system hardening – Kevin Wells

HOME
Skills & Experience
Current Threats & Trends
Articles
- Identity & Access Management (IAM)Secure access with SSH keys, sudo, PAM, and cloud IAM roles.
- Automation & MonitoringStreamline operations with Ansible workflows, logging pipelines, and proactive monitoring.
- Backups & DRProtect data and maintain continuity with resilient backup and recovery strategies.
- Cloud SecurityDefend AWS and hybrid environments with strong identity, policy, and monitoring controls.
- AI SecurityPractical security engineering for LLMs and autonomous agents – risks, controls, architectures, and incident playbooks.
- System HardeningSecure Linux systems through patching, CIS benchmarks, and OS lockdown.
- Tools & CheatsheetsPractical quick-reference guides for Linux and cloud security administrators.
Lab Projects
Resources
About
Contact

Securing Your LangGraph Dev System – Immediate Hardening Steps

September 30, 2025September 30, 2025 by Admin

Take the following essential steps now to secure your LangGraph AI server, adding the optional measures when relevant. By Kevin Wells Applies to the runbook at: A Beginners Guide to Running LangGraph Agentic AI in Docker Localhost only Docker + Compose Non-root container user Read-only root filesystem Date: 2025-09-30 Contents: Essential – do these now … Read more

Safer rm on Linux: a Practical Ring-Fence that Doesn’t Break Automation

September 29, 2025September 29, 2025 by Admin

Author: Kevin Wells – Tested on: Ubuntu 24.04 LTS (Debian/Ubuntu family) Applies to human interactive shells (user, sudo, root). Automation is intentionally left untouched. Contents Executive summary Design goals Quick start How it works Usage discipline Helper for scripts that “empty” a directory Operational testing checklist Troubleshooting Uninstall / rollback Change history Executive summary If … Read more