Skip to content

Instantly share code, notes, and snippets.

View dustinmm80's full-sized avatar

Dustin Collins dustinmm80

31 followers · 20 following
  • Kansas City, MO
View GitHub Profile
@dustinmm80
dustinmm80 / infoq_abstract.md
Created December 14, 2015 19:46
Abstract for InfoQ security blog post

Securing the Modern Development Lifecycle

Abstract

Information security practice has evolved to be pretty good at granting and managing access to confidential information - by people. But automation is taking over. Applications, servers, even networks are not configured and deployed by hand anymore. This is great; our systems and delivery pipelines are becoming faster and more robust. Automation, however, requires a shift in how we think about securing our infrastructure and the applications that run on it. When delegating our authority to non-human actors, we want to make sure they can only do what we ask. Modern infrastructure is made of cattle, not pets. A VM or container may be running less than the time it takes to record their existence by hand. In this article, I will cover a few common steps in the modern development lifecycle and share best practices for securing them.

Outline

  1. Development - Keep secrets out of source, off filesystem. Make it easy for people to get what they need and au
@dustinmm80
dustinmm80 / cli-4.28.0.md
Created October 28, 2015 15:44
Conjur CLI v4.28.0 release notes

We have just released Conjur CLI v4.28.0!

The big change is that you can now retire policies. Read more about policies here.

These bugs were also fixed:

  • Fix --as-group and --as-role options for conjur policy load. Either can now be used to specify ownership of the policy.
  • Fix --follow option for conjur audit.

We have also removed support for per-project .conjurrc files.

@dustinmm80
dustinmm80 / gist:3928081
Created October 21, 2012 18:52
homebrew and pythonbrew setup
PATH="/usr/local/bin:$PATH"
[[ -s $HOME/.pythonbrew/etc/bashrc ]] && source $HOME/.pythonbrew/etc/bashrc
export WORKON_HOME=~/envs
export PROJECT_HOME=~/git
source ~/.pythonbrew/pythons/Python-2.7.2/bin/virtualenvwrapper.sh
export VIRTUALENVWRAPPER_VIRTUALENV_ARGS='--no-site-packages'
@dustinmm80
dustinmm80 / gist:3709567
Created September 12, 2012 20:14
from django.core.exceptions import ObjectDoesNotExist
from django.template.loader import render_to_string
from django.conf import settings
from pprint import pprint
import requests
from xml.dom import minidom
from apps.donations.models import Donation
AUTH_URL = 'https://api.authorize.net/xml/v1/request.api'
@dustinmm80
dustinmm80 / gist:3708386
Created September 12, 2012 17:25
(LIFEACTION_ORG)➜ lifeaction_org pip install https://dev.fiveq.com/svn/repos/fiveq_shared_apps/fiveq_menu/trunk@646\#egg\=fiveq_menu
Requirement already satisfied (use --upgrade to upgrade): fiveq-menu from https://dev.fiveq.com/svn/repos/fiveq_shared_apps/fiveq_menu/trunk@646 in /Users/dustin/.virtualenvs/LIFEACTION_ORG/src/fiveq-menu
Cleaning up...
(LIFEACTION_ORG)➜ lifeaction_org pip uninstall fiveq_menu
Uninstalling fiveq-menu:
/Users/dustin/.virtualenvs/LIFEACTION_ORG/lib/python2.7/site-packages/fiveq-menu.egg-link
Proceed (y/n)? y
Successfully uninstalled fiveq-menu
(LIFEACTION_ORG)➜ lifeaction_org pip install https://dev.fiveq.com/svn/repos/fiveq_shared_apps/fiveq_menu/trunk@646\#egg\=fiveq_menu
Downloading/unpacking fiveq-menu from https://dev.fiveq.com/svn/repos/fiveq_shared_apps/fiveq_menu/trunk@646
@dustinmm80
dustinmm80 / gist:3708149
Created September 12, 2012 17:02
M templates/base_category.html
M templates/mp3_downloads.html
M templates/onemission/short-application.html
M templates/onemission/application.html
M templates/section_why_revival.html
M templates/base_site.html
? templates/misc_pages/revived_faith.html
? templates/misc_pages/2011_road_team_appeal.html
? templates/misc_pages/video_list_template.html
? templates/misc_pages/live_stream_thirst.html
@dustinmm80
dustinmm80 / gist:3707386
Created September 12, 2012 15:24
[dustinc@srv1 ~]$ ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 10352 684 ? Ss Jun21 0:00 init [3]
root 2 0.0 0.0 0 0 ? S Jun21 0:02 [migration/0]
root 3 0.0 0.0 0 0 ? SN Jun21 0:00 [ksoftirqd/0]
root 4 0.0 0.0 0 0 ? S Jun21 0:00 [watchdog/0]
root 5 0.0 0.0 0 0 ? S< Jun21 0:04 [events/0]
root 6 0.0 0.0 0 0 ? S< Jun21 0:06 [khelper]
root 7 0.0 0.0 0 0 ? S< Jun21 0:00 [kthread]
root 8 0.0 0.0 0 0 ? S< Jun21 0:00 [xenwatch]
@dustinmm80
dustinmm80 / gist:3558801
Created August 31, 2012 20:50
closest 5 query
SELECT (ST_distance_sphere("courses_course"."location",ST_GeomFromEWKB('\001\001\000\000 \346\020\000\000\003w\240Ny\364Q\300\244\2503\367\220"E@'::bytea))) AS "distance", "courses_course"."id", "courses_course"."title", "courses_course"."slug", "courses_course"."description", "courses_course"."directions", "courses_course"."year_established", "courses_course"."number_of_holes", "courses_course"."basket_type", "courses_course"."tee_type", "courses_course"."course_length", "courses_course"."alt_length", "courses_course"."holes_under_300", "courses_course"."holes_300_to_400", "courses_course"."holes_more_than_400", "courses_course"."has_restrooms", "courses_course"."has_tee_signs", "courses_course"."handicap_accessible", "courses_course"."has_camping", "courses_course"."on_private_land", "courses_course"."contact_name", "courses_course"."contact_number_type", "courses_course"."contact_number", "courses_course"."contact_links", "courses_course"."address", "courses_course"."city", "courses_course"."state_id", "co
@dustinmm80
dustinmm80 / gist:3342571
Created August 13, 2012 17:17
foi solr errors
(ve)staging_foi@foi:~/foi_org$ ./manage.py rebuild_index
Mon, 13 Aug 2012 17:16:29 root INFO Satchmo Started
Mon, 13 Aug 2012 17:16:29 root INFO Satchmo Started
Mon, 13 Aug 2012 12:16:34 configuration DEBUG Could not load default shipping module configuration: fedex_web_services
Mon, 13 Aug 2012 12:16:34 foi_shipping.config DEBUG loaded
Mon, 13 Aug 2012 12:16:34 shop.listeners DEBUG Added default shop listeners
Mon, 13 Aug 2012 12:16:34 product.modules.downloadable.listeners DEBUG Added downnloadable product listeners
/var/www/vhosts/staging_foi/ve/local/lib/python2.7/site-packages/django/contrib/localflavor/ca/ca_provinces.py:14: RuntimeWarning: There have been recent changes to the CA localflavor. See the release notes for details
RuntimeWarning
Mon, 13 Aug 2012 12:16:35 iterchoices DEBUG Management command: haystack.management.commands.rebuild_index
@dustinmm80
dustinmm80 / gist:3305645
Created August 9, 2012 16:27
Request URL:http://127.0.0.1:8000/contact-us/
Request Method:POST
Status Code:200 OK
Request Headersview source
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Cache-Control:no-cache
Connection:keep-alive