Event Monitoring Using AWS CloudTrail

Amazon Web Services - Wikipedia

Introduction

If you are using cloud based services, it is evident and paramount to track events that have happened. Isn’t it?

Monitoring events in the cloud is important.

If you are using AWS, let’s assume you find that one autoscaling group in your AWS account is deleted. What will be your response?

How will you know who did it?

Continue reading “Event Monitoring Using AWS CloudTrail”

Postgres – CIS Benchmark

PostgreSQL Database Security Audit - 2ndQuadrant | PostgreSQL

We have seen many security incidents. Any breach in security cause concern among enterprises. To be honest it not only concern them, it also gives birth to their nightmare, distrust and scepticism as organisation. The root cause of this distrust is improper implementation and configuration.

Opstree Security has started a new initiative where we rigorously analyse and implement CIS Benchmark of every tools being used today.

In this CIS series, we will discuss the CIS Benchmarks of PostgreSQL.

PostgreSQL

For those who are new to PostgreSQL . Let us give you a quick summary of it.

Continue reading “Postgres – CIS Benchmark”

Elastic SIEM – An Event Tracking Feature

SIEM with ELK – san3ncrypt3d – Making cybersecurity a habit & Privacy a Goal

 

Torture the data, and it will confess to anything.

Ronald Coase

WHAT IS ELASTIC SIEM

Elastic SIEM (Security Information and Event Management) is a new feature provided by Elastic NV. Using Elastic SIEM we can track and maintain important events that concern us.

Events are actions that reflect something that has happened.

Continue reading “Elastic SIEM – An Event Tracking Feature”

Security Group Strategy for AWS

Fig .1

Grenadier Guards are an elite British Army infantry regiment. People say they are strong as a mountain and ruthless as hell. They protect the doors of Buckingham Palace which are the world’s most valuable residence. No one dares to enter. Likewise, our hosted resources in the cloud are of utmost important and valuable to us. We need some method to protect it and restrict the initial point of contact from the attacker an unwanted audience. Let’s discuss it further on how we can use the security group in the best way to secure our EC2 instances.

AWS is a cloud provider which means the services which we use are hosted at AWS data center. EC2 (Elastic Cloud Compute ), which we use to create instances, is one of many services provided by AWS.

Continue reading “Security Group Strategy for AWS”