https://www.linkedin.com/pulse/very-short-comparison-ansible-chef-puppet-saltstack-niels-goossens/
Analysis was performed on July 1st, 2019
https://www.chef.io/
https://docs.chef.io/chef_overview.html
Supermarket - role repo
apolloclark
/ chef, puppet, ansible.md
Last active
June 30, 2021 14:36
Chef, Puppet, Ansible comparison
apolloclark
/ build pipelines.md
Last active
March 7, 2022 18:45
Why Nobody Upgrades Servers Weekly in 2019
No one wants to run old software. We all appreciate using the latest stable version of a given piece of code, be it the OS, a service like Postgres, or an app on your phone. However, it's still difficult to accomplish that. Let's explore why and how to actually fix it.
After 40+ years of security product marketing, the common wisdom of doing security is to buy: anti-virus, firewall, vulnerability manager, and a static analyzer. The first two have their own limitations, so I'll be focusing on what happens after a vulnerability managers finds something, and how to actually fix it.
apolloclark
/ devsecops_maturity_model.md
Last active
January 22, 2024 05:08
DevSecOps Maturity Model
DevSecOps has finally become popular within the wider IT industry in 2019. I started as a web developer in 2001, learned about testing automation, system deployment automation, and "infrastructure as code" in 2012, when DevOps was becoming a popular term. DevOps became common after the release of The Phoenix Project in Jan 2013. It has taken 7+ years for security to become integrated within the DevOps methodology. The following is a list of concepts I go through with project owners, project managers, operations, developers, and security teams, to help establish how mature their DevOps and security automation is, and to help them increase that maturity over time. This model is based on experience consulting with a variety of US Financial, Healthcare, and Department of Defense, organizations, and combines:
- PCI DSS
- NYDFS
- [HITRUST CSF](https://hitrustalliance.net/product-tool/hitrus
Goal - centralized UI, and scheduler, for managing automated builds
- Terraform Enterprise - HashiCorp
- Jenkins - Cloudbees
- TravisCI
- CircleCI
- Bamboo - Atlassian
apolloclark
/ SOC Team.md
Created
April 18, 2019 17:10
Interview questions?
- Attitude - What do you want to learn?
- Knowledge - What do you read for books, blogs, podcasts, Twitter?
- Skills - OSI model, nmap, aws-cli, Bash, Powershell, Python?
- Tools - Do we have log monitor, alerts, reporting?
- Training - Which certs?
- Mentorship - How do you want to get trained internally?
apolloclark
/ Example SOC Alert Ticket.md
Created
April 18, 2019 17:09
apolloclark
/ aws_inventory.py
Last active
December 18, 2019 13:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import skew, json, placebo, os, sys | |
| from pprint import pprint | |
| from datetime import datetime | |
| from elasticsearch import Elasticsearch | |
| # parse command line args | |
| arn_list = { | |
| # logging |
apolloclark
/ http security headers.md
Last active
April 5, 2024 12:52
HTTP Security Headers do not prevent server-side attacks, but they do help mitigate some client-side attacks, within browsers that support the headers.
apolloclark
/ aws security products.md
Last active
June 26, 2019 14:32
18 regions, +2 in China, +2 GovCloud
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html
apolloclark
/ aws iam architecture.md
Last active
May 17, 2023 06:05