Managing firewalls, VLANs, and access control lists might be second nature in a traditional IT setting. But when it comes to AWS, the terminology and tools can seem foreign. This beginner’s guide aims to bridge that gap, translating AWS security concepts into the world of on-premise security you already know. Why AWS Security Matters AWS … Read more
As I continue this series on CI/CD pipeline security, it is time to now work on securely building and deploying our application. This post picks up where my Build Secure Python Pipelines: Adding Tests and Hooks in Action post left off. In this post, we’ll continue our pipeline development by adding a container build and … Read more
After writing my From Scattered to Splunk: Bringing Order to Your Kubernetes Logs post, a buddy of mine Danny Ansell (oh by the way he does work for Cribl and used to work for Splunk) suggested that I could always import my logs into Cribl as well. I’m madly in love with Splunk and do … Read more
I think it’s time to focus on a few key practices for beginners to implement secure CI/CD. I’ve been building the idea on the idea of a CI/CD pipeline in a bunch of the below posts: All of these articles are a scattering of topics based upon some of the daily randomness that I’ve faced … Read more
In my How to Install and Use Starboard to Protect Your Kubernetes Cluster post, I first installed Starboard and reviewed a vulnerability scan report. After reviewing the results, I then tried to action some of the vulnerabilities in my MySQL deployment. In addition to vulnerability scans, Starboard can also conduct configuration audits of your Kubernetes … Read more
If you take a look at this blog, you’ll see that I’ve begun to tinker with devops quite a bit. If you’ve ever taken the trouble to look me up on LinkedIn, you’ll also see that I’ve had a little history doing security stuff. Given my love of security, the next logical step of my … Read more
In my current job, I’m one of the local resident Active Directory experts. Granted my knowledge is a little dated on the subject but I can still get around enough as needed. In order to perform testing, we need to spin up test environments for Active Directory and don’t want to maintain a long lived … Read more
I will admit that I’m quite a bit of a rookie when it comes to Terraform and the whole infrastructure as code scene but I’m learning. One of the most powerful tools I’ve found when trying to convert your current infrastructure into Terraform is the terraform import command. After too many times of doing an … Read more
As I’ve been working with Terraform more and more these days, I felt that it would be a good idea to move away from some of my other hacked together solutions in favor of Terraform. My next logical step was to focus on kubernetes management with terraform and github actions. This idea builds upon my … Read more
I started messing with GitHub Actions a little more in my Using GitHub to Manage Kubernetes post. I also did some tinkering around with Terraform in my How to Use Terraform to Deploy a Python Script to AWS Lambda post. As I started messing with Terraform even more, I realized how cool it would be … Read more