avatarTeri Radichel

Free AI web copilot to create summaries, insights and extended knowledge, download it at here

4163

Abstract

to do with a batch job in my initial post on batch jobs for cybersecurity:</p><div id="6e36" class="link-block"> <a href="https://readmedium.com/how-batch-jobs-can-help-cybersecurity-c2ee457a669f"> <div> <div> <h2>How Batch Jobs Can Help Cybersecurity</h2> <div><h3>Batch jobs for penetration testing, security metrics, incident response, and more</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/0*ZYoI5Q7Xx35hLNIK.png)"></div> </div> </div> </a> </div><p id="c407"><b>Jobs: </b>The template (job definition) defines what a job will do. The job is the actual execution of your template or job definition.</p><p id="795f"><b>Job Queues:</b> Job queues handle the scheduling and management of multiple jobs. You can associate multiple compute environments with a job queue and assign priorities to jobs.</p><p id="8038">To get a feel for these components, I just ran followed the tutorial and manually created a job to see how it works.</p><div id="3ead" class="link-block"> <a href="https://docs.aws.amazon.com/batch/latest/userguide/Batch_GetStarted.html"> <div> <div> <h2>Getting Started with AWS Batch</h2> <div><h3>You can use the AWS Batch first-run wizard to get started quickly with AWS Batch. After you complete the Prerequisites…</h3></div> <div><p>docs.aws.amazon.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/)"></div> </div> </div> </a> </div><p id="ec3e">Thinking through building the jobs the way I want is a lot more complex than that. I have concerns about who can kick off jobs when and how will I know if they were successful or failed? Where will the logs end up? Who can view the data I pass into the batch jobs? How much will it cost? Getting something to work is not architecting a solution, but in order to understand the components of your architecture, you’ll need to start somewhere.</p><p id="317d">My experimentation with batch jobs is going to be a bit free form, as time allows, and intertwined with other things I need to get done, but hopefully if you follow along you’ll understand where I’m going — and how I think about securing things in the cloud.</p><p id="bb94">As I mentioned in another blog post I wrote, my code is written in phases. The first phase is always quite rough to flesh out a concept and improve it over time. I usually try to go back and reduce the chance for errors and simplify my code after the fact as I wrote about in this post (hopefully part of an upcoming software security book also on my to-do list):</p><div id="e885" class="link-block"> <a href="https://readmedium.com/every-line-of-code-is-a-potential-bug-49108a0d8045"> <div> <div> <h2>Every Line of Code is a Potential Bug</h2> <div><h3>How to reduce the chances of a security flaw in your application with the principle of abstraction</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*HLUYkxxm-rSD_46s66q1Pg.png)"></div> </div> </div> </a> </div><p id="e7f6">The code I’ll present is not production ready and can always use improvement. I’m figuring things out as I go. I already mentioned on Twitter I wrote a JSON template parser to create reports which I may share but it’s very rudimentary and specific to my needs.</p><p id="81e7">But before I can get to all that, we need to think through some issues related to how we will run our jobs. How will we assign permissions, protect data, and do we have any network considerations?</p><p id="26dd">AWS provides some sample batch jobs such as this

Options

one which grabs a script from an S3 bucket and runs it:</p><div id="45ee" class="link-block"> <a href="https://docs.aws.amazon.com/batch/latest/userguide/example-job-definitions.html"> <div> <div> <h2>Example job definitions</h2> <div><h3>The following example job definitions illustrate how to use common patterns such as environment variables, parameter…</h3></div> <div><p>docs.aws.amazon.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/)"></div> </div> </div> </a> </div><figure id="7e04"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/1*uPi8wdTWsr-nDTrRpzhZ8g.png"><figcaption></figcaption></figure><p id="5302">Another option is to use a docker container. I need to run things that are a bit more complex than a single script. I want to have my batch jobs assume a role with limited permissions and install some libraries to help carry out tasks. Right away, I decided that I will use containers, not a single script.</p><p id="9405">The other benefit of a container is that there are various methods we can use to ensure the integrity of our code as it passes from dev to QA to prod, something I talk to clients at <a href="https://www.iansresearch.com/">IANS research</a> about a lot. Failure to ensure code integrity was the underlying cause of the Solar Winds breach so we’ll want to think pretty carefully about that if we are running sensitive batch jobs.</p><div id="af64" class="link-block"> <a href="https://readmedium.com/solarwinds-hack-retrospective-322f03b4eb9b"> <div> <div> <h2>SolarWinds Hack: Retrospective</h2> <div><h3>Part 2: What caused the breach and what does the malware do?</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*mHiaXsG99jZLWJ_0jH__BQ.png)"></div> </div> </div> </a> </div><p id="ce6a">Docker containers it is! If you want to get a feel for AWS Batch and the elements involved, run through the tutorial above or run the sample CloudFormation templates. I’m going to be focusing on containers in upcoming posts as before we can create a batch job with a container — we need a working container.</p><p id="b256">Follow for updates.</p><p id="4a3a">Teri Radichel | <i>© <a href="https://2ndsightlab.com/?source=post_page---------------------------">2nd Sight Lab</a> 2022</i></p><div id="8b5f"><pre><span class="hljs-section">About Teri Radichel:

⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab</pre></div><div id="caae"><pre><span class="hljs-section">Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~</span>
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation</pre></div><div id="5a42"><pre>Follow <span class="hljs-keyword">for</span> more stories like <span class="hljs-keyword">this</span>:

❤️ Sign Up my Medium Email List ❤️ Twitter: <span class="hljs-meta">@teriradichel</span> ❤️ LinkedIn: https:<span class="hljs-comment">//www.linkedin.com/in/teriradichel</span> ❤️ Mastodon: <span class="hljs-meta">@teriradichel</span><span class="hljs-meta">@infosec</span>.exchange ❤️ Facebook: 2nd Sight Lab ❤️ YouTube: @2ndsightlab</pre></div><figure id="faf5"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/0*H9Ew1KCl-29nZiPR.jpeg"><figcaption></figcaption></figure></article></body>

Components of an AWS Batch Job

ACM.6 Considering the composition of our batch jobs

This is a continuation of my series of posts on Automating Cybersecurity Metrics and one of my posts on

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Part of my series on Automating Cybersecurity Metrics. The Code.

🔒 Related Stories: Batch Jobs | AWS Security | Cybersecurity

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

In the last two posts I explained how batch jobs can help cybersecurity:

and why you might want to use MFA with batch jobs:

You’ll need to configure a number of things to create a batch job on AWS. I went through a quick tutorial to create a batch job manually in the AWS console just to get the idea what I’d need to think about when constructing a batch job. Those components are listed on this page:

Compute environment: The compute resources you want to use for your batch job. That means what AWS compute resources you want to use like Fargate (containers) or EC2 (VMs). You can configure the compute resources to have different configurations which will affect your batch job performance and cost.

Job Definitions: A template that defines what will happen when a job runs. I provided a lot of examples of what you might want to do with a batch job in my initial post on batch jobs for cybersecurity:

Jobs: The template (job definition) defines what a job will do. The job is the actual execution of your template or job definition.

Job Queues: Job queues handle the scheduling and management of multiple jobs. You can associate multiple compute environments with a job queue and assign priorities to jobs.

To get a feel for these components, I just ran followed the tutorial and manually created a job to see how it works.

Thinking through building the jobs the way I want is a lot more complex than that. I have concerns about who can kick off jobs when and how will I know if they were successful or failed? Where will the logs end up? Who can view the data I pass into the batch jobs? How much will it cost? Getting something to work is not architecting a solution, but in order to understand the components of your architecture, you’ll need to start somewhere.

My experimentation with batch jobs is going to be a bit free form, as time allows, and intertwined with other things I need to get done, but hopefully if you follow along you’ll understand where I’m going — and how I think about securing things in the cloud.

As I mentioned in another blog post I wrote, my code is written in phases. The first phase is always quite rough to flesh out a concept and improve it over time. I usually try to go back and reduce the chance for errors and simplify my code after the fact as I wrote about in this post (hopefully part of an upcoming software security book also on my to-do list):

The code I’ll present is not production ready and can always use improvement. I’m figuring things out as I go. I already mentioned on Twitter I wrote a JSON template parser to create reports which I may share but it’s very rudimentary and specific to my needs.

But before I can get to all that, we need to think through some issues related to how we will run our jobs. How will we assign permissions, protect data, and do we have any network considerations?

AWS provides some sample batch jobs such as this one which grabs a script from an S3 bucket and runs it:

Another option is to use a docker container. I need to run things that are a bit more complex than a single script. I want to have my batch jobs assume a role with limited permissions and install some libraries to help carry out tasks. Right away, I decided that I will use containers, not a single script.

The other benefit of a container is that there are various methods we can use to ensure the integrity of our code as it passes from dev to QA to prod, something I talk to clients at IANS research about a lot. Failure to ensure code integrity was the underlying cause of the Solar Winds breach so we’ll want to think pretty carefully about that if we are running sensitive batch jobs.

Docker containers it is! If you want to get a feel for AWS Batch and the elements involved, run through the tutorial above or run the sample CloudFormation templates. I’m going to be focusing on containers in upcoming posts as before we can create a batch job with a container — we need a working container.

Follow for updates.

Teri Radichel | © 2nd Sight Lab 2022

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab
Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation
Follow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab
Cybersecurity
Batch Jobs
Security Metrics
Automation
Containers
Recommended from ReadMedium
avatarMunidimple Muchalli
AWS GuardDuty

AWS Guard Duty

4 min read
avatarAshish Patel
AWS — Cost Optimization Best Practices Guide

AWS Cost Savings Tips: Ways to Reduce AWS Bills.

6 min read
avatarDario Radečić
Python One Billion Row Challenge — From 10 Minutes to 4 Seconds

The one billion row challenge is exploding in popularity. How well does Python stack up?

10 min read
avatarThuong To
AWS IAM Identity Center

Customer use AWS IAM Identity Center (successor to AWS Single Sign-On) to manage single sign-on (SSO) for their AWS accounts. By doing so…

2 min read
avatarLeticia Massae
Preparing for the AWS Solutions Architect — Professional Certification Exam

For Starters

7 min read
avatarRoman Marakulin
How to set up an alarm for an AWS Glue job failure

Setting up an alarm for AWS Glue job failures without involving AWS lambda functions

5 min read