In today’s world, an online presence is not only required but a necessity for any modern business but going online also comes with many challenges, any loopholes in application security can lead to various cyber-attacks thus ruin the reputation of any organization.
OWASP The Open Web Application Security Project is an open-sourced, community that is dedicated to providing organizations around the world with free, practical resources to support application security.
One of the main projects of OWASP is to monitor top security risks that exist in today’s world.
In this post, I will summarize them as a quick overview, In my future posts, I will share how to actually mitigate these risks in the AWS cloud (coming soon). …
In today’s competitive world, the protection of data and digital assets is a top priority for any security architect and enterprise. Digital assets could be in form of PII (Personal Identifiable Information), client list, network information, trade secrets, or more.
Securing these assets using a complex password is not enough, we all know people are used to setting the same password on multiple platforms, compromising one password could be a potential call for trouble. Odd enough I recently saw an article on CNN citing the problem
MFA or Multi-factor authentication can solve this problem to some extent, MFA allows you to have an additional layer of security to access your cloud or on-premise applications, even if you have the same password assigned to the various platforms, MFA technically makes it unique. …
Often there is a case when you have to provide read-only access to a user on your AWS account for security, training, or auditing purposes.
In this post, I will show you how we can provide read-only access to the AWS console to any user.
This step is optional, but I would suggest it as a best practice. Groups allow you to easily manage users and policies.
In this example, I am creating a group called auditors
In my previous post Exploring AWS Secret Manager, we learned about some key benefits of using AWS Secret Manager. In this post, we will explore how to use it with a practical example.
You can use Secret Manager to store, rotate, monitor, and control access to secrets such as database credentials, API keys, and OAuth tokens.
I have discussed the benefits and workflow of Secret Manager in my other post check it out
In this fast-changing world of Cloud, Containers, APIs and Microservices, keeping and managing IT resources is one challenge and securing them is another.
Credentials management is one of the most overlooked concepts when comes to securing your applications. I have seen organizations keep all passwords in a single spreadsheet or confluence page or on many occasions on a sticky note under the manager’s keyboard 😄
AWS Secret Manager allows you to easily store, rotate, manage credentials throughout the lifecycle of your applications. …
Object storage is a very popular service in the cloud, the first thing normally organizations move to the cloud is the object storage which are files like documents, images, audio, video, and other content data.
With many different services that exist in the cloud, security is a top priority of any organization. Therefore, protecting data with accidental delete also should be included in the top list of operations. In AWS S3 you can optionally add another layer of security by configuring buckets to enable MFA Delete, which can help to prevent accidental bucket deletions and it’s content.
In this post, we cover how to enable MFA (Multi-factor authentication) on S3 buckets in AWS. If you want to learn more about how to enable MFA I did a post on it a while back. …
I will be posting a series of some cool articles related to AWS security, some are required to use Multi-Factor Authentication (MFA) so here is a basic one how to enable MFA on AWS.
Probably many of you already familiar with using MFA login in a web browser, In this post, I will also share how to use MFA login on AWS CLI.
The first step is to create an IAM user if you don’t have one using the AWS Console. Make sure you allow console access or programmatic access (if required)
In this example, I am creating a user called…
AWS offers 3 types of load balancers as part of Elastic Load Balancer (ELB) service one is called Classic Load Balancer, TCP load balancer and the latest is the Application load balancer (ALB).
ALB offers some unique features over Classic ELB and one of the features is Path-based Routing. What is Path-based Routing? well in simple terms the ALB could forward the incoming requests to different destinations based on the path as shown in the slide.
Modules are used in Terraform to modularize and encapsulate groups of resources in your infrastructure. Using Modules you can write a generic code and reuse it as you need if you are from database background it is similar to using stored procedures.
Terraform provides a various way to use Modules, you can write module and use it from many sources, similar to using files from Shared Drives or services like DropBox and Google Drive.
The module installer supports installation from a number of different source types, as listed below.
A short and useful post today, recently we had a customer requirement to migrate their git repositories from one account to another service provider, for example moving from bitbucket to GitHub, the repositories had a history of branches and commit for over 5 years and were quite huge in size.
The solution was quite simple but I thought to document this for anyone who is looking to solve a similar problem.
Step 1 is to mirror the Git repository to your local machine by the following command
$ git clone --mirror https://url-of-the-source-git-repo.git
The above command would create a directory with your repository name.git …