Collective Risk Project & Collective Controls Catalog

Collective Risk Project & Collective Controls Catalog

Recently watched a good SANS Webcast about existing standards and their comparison. Authors compare and contrast several well known IT security standards and create a common “Collective Controls Catalog” that tries to include all the best from all standards. Thanks for the authors making this available for the public. Leaving it here. Credit SANS. The 2022 version of the Collective Risk Model (CRM) is a community driven project. It is the result of numerous conversations between cybersecurity professionals over video…

Read More Read More

CV & Resume Advice

CV & Resume Advice

I sometimes asked about CV, Resume advice. Leaving here my personal checkboxes: Resume should be created or adjusted per position to show the information relevant to the position. Should be achievement bases. Shouldn’t contain data more than 10 years back. One pager CV is better. if you want to do more its probably resume. Objective part is generally useless. No need for articles in CV, they just eat space. You should make Recruiter’s job easier. Pointing out only relevant information….

Read More Read More

Investigation of CDEK Scam

Investigation of CDEK Scam

Friends, my today’s article will be in Russian because fishing scheme described here particularly affects Belarussian citizen which can speak and understand in Russian. I though this way it could help more people. I will translate this article to English in nearest days. Добрый день! Хочу поделится коротким разбором одного мошеннического сценария с которым недавно столкнулся после того как разместил объявление на продажу детского стола на онлайн платформе Kufar. Казалось бы очевидный лохотрон, но к сожалению некоторые не внимательные граждане…

Read More Read More

Testing strategies for your application

Testing strategies for your application

Testing is one of the fundamental components of DevOps and agile development in general. If automation gives DevOps the required speed and agility to deploy software quickly, only through extensive testing will those deployments achieve the required reliability that customers demand. A main tenet of a DevOps practice to achieve system reliability is the shift left principle. If your process for developing and deploying an application is depicted as a series of steps that are listed from left to right,…

Read More Read More

Granting minimal level of access for Azure Security Scans with AZSK

Granting minimal level of access for Azure Security Scans with AZSK

In order to carry out Azure Security Assessment with AZSK (Secure DevOps Kit for Azure) tool following Azure AD and IAM roles should be created. Global Reader and Security Reader in Azure AD Reader IAM RBAC Role in subscription scope Below is the detailed instruction for creating above mentioned two accounts Instruction to Create Account for AZSK Scans 1. Creating Account for Azure AD Navigate to Azure Active Directory >>> Users Create new or give permission to and existing account…

Read More Read More

Configuring Ubuntu SSH server to use Hashicorp Vault OTP

Configuring Ubuntu SSH server to use Hashicorp Vault OTP

This post will demonstrate how to configure vault and ssh server in order to use OTP for the login to SSH server. Following diagram depicts the process. After we have initialized and unsealed our vault server we need to enable ssh secrets engine with the following command: vault secrets enable ssh Write role to Vault ssh secrets engine. For the test purposes we will allow all IPs Vault write ssh/roles/admin key_type=otp default_user=vaultuser cidr_list=0.0.0.0/0,0.0.0.0/0 Now we need to configure login to…

Read More Read More

Enable Azure Diagnostic Logs Settings

Enable Azure Diagnostic Logs Settings

Logging to storage account $resource = Get-AzResource -Name [resource name] -ResourceGroupName [resource group name] $storage = Get-AzResource -Name [resource name] -ResourceGroupName [resource group name] Set-AzDiagnosticSetting –ResourceId $resource.ResourceId –StorageAccountId $storage.ResourceId -Enabled $true Streaming of diagnostic logs to Event Hub $rule = Get-AzServiceBusRule -ResourceGroup [resource group name] -Namespace [namespace] -Topic [topic] -Subscription [subscription] -Name [rule name] Set-AzureRmDiagnosticSetting -ResourceId $resource.ResourceId -ServiceBusRuleId $rule.Id -Enabled $true Streaming of diagnostic logs to a Log Analytics workspace $workspace = Get-AzOperationalInsightsWorkspace -Name [workspace name]-ResourceGroupName [resource group name] Set-AzureRmDiagnosticSetting…

Read More Read More

Recruiting Tools

Recruiting Tools

https://MailScoop.io – Free Email Finder https://Yesware.com – Email Tracker https://ResyMatch.io – Free Resume Scanner https://ResyBullet.io – Free Resume Bullet Analyzer https://ResyBuild.io – Free Resume Builder https://Canva.com – Free Graphic Design Tool https://PhotoFeeler.com – Free LinkedIn Profile Pic Grader https://tagcrowd.com/ – Visual Text

Azure virtual network service endpoints

Azure virtual network service endpoints

You’ve migrated your existing application and database servers for your ERP system to Azure as virtual machines. Now you’re considering using some Azure platform as a service (PaaS) services to reduce your costs and administrative requirements. Storage services will hold certain large file assets, such as engineering diagrams. These engineering diagrams have proprietary information in them, and must remain secure from unauthorized access. These files must only be accessible from specific systems. In this unit, you’ll look at how to…

Read More Read More

Azure VNET Peering

Azure VNET Peering

az network vnet create \     –resource-group learn-176d3f64-8002-4e62-b762-ac3929d20952 \     –name SalesVNet \     –address-prefix 10.1.0.0/16 \     –subnet-name Apps \     –subnet-prefix 10.1.1.0/24 \     –location northeurope     az network vnet create \     –resource-group learn-176d3f64-8002-4e62-b762-ac3929d20952 \     –name MarketingVNet \     –address-prefix 10.2.0.0/16 \     –subnet-name Apps \     –subnet-prefix 10.2.1.0/24 \     –location northeurope     az network vnet create \     –resource-group learn-176d3f64-8002-4e62-b762-ac3929d20952 \     –name ResearchVNet \     –address-prefix 10.3.0.0/16 \     –subnet-name Data \     –subnet-prefix 10.3.1.0/24 \     –location westeurope     az network vnet list –output table =============================================== az network vnet peering create \     –name…

Read More Read More