I run training courses on developer security to broaden their understanding of threat surface from their behaviour, day-to-day tooling, the repositories they work on and broader supply chain. One of the modules covers…
In agreement with frodd above. Dependencies and supply chain attacks are probably the greatest risk to a lot of software orgs, as they run them across all their environments: Development (with secrets and other valuable…
If anyone is looking for a solution in this space. Fire me an email, I have a partner whose focussed closely on that problem set!
Thanks! I actually wrote my master thesis surrounding cyber resilience, and the same week of submission they released their Cyber Action Toolkit (a precursor to Cyber Essentials). I was able to provide them some…
I'm building a training platform for cyber security and secure development practices. Mainly to address the junior to mid engineer gaps of "depth" across general cyber security and software engineering skills. I've…
Call me dumb - I'll take it! But if we really are trying to keep it simple simple... Then you just query from event_receiver_svcX side, for events published > datetime and event_receiver_svcX = FALSE. Once read set to…
It does sound like you've been compromised by an outfit that has got automation to run these types of activities across compromised accounts. A Reddit post[0] from 3 years ago seems to indicate similar activities. Do…
I'm officially off of AWS so don't have any consoles to check against, but back on a laptop. Based on docs and some of the concerns about this happening to someone else, I would probably start with the following: 1.…
Cloudtrail events should be able to demonstrate WHAT created the EC2s. Off the top of my head I think it's the runinstance event.
Cognisant US pricing for the HP Z Book Ultra was astronomical, within the EU it's on par with standard laptops and to good effect. The only regret I have is ordering on release day and not wanting to wait for the 128gb…
I am genuinely curious, as to how this would be a solution for a law practice? How many lawyers are SSH'd into servers? Or am I being ignorant?
Sure then throw Ansible over the top for configuration/change management. Packer gives you a solid base for repeatable deployments. Their model was to ensure that data stays within the VM which a deployed AMI made from…
Vagrant / Packer?
If you want to integrate this into Windows AD look at ADFS[1] and MSAL[2]. Pretty much can give you OIDC from AD, but you'll have to deal with Microsoft licencing :D. [1]…
Up to
Would the easiest route for text be too make your own WebFont in both serif / san-serif which are "blurred/pixelated" to over ride font-family tags in CSS? Then do the remainder of the image blurring in the technique…
Closely related to this! Does anyone know of any good books that would build upon this knowledge as an introduction to integrating RF / the theory of RF circuits, antennae's etc?
Why not look at Packer? I use it quite significantly for creating base VMs. Provisioner scripts can effectively be broken down from the Dockerfile RUN layers as Bash or Powershell scripts. Then output as a vagrant box…
I run training courses on developer security to broaden their understanding of threat surface from their behaviour, day-to-day tooling, the repositories they work on and broader supply chain. One of the modules covers…
In agreement with frodd above. Dependencies and supply chain attacks are probably the greatest risk to a lot of software orgs, as they run them across all their environments: Development (with secrets and other valuable…
If anyone is looking for a solution in this space. Fire me an email, I have a partner whose focussed closely on that problem set!
Thanks! I actually wrote my master thesis surrounding cyber resilience, and the same week of submission they released their Cyber Action Toolkit (a precursor to Cyber Essentials). I was able to provide them some…
I'm building a training platform for cyber security and secure development practices. Mainly to address the junior to mid engineer gaps of "depth" across general cyber security and software engineering skills. I've…
Call me dumb - I'll take it! But if we really are trying to keep it simple simple... Then you just query from event_receiver_svcX side, for events published > datetime and event_receiver_svcX = FALSE. Once read set to…
It does sound like you've been compromised by an outfit that has got automation to run these types of activities across compromised accounts. A Reddit post[0] from 3 years ago seems to indicate similar activities. Do…
I'm officially off of AWS so don't have any consoles to check against, but back on a laptop. Based on docs and some of the concerns about this happening to someone else, I would probably start with the following: 1.…
Cloudtrail events should be able to demonstrate WHAT created the EC2s. Off the top of my head I think it's the runinstance event.
Cognisant US pricing for the HP Z Book Ultra was astronomical, within the EU it's on par with standard laptops and to good effect. The only regret I have is ordering on release day and not wanting to wait for the 128gb…
I am genuinely curious, as to how this would be a solution for a law practice? How many lawyers are SSH'd into servers? Or am I being ignorant?
Sure then throw Ansible over the top for configuration/change management. Packer gives you a solid base for repeatable deployments. Their model was to ensure that data stays within the VM which a deployed AMI made from…
Vagrant / Packer?
If you want to integrate this into Windows AD look at ADFS[1] and MSAL[2]. Pretty much can give you OIDC from AD, but you'll have to deal with Microsoft licencing :D. [1]…
Up to
Would the easiest route for text be too make your own WebFont in both serif / san-serif which are "blurred/pixelated" to over ride font-family tags in CSS? Then do the remainder of the image blurring in the technique…
Closely related to this! Does anyone know of any good books that would build upon this knowledge as an introduction to integrating RF / the theory of RF circuits, antennae's etc?
Why not look at Packer? I use it quite significantly for creating base VMs. Provisioner scripts can effectively be broken down from the Dockerfile RUN layers as Bash or Powershell scripts. Then output as a vagrant box…