Postgres – CIS Benchmark

PostgreSQL Database Security Audit - 2ndQuadrant | PostgreSQL

We have seen many security incidents. Any breach in security cause concern among enterprises. To be honest it not only concern them, it also gives birth to their nightmare, distrust and scepticism as organisation. The root cause of this distrust is improper implementation and configuration.

Opstree Security has started a new initiative where we rigorously analyse and implement CIS Benchmark of every tools being used today.

In this CIS series, we will discuss the CIS Benchmarks of PostgreSQL.

PostgreSQL

For those who are new to PostgreSQL . Let us give you a quick summary of it.

Continue reading “Postgres – CIS Benchmark”

DevSecOps Diary | HIPAA Compliance

HIPAA stands for Health Insurance Portability and Accountability Act. This act of 1996 is a United States federal statute enactment. It is a series of regulatory standards that outline the lawful use and disclosure of protected health information (PHI). HIPAA compliance is regulated by the Department of Health and Human Services (HHS) and enforced by the Office for Civil Rights (OCR).

But what this ACT has to do with DevOps..? Is it related to the Corona Virus..?

No alt text provided for this image

No, not at all..! Let me explain to you how I landed here.

Continue reading “DevSecOps Diary | HIPAA Compliance”

Prometheus at Scale – Part 1

Prometheus has gained a lot of popularity because of its cloud-native approach for monitoring systems. Its popularity has reached a level that people are now giving native support to it, while developing software and applications such as Kubernetes, Envoy, etc. For other applications, there are already exporters(agent) available to monitor it.

Since I have been working on Prometheus for quite a long time and recently have started doing development on it, I was confident that I can handle any kind of scenario in it. Here, in this blog, I am going to discuss a scenario that was a very good learning experience for me.

Continue reading “Prometheus at Scale – Part 1”

Hidden Secrets of Dockerfile

Have you ever faced an issue in which while building the docker image, even though you have mentioned “apt-get -y update” the package you are trying to install is not found in the repository?

Here, in this blog, we are going to discuss two common scenarios that I faced along with the root cause of this problem. Let’s take a look.

First, it’s important to remember that valid intermediate images are not built again. They are loaded from cache. Dockerfile cache is considered valid if the build command gives a 0 return code.

Continue reading “Hidden Secrets of Dockerfile”

Elastic SIEM – An Event Tracking Feature

SIEM with ELK – san3ncrypt3d – Making cybersecurity a habit & Privacy a Goal

 

Torture the data, and it will confess to anything.

Ronald Coase

WHAT IS ELASTIC SIEM

Elastic SIEM (Security Information and Event Management) is a new feature provided by Elastic NV. Using Elastic SIEM we can track and maintain important events that concern us.

Events are actions that reflect something that has happened.

Continue reading “Elastic SIEM – An Event Tracking Feature”