David O'Brien (he/him/his)

@dob
2 Followers
26 Following
45 Posts

Founder of ARGOS Cloud Security, private pilot, Strongman, public cloud and cyber focused. Microsoft Azure MVP, occasional sneakerhead.

#cloudsecurity #infosec #cybersecurity #azure #aws #startup #strongman #pilot #aviation #avgeek #sneakerhead

ARGOS Cloud Securityhttps://argos-security.io
Cloud bloghttps://cloud-right.com
LinkedInhttps://www.linkedin.com/in/obrien-david
David O'Brien (he/him/his)Nov 19, 2022

Thought I'd see what it means to run my own Mastodon instance.

It's up and responds via browser, but it throws CSS and CSP errors.

No idea what went wrong. I believe I followed all the 20 something steps to get it working.

#mastodon #mastodonhelp @Mastodon #support #fediverse

David O'Brien (he/him/his)Nov 16, 2022
Is there any way to follow or subscribe to a hashtag here on #mastodon ?
David O'Brien (he/him/his)Nov 15, 2022
@gvnshtn 👋
David O'Brien (he/him/his)Nov 15, 2022
Show threadAndy 'Bob' Brockhurst Nov 15, 2022

@dob That's a big scope.

Some things we do to make our lives easier and doesn't cost $$$.

Enable #guardduty and pipe all the alerts into a slack channel (+email as well).

Enable #cloudtrail log everything to an #S3 bucket in another account. #cloudwatch alerts on auth failures (to slack + email (some go to pagerduty #infosec contact).
We also have some alerts on updates when a cidr is added to a #SecurityGroup.

Don't use #ssh or #bastion/#JumpHosts use #ssm to run automations on the hosts (package install, service restarts etc) also to get a shell on a box (if needed at all). (you can use #TransitiveTags with #RoleAssumption to give granular access).
Using #ssm for console access also logs the entire session (including someone doing sudo su - root etc!) into #S3

Use #MicroSegmentation within our #vpc. Instances behind an #alb will only accept traffic from the #alb #SecurityGroup etc.. #rds, #elasticache willl only accept traffic from instances in the appropriate #SecurityGroup. (Basically we don't use cidr ingress rules, we use security group ids) (this works across accounts in the same region with peering, but not across regions however).

#aws

David O'Brien (he/him/his)Nov 15, 2022

Serious question: what do you do to secure your cloud environments?
#AWS or #azure , I don't care 🙂

#cloudsecurity #infosec

David O'Brien (he/him/his)Nov 14, 2022

#cloudsecurity what's new this week?
What's hot? What's not?

#azure #aws #gcp

David O'Brien (he/him/his)Nov 11, 2022
Christophe Nov 8, 2022

Just signed up to a Mastodon instance and looking for accounts to follow for cloud security content?

I curated a non-comprehensive list:

@Antitree
@Rmogull
@andrewkrug
@bnugent
@bradgeesaman
@christophetd
@dob
@frichetten
@hackingthecloud
@jcfarris
@jvehent
@marcolancini
@new23d
@patricksanders
@raesene
@rami
@scottpiper
@signalblur
@zoph

(in alphabetical order)

Feel free to suggest more!

#cloudsecurity

David O'Brien (he/him/his)Nov 11, 2022
SecuropeanNov 9, 2022

Cloud providers need to do more to protect their customers from making security mistakes. I'm very concerned about how easy it is to accidentally misconfigure services, the skills gap that exists between the small pool of cloud security (configuration) experts and everyone else, and the constant churn of new cloud features and functionality which is adding to overall system complexity.

#infosecurity #infosec #aws #gcp #azure

David O'Brien (he/him/his)Nov 11, 2022

We're very close now. Very soon we'll release a new capability in ARGOS specifically for #Azure consultants (for now).

Super excited. It's something I could've used countless times with past customers.
Soon it'll be available for everybody.

Can't wait.

#consulting #cloudfamily #cloud #microsoft #cloudsecurity

David O'Brien (he/him/his)Nov 8, 2022

Important:
Turn on multi factor authentication on your mastodon account.

#security #infosec #mfa