Latest from SECSANDMAN

DEVSEC – Mitigating supply chain software attacks with Yubikey signed GIT commits (sort-of)

THE PROBLEM This is #1 in a series to learn more about secure software CICD supply chains. This post and other will go beyond “Googling how to set it up” and instead focus on more nuanced security and operational issues. At the executive level, supply chains attacks like the SolarWinds incident recently saw attackers exploit known vulnerabilities … Continue reading DEVSEC – Mitigating supply chain software attacks with Yubikey signed GIT commits (sort-of)

Panel 1

Home

Latest from SECSANDMAN

NETSEC – Detecting unusual traffic in the Cloud using Flowlogs/Lambdas

This is a PoC I did awhile back and I lost the original content when porting over to my new domain. Essentially this is a PoC code that can be modified to detect the source, destination and port/protocol network communication between boundaries within your cloud VPC for “weird” or “unusual” traffic. https://github.com/secSandman/lambda_netflows/blob/master/lambda-netflow-data-loss.js For example, you … Continue reading NETSEC – Detecting unusual traffic in the Cloud using Flowlogs/Lambdas

CLOUDSEC – Securing Cloud Networks with Hub-N-Spoke and Azure Firewall (Azure Lab 1)

This lab builds a foundation Azure virtual to later test the Microsoft suite of security products in Azure. With the code examples and a few manual changes you can deploy one hub, four spokes with an advanced firewall appliance, jump hosts and IPSEC tunnel all within an hour using Azure ARM automation. Although Microsoft has … Continue reading CLOUDSEC – Securing Cloud Networks with Hub-N-Spoke and Azure Firewall (Azure Lab 1)

Panel 2 Placeholder
Panel 3 Placeholder
Panel 4 Placeholder