Published in Cloud Security·PinnedAutomating Cybersecurity Metrics (ACM)A series of blog posts on cybersecurity metrics and security automation — GitHub Repo (In Progress): SecurityMetricsAutomation/README.md at main · tradichel/SecurityMetricsAutomation Contribute to tradichel/SecurityMetricsAutomation development by creating an account on GitHub.github.com Walk through the thought process of creating secure Batch Jobs to capture and report on cybersecurity metrics in this blog series.Cybersecurity Metrics14 min readCybersecurity Metrics14 min read
Published in Cloud Security·PinnedCybersecurity Author, Teri RadichelPublications and Presentations by Teri Radichel — Teri Radichel is a professional cybersecurity speaker, trainer, and author. The following are links to some of her past presentations, articles, blog posts, books, and security classes. …Cloud Security4 min readCloud Security4 min read
Published in Bugs That Bite·9 hours agoMember-onlyFailed to Login to Session: Ubuntu on AWSContinuation of experimenting with Ubuntu on AWS ARM EC2 instance as I wrote in these posts: Ubuntu on AWS ARM EC2 Posts by Teri Radichel about using Ubuntu on AWS ARM EC2medium.com In a prior post, I mentioned how I login and get an authentication popup like this whenever I log into my instance. I haven’t had time to look into why this particular component is…Bug3 min readBug3 min read
Published in Cloud Security·9 hours agoUbuntu on AWS ARM EC2Posts by Teri Radichel about using Ubuntu on AWS ARM EC2 — I’ve been playing around with Ubuntu on AWS. Here are some of my stories on the topic. RDP on Ubuntu AWS ARM EC2 Instance Experimenting with Ubuntu on AWS ARM EC2medium.com Installing AWS CLI on EC2 ARM Ubuntu Troubleshooting command line installmedium.com I’ll be tracking additional issues on my Bugs that Bite blog: Bugs That Bite Helping make the world a better place, one error message at a time.medium.comUbuntu2 min readUbuntu2 min read
Published in Cloud Security·12 hours agoSecurity Product AssessmentsACM.147 Posts by Teri Radichel on security assessments for security products, vendors and supply chains — Part of my series on Automating Cybersecurity Metrics. The Code. In my last post I wrote about multi-session compromise in a scenario where you’ve separated the duties of who can create users and who grants them access. Multi-Session Compromise ACM.146 How session compromise could defeat segregation of dutiesmedium.comSecurity Assessments5 min readSecurity Assessments5 min read
Published in Cloud Security·1 day agoMulti-Session CompromiseACM.146 How session compromise could defeat segregation of duties — Part of my series on Automating Cybersecurity Metrics. The Code. Yesterday I explained some of the issues related to session compromise. AWS CLI Session Compromise ACM.145 Threat-modeling AWS assume role temporary credentialsmedium.com Then I mentioned that I have one other concern [at least] for this approach of using two different roles for separation of duties to limit an abuse of create…Session7 min readSession7 min read
Published in Bugs That Bite·2 days agoTesting Medium StatsHow to test Medium (or other website analytic) stats — One way to test medium stats that I used recently was to post my stories on various sites and asking my friends to read them and then let me know if they did. Then I could compare the results to what I saw in my Medium feeds and stats. I…Verifiying Stats3 min readVerifiying Stats3 min read
Published in Cloud Security·2 days agoRSS Feed Scraper Websites and How They Affect Blog AuthorsI sent a note to my customers yesterday saying that I’m going to try to temporarily put my blog behind a paywall to fend off RSS scrapers. …Medium5 min readMedium5 min read
Published in Cloud Security·2 days agoAWS CLI Session CompromiseACM.145 Threat-modeling AWS assume role temporary credentials — Part of my series on Automating Cybersecurity Metrics. The Code. In my last post I wrote about who is responsible for what when it comes to AWS security. What are AWS’s Security Responsibilities, Anyway? ACM.144 A deeper dive into the shared responsibility modelmedium.com I had to stop and write that because I’m going to link to it below when it comes to some of the…Aws Cli14 min readAws Cli14 min read
Published in Bugs That Bite·2 days agoProblem with Medium RSS FeedsI wrote a story about how I was trying to fix some problems with Medium in relation to RSS Feeds. Here’s what I wrote: Medium forces me to put a paywall in front of my stories in order to prevent the entire post from going out in email or RSS…Bug3 min readBug3 min read