I'm a developer and system builder. Currently leading VM scanning at @AikidoSec. Founder of CloudAid. I work primarily in Go, Node.js, and AWS.
I build tools, write about what I learn, and maintain open-source projects in the cloud security and infrastructure space.
| Project | What it does |
|---|---|
| sbomlyze | SBOM analysis & diff for supply-chain security |
| axios4go | Axios-inspired HTTP client for Go |
| go-is-disposable-email | A high-performance Go package for detecting disposable/temporary email addresses |
| go-cloudip | Fast cloud provider IP detection for Go |
| simple-load-balancer | HTTP load balancer in Go using only stdlib |
| cloud-provider-ip-addresses | Daily-updated IP ranges for AWS, GCP, Azure, Cloudflare |
| awesome-security-pipeline | Curated security tools organized by CI/CD stage |
| network-vulnerability-scanner | Network vuln scanner built from scratch in Go |
- Beyond Vulnerability Scanning, How SBOM Diff Exposes Shadow Dependencies in Your Supply Chain
- How to Compare Container SBOMs and Detect Drift
- macOS Hardware Detection with Go
- Build a Terminal System Monitor in Go
- Zero-Config Service Discovery in Go
More at rezmoss.com/blog
I wrote Go at Scale: Patterns for Professional Development on Go patterns covering concurrency, microservices, event-driven architecture, and more. Companion code is here