http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html https://www.youtube.com/watch?v=_wiGpBQGCjU
HTTP Security Headers do not prevent server-side attacks, but they do help mitigate some client-side attacks, within browsers that support the headers.
This is a collection of the most common commands I run while administering Postgres databases. The variables shown between the open and closed tags, "<" and ">", should be replaced with a name you choose. Postgres has multiple shortcut functions, starting with a forward slash, "". Any SQL command that is not a shortcut, must end with a semicolon, ";". You can use the keyboard UP and DOWN keys to scroll the history of previous commands you've run.
http://www.postgresql.org/download/linux/ubuntu/ https://help.ubuntu.com/community/PostgreSQL
DevSecOps has finally become popular within the wider IT industry in 2019. I started as a web developer in 2001, learned about testing automation, system deployment automation, and "infrastructure as code" in 2012, when DevOps was becoming a popular term. DevOps became common after the release of The Phoenix Project in Jan 2013. It has taken 7+ years for security to become integrated within the DevOps methodology. The following is a list of concepts I go through with project owners, project managers, operations, developers, and security teams, to help establish how mature their DevOps and security automation is, and to help them increase that maturity over time. This model is based on experience consulting with a variety of US Financial, Healthcare, and Department of Defense, organizations, and combines:
- PCI DSS
- NYDFS
- [HITRUST CSF](https://hitrustalliance.net/product-tool/hitrus
Goal - centralized UI, and scheduler, for managing automated builds
- Terraform Enterprise - HashiCorp
- Jenkins - Cloudbees
- TravisCI
- CircleCI
- Bamboo - Atlassian
ex: SOC2, NIST 800-53, ISO 27001, PCI DSS (credit cards), HITRUST / HIPAA (healthcare), FIPS / FedRAMP (US Gov), GDPR (EU)
ex: AWS, Microsoft Azure, Google GCP, on-prem VMware
ex: AWS EC2 VMs, AWS ECS (Docker), AWS EKS (Kubernetes K8S), Azure VM, Azure AKS (K8S), GCP VM, GCP GKE (K8S)
# list repos | |
sudo apt-cache policy | |
# add repo | |
sudo add-apt-repository "deb http://us.archive.ubuntu.com/ubuntu/ saucy universe multiverse" | |
# remove repo | |
sudo add-apt-repository --remove <ppa:whatever/ppa> | |
# create an account, create an app | |
# @see https://apps.twitter.com/ | |
# retrieve the access tokens | |
# @see https://dev.twitter.com/oauth/reference/post/oauth2/token | |
# create the file ~/twitter_api | |
nano ~/twitter_api | |
Authorization: OAuth oauth_consumer_key="XXXXXX", oauth_nonce="11111111", oauth_signature="XXXXXX", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1450728725", oauth_token="99999-XXXXXX", oauth_version="1.0" |
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html
curl -sSL https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/toc-contents.json \
| jq '.contents[10].contents[0].contents[].include_contents' --raw-output \
| grep -v "null" \
| xargs -I % curl -sSL https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/% \
| jq '.contents[].contents[] | [.title, (select(.contents != null) | .title + "::" + .contents[].title)]' --raw-output \