1

  3. enterprise-blockchain-enterprise-datawarehouse enterprise-blockchain-enterprise-datawarehouse Public

    https://ethereum.stackexchange.com/questions/52953/does-enterprise-ethereum-i-e-quorum-has-the-ability-to-be-the-enterprise-dat

    Roff 1

  4. owasp owasp Public

    owasp

    Java 1

  5. microservices-demo microservices-demo Public

    Forked from GoogleCloudPlatform/microservices-demo

    Sample cloud-native application with 10 microservices showcasing Kubernetes, Istio, gRPC and OpenCensus.

    Python 1

  6. Sparrow Sparrow Public

    Forked from cisagov/Sparrow

    Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.

    PowerShell 1