#security (2019-06)

Archive: https://archive.sweetops.com/security/

2019-06-28

2019-06-27

imiltchman avatar
imiltchman

Is anybody using an IDS/IPS solution in their AWS environment?

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

We are currently implementing the whole suite of AWS security related products. Macie, GuardDuty, CIS Foundations with CFN, AWS Config with aggregation, AWS Inspector, AWS Security Hub

chrism avatar
chrism

We use inspector/guard duty/watch/etc, configs pricings off-putting

imiltchman avatar
imiltchman

Thanks. Have you guys heard of Security Onion? Looks like an interesting option and the new VPC mirroring should help with setting it up

imiltchman avatar
imiltchman

AFAIK Guard Duty does not fully qualify as IDS/IPS

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
:100:3
:--1:2
Alex Siegman avatar
Alex Siegman

Interesting. If it all shows up in cloudtrail, while it won’t be as user friendly as something like teleport, it seems like it’s not a bad substitute if it doesn’t cost an arm and a leg

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Although no kubectl integration -> k8s rbac

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Blaise Pabon avatar
Blaise Pabon


EC2 Instance Connect is now available at no additional cost in US East (Ohio and N. Virginia), US West (N. California and Oregon), Asia Pacific (Mumbai, Seoul, Singapore, Sydney, and Tokyo), Canada (Central), EU (Frankfurt, Ireland, London, and Paris), and South America (São Paulo) AWS regions.

btai avatar

this is nice, had to use https://github.com/Netflix/bless in the past to achieve the same thing

Blaise Pabon avatar
Blaise Pabon

Oh wow @btai: I did not know about Bless. This looks cool!

btai avatar

@Blaise Pabon im not sure its worth the hassle anymore because of ec2 connect

Blaise Pabon avatar
Blaise Pabon

but maybe to use internally between apps? I guess that would be what KMS is for (I’m relatively new to AWS)

2019-06-26

Mike Nock avatar
Mike Nock

“The Chinese government has never in any form participated in or supported any person to carry out the theft of commercial secrets,” it said in a statement to Reuters.

Bahahahahaha, righttttt lol

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
How to Protect Yourself From the New macOS Security Vulnerability attachment image

Mac users take heed: A recently disclosed vulnerability present in the macOS Gatekeeper—otherwise known as the “Cavallarin” exploit—has reportedly been leveraged by adware creators. It’s times like these when we’re reminded of the best advice for keeping your Mac protected from these kinds of issues: When in doubt, install apps from the Mac App Store or trusted third-party sources, not just any ol’ thing you found on the internet.

2019-06-18

2019-06-14

Maciek Strömich avatar
Maciek Strömich
Your Linux Can Get Hacked Just by Opening a File in Vim or Neovim Editor attachment image

Critical Code Execution Flaw (CVE-2019-12735) Found in the Popular Vim and Neovim Linux Editors

1
mrwacky avatar
mrwacky
numirias/security

Some of my security stuff and vulnerabilities. Nothing advanced. More to come. - numirias/security

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Yikes

2019-06-10

Igor Rodionov avatar
Igor Rodionov

2019-06-07

Bogdan avatar
Bogdan

anyone knows a faster way to setup Vault than described in https://github.com/hashicorp/terraform-aws-vault ?

hashicorp/terraform-aws-vault

A Terraform Module for how to run Vault on AWS using Terraform and Packer - hashicorp/terraform-aws-vault

Meb avatar

Fast don’t think so. depend on your target config

    keyboard_arrow_up