Automating Cybersecurity Metrics (ACM)
A series of blog posts on cybersecurity metrics and security automation
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
⚙️A series on Security Automation. The Code.
💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FYI, I’m not getting paid for anyone who reads or claps on this particular story by Medium for some unknown reason. If you like this story please read and clap on the story in this blog to show your support.
GitHub Repo (In Progress):
Note:
This is an on-going account of developing a system on AWS for secure deployments and evaluation of deployments. The code evolves significantly over time and the posts at the end are the most up to date. Maybe someday I’ll get around to summarizing this but not done yet. :-)
Topics:
Approaching 350 posts exist in this series on automating Security Metrics Automation. I happen to be using AWS but the security and automation concepts are applicable to Azure, GCP or on premises environments. What started out as a simple blog series on batch job automation for security became a bit more complex. I also have close to 1500 posts on mostly cloud security at the time of this writing so organizing them by topic here to make them easier to find.
Creating a Static Website Hosted on AWS S3 (In progress)
Related:
Troubleshooting CloudFormation — tips and error messages you might face
Troubleshooting and Issues with EC2, CloudShell, etc.
Continuous improvement — revisions and do overs
I’m adding a preliminary post to this series to explain what it’s all about and where you may want to start. I decided to start over with a new account and rebuild everything out for reasons I explained along the way. All the initial posts are relevant and will be used in the new architecture. To decide where you want to start check out this post:
Walk through the thought process of creating secure Batch Jobs to capture and report on cybersecurity metrics in this blog series. Please note that this series contains information related to governance and secure deployments — not just the batch jobs themselves. I’m basically coding every day and writing about it as I go to complete a project I’m working on to help customers with security metrics.
Adding a KMS Key Alias With CloudFormation
ACM.38 Giving our KMS key a user-friendly name
medium.com
Sending an SMS Message from a Lambda Function
ACM.54 Getting a phone number from Pinpoint
medium.com
Had to republish this one:
BoolIfExists for MFA — Just Say No
ACM.360 A better policy to require MFA for ALL actions
medium.com
Oops 364.
BoolIfExists for MFA — Just Say No
ACM.368 A better policy to require MFA for ALL actions
medium.com
A vulnerability was announced that involves SSH and RSA. I addressed that vulnerability in these three posts.
To be continued…
Follow for updates.
Teri Radichel | © 2nd Sight Lab 2023
The best way to support this blog is to sign up for the email list and clap for stories you like. If you are interested in IANS Decision Support services so you can schedule security consulting calls with myself and other IANS faculty, please reach out on LinkedIn via the link below. Thank you!
About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
Author: Cybersecurity for Executives in the Age of Cloud
Presentations: Presentations by Teri Radichel
Recognition: SANS Difference Makers Award, AWS Security Hero, IANS Faculty
Certifications: SANS
Education: BA Business, Master of Software Engineering, Master of Infosec
Company: Cloud Penetration Tests, Assessments, Training ~ 2nd Sight Lab
Like this story? Use the options below to help me write more!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
❤️ Clap
❤️ Referrals
❤️ Medium: Teri Radichel
❤️ Email List: Teri Radichel
❤️ Twitter: @teriradichel
❤️ Mastodon: @[email protected]
❤️ Facebook: 2nd Sight Lab
❤️ Threads: @teriradichel
❤️ Bluesky: @teriradichel
❤️ YouTube: @2ndsightlab
❤️ Buy a Book: Teri Radichel on Amazon
❤️ Request a penetration test, assessment, or training
via LinkedIn: Teri Radichel
❤️ Schedule a consulting call with me through IANS Research
My Cybersecurity Book: Cybersecurity for Executives in the Age of Cloud