Analysis was performced on Aug 11, 2019.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am apolloclark on github. | |
| * I am apolloclark (https://keybase.io/apolloclark) on keybase. | |
| * I have a public key ASC2AayT4Qb7Hxt6BAgO_ocgIbKf0IsyhmdaIalmO43ivAo | |
| To claim this, I am signing this object: |
apolloclark
/ docker image base oses.md
Last active
October 12, 2021 12:10
Docker Images, Base OS Support Matrix
apolloclark
/ chef, puppet, ansible.md
Last active
June 30, 2021 14:36
Chef, Puppet, Ansible comparison
https://www.linkedin.com/pulse/very-short-comparison-ansible-chef-puppet-saltstack-niels-goossens/
Analysis was performed on July 1st, 2019
https://www.chef.io/
https://docs.chef.io/chef_overview.html
Supermarket - role repo
apolloclark
/ build pipelines.md
Last active
March 7, 2022 18:45
Why Nobody Upgrades Servers Weekly in 2019
No one wants to run old software. We all appreciate using the latest stable version of a given piece of code, be it the OS, a service like Postgres, or an app on your phone. However, it's still difficult to accomplish that. Let's explore why and how to actually fix it.
After 40+ years of security product marketing, the common wisdom of doing security is to buy: anti-virus, firewall, vulnerability manager, and a static analyzer. The first two have their own limitations, so I'll be focusing on what happens after a vulnerability managers finds something, and how to actually fix it.
apolloclark
/ devsecops_maturity_model.md
Last active
October 8, 2024 01:35
DevSecOps Maturity Model
DevSecOps has finally become popular within the wider IT industry in 2019. I started as a web developer in 2001, learned about testing automation, system deployment automation, and "infrastructure as code" in 2012, when DevOps was becoming a popular term. DevOps became common after the release of The Phoenix Project in Jan 2013. It has taken 7+ years for security to become integrated within the DevOps methodology. The following is a list of concepts I go through with project owners, project managers, operations, developers, and security teams, to help establish how mature their DevOps and security automation is, and to help them increase that maturity over time. This model is based on experience consulting with a variety of US Financial, Healthcare, and Department of Defense, organizations, and combines:
- PCI DSS
- NYDFS
- [HITRUST CSF](https://hitrustalliance.net/product-tool/hitrus
apolloclark
/ cicd_build_tools_and_testing.md
Last active
May 15, 2024 16:55
CI/CD Build Tools and Testing
Goal - centralized UI, and scheduler, for managing automated builds
- Terraform Enterprise - HashiCorp
- Jenkins - Cloudbees
- TravisCI
- CircleCI
- Bamboo - Atlassian
apolloclark
/ SOC Team.md
Created
April 18, 2019 17:10
Interview questions?
- Attitude - What do you want to learn?
- Knowledge - What do you read for books, blogs, podcasts, Twitter?
- Skills - OSI model, nmap, aws-cli, Bash, Powershell, Python?
- Tools - Do we have log monitor, alerts, reporting?
- Training - Which certs?
- Mentorship - How do you want to get trained internally?
apolloclark
/ Example SOC Alert Ticket.md
Created
April 18, 2019 17:09
apolloclark
/ aws_inventory.py
Last active
December 18, 2019 13:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import skew, json, placebo, os, sys | |
| from pprint import pprint | |
| from datetime import datetime | |
| from elasticsearch import Elasticsearch | |
| # parse command line args | |
| arn_list = { | |
| # logging |
apolloclark
/ http security headers.md
Last active
April 5, 2024 12:52
HTTP Security Headers do not prevent server-side attacks, but they do help mitigate some client-side attacks, within browsers that support the headers.