Reviewing the CIS recommended hardening config for Windows Server. Just realized that you shouldn’t just look at the failed controls but the ones that passed too. One control when enabled actually passes command line entries into the audit log in plain text, so that includes passwords.
cybersecurity
An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Community Rules
- Be kind
- Limit promotional activities
- Non-cybersecurity posts should be redirected to other communities within infosec.pub.
Enjoy!
My research grant was funded. Now the hard part- executing with the goal of getting year 2 funding.
Also going crazy because everyone wants their risk reports before the holiday. As if they’ll even get read before vacations start.
Congrats on getting funding, that’s awesome!
Trying to find a suitable WAF for AWS EKS. Any suggestions?
One of the teams has a cluster built with the nginx ingress which uses classic load balancers. Shifting them to the AWS ingress (which uses ALBs enabling our AWS WAF to apply) looks like it’ll be massively expensive due to the blow out in load balancer costs - but it gets us a WAF we already use across everything else. Other option is to find a WAF specifically for EKS and shift all clusters to that.
So native AWS WAF isn’t viable because of costs?
My preference is for the native AWS WAF as we already use it. The rub comes from how the cluster is architected which would mean we’d have an ALB ingress per application - the prohibitive cost is purely the extra ALBs that would be created. Though I literally just heard it’s not going to be as bad as initially forecast so ¯_(ツ)_/¯
My original curiosity was if any of the K8s specific WAFs are any good, for example Prophaze.
Trying to get started with reverse engineering and binary exploitation by following this guy. My brain hurts, but in a good way!
Well just got done with fixing a few annoyances in some of my github utils and added a few things. Overall been pretty busy... I think.