Automating Cybersecurity Metrics: A series of blog posts on cybersecurity metrics and security automation
~~~~~~~~~~~~~~~~~~~~~~~~
by Teri Radichel #cybersecurity#cloudsecurity#metrics#automation
https://t.co/ki2vWctZ1v
Chronicling my venture into AI here. 🤖 Sept 25 was key post. Started exploring production ready code. Immediately saw pitfalls. Wrote framework and better context. A month later… accomplished a lot. No time to write. Follow @TeriRadichel for updates.
https://t.co/zJegdMJZrb
How do you verify the software on the new network appliance you got is running the most up to date, valid software?
Supply chain security: Updating and verifying firmware offline
~~
Updating UDM Pro Firmware offline prior to connecting to the Internet https://t.co/Po3K2phJxk
I’ve been reviewing the SRP spec because I ran across it on a pentest. The specification is very unclear and the implementation from certain vendors does not appear to match.
~~
Secure Remote Password (SRP)
~~
Considering the value and avoiding pitfalls
https://t.co/8V2w1nnEtl
Using an AWS Managed Prefix List for IP addresses that change
~~
Change all your rules in one place when your IP address changes https://t.co/fXMmT3Pv9J
AWS GuardDuty Adds New Suspicious Shell Creation and Privilege Escalation Findings
~~
New finding types targeted at top security threats on AWS https://t.co/I4WVjbHeli
Create pfSense Aliases To Block API Calls And Data Leaks to Unwanted AWS Regions
~~
What are all those STS calls to Australia, Europe, Asia, and South Africa?
~~
You can do similar with any other cloud provider.
#cybersecurity#network#security#aws https://t.co/emY0uwLBTe
Restoring a pfSense from Netgate After a Factory Reset
~~
Also added Interface Groups and Rules to simplify management
~~
Summarizes a lot of the other posts in one place with limited screenshots. Will test more with UDM Pro in upcoming posts. https://t.co/dSlG7M5wd3
Penetration Test Proposal
~~
What to expect from a penetration test or security assessment proposal from 2nd Sight Lab
~~
#pentest#security#cybersecurity
https://t.co/TlQnnMR7tj
Why CISOs Need Indemnification
~~
What is it and why it matters in light of new SEC rules
~~
I talked to a lawyer who formerly worked for the SEC https://t.co/d7cpiXMApG
Subnets And Routes For a Public NAT
ACM.471 Setting up proper routing to leverage a NAT to reach the Internet on AWS; Avoid traffic dropped due to transitive routing https://t.co/BYJ0n3NJSw
Sending Traffic From pfSense to a Site to Site VPN to a VGW to a NAT in AWS
ACM.470 Another thing Q told me I could do but not allowed https://t.co/AERaT95sL7
Test Sending Traffic From a Load Balancer To A NAT Gateway
ACM.469 Spoiler Alert: Q told me I could do this but I can’t :( but this might help someone trying to set up a network load balancer https://t.co/Fjeag84niX
Creating an AWS Site to Site VPN for pfSense with a Virtual Private Gateway
ACM.468 Configuring specific encryption options to prevent downgrade attacks
#cybersecurity#aws#pfsense https://t.co/7jjXSyc0lf
Creating an AWS Site to Site VPN for pfSense with a Virtual Private Gateway
ACM.468 Configuring specific encryption options to prevent downgrade attacks https://t.co/7jjXSyc0lf
Calculating the Cost of An AWS Architecture plus a Region Security Warning
ACM.467 Looking at the cost of an AWS private network that sends data from a Site to Site VPN to a Transit Gateway to a NAT https://t.co/ZtkWNG8P3v
Configuring the VPC and VPC Flow Logs for an AWS Site to Site pfSense VPN
ACM.465 Creating a VPC to connect our pfSense to via a VPN and configuring logging to inspect the related network traffic https://t.co/fYhjwZ7tTy