Attackers have a strategy, they have a plan. We know what they are going to be doing, we have modeled these behaviors with MITRE ATTACK and the Killchain concept. But we know how we traditionally have started to design from the outside, trying to keep them out. This model, Zero Trust, is all about trying to address the adversary that is already on the network, because we know that's what is happening.
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
The Azure Well-Architected Framework helps you to design, build, and continuously improve a secure, reliable, and efficient application.
Start with the Pillars, and align your design choices with the principles. Then, build a strong foundation for your workload based on technical design areas. Finally, use review tools to assess your readiness in deploying to production.
When you're building an Azure architecture, there are many considerations to keep in mind. You want your architecture to be secure, scalable, available, and recoverable. To make that possible, you have to make decisions based on cost, organizational priorities, and risk.
My Docker container for Cloud CLI Tools.
This Dockerfile builds on a Ubuntu image and installs CLI tools for interacting with AWS, Azure, and GCP:
awscliv2 - AWS CLIv2azure-cli - Microsoft Azure CLIgcloud - Google Cloud SDKThe image also creates and runs under a non-root user.
These files can be used to create a generic ELK stack using Docker Compose. This can be helpful for testing, local development, and POC work. Looking for a fast setup and teardown makes Docker perfect for this use case.
This assumes that you have git and docker desktop or docker engine with docker-compose installed. For this scenario, we will be using Docker Desktop.
This terraform script deploys an Ubuntu Workstation with minimal additional software installed. It enables SSH and RDP and uses security groups to restrict the administrative access to your current external IP address only to prevent it being wide open to the world.
An example use case is a temporary sandbox system for surfing potentially dangerous websites.
NOTE: Don't break the law, as AWS Terms of Service still apply and this is not exactly covert.
This terraform script deploys an Ubuntu Workstation with minimal additional software installed. It enables SSH and RDP and uses security groups to restrict the administrative access to your current external IP address only to prevent it being wide open to the world.
An example use case is a temporary sandbox system for surfing potentially dangerous websites.
NOTE: Don't break the law, as GCP Terms of Service still apply and this is not exactly covert.
This terraform script deploys an Ubuntu Workstation with minimal additional software installed. It enables SSH and RDP and uses security groups to restrict the administrative access to your current external IP address only to prevent it being wide open to the world.
An example use case is a temporary sandbox system for surfing potentially dangerous websites.
NOTE: Don't break the law, as Azure Terms of Service still apply and this is not exactly covert.