Submitted 11 months ago by shellsharks@infosec.pub to cybersecurity@infosec.pub
Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.
Reviewing the CIS recommended hardening config for Windows Server. Just realized that you shouldn’t just look at the failed controls but the ones that passed too. One control when enabled actually passes command line entries into the audit log in plain text, so that includes passwords.
Trying to find a suitable WAF for AWS EKS. Any suggestions?
One of the teams has a cluster built with the nginx ingress which uses classic load balancers. Shifting them to the AWS ingress (which uses ALBs enabling our AWS WAF to apply) looks like it’ll be massively expensive due to the blow out in load balancer costs - but it gets us a WAF we already use across everything else. Other option is to find a WAF specifically for EKS and shift all clusters to that.
So native AWS WAF isn’t viable because of costs?
My preference is for the native AWS WAF as we already use it. The rub comes from how the cluster is architected which would mean we’d have an ALB ingress per application - the prohibitive cost is purely the extra ALBs that would be created. Though I literally just heard it’s not going to be as bad as initially forecast so ¯_(ツ)_/¯
My original curiosity was if any of the K8s specific WAFs are any good, for example Prophaze.
Well just got done with fixing a few annoyances in some of my github utils and added a few things. Overall been pretty busy… I think.
PaddleMaster@beehaw.org 11 months ago
My research grant was funded. Now the hard part- executing with the goal of getting year 2 funding.
Also going crazy because everyone wants their risk reports before the holiday. As if they’ll even get read before vacations start.
starneld@infosec.pub 11 months ago
Congrats on getting funding, that’s awesome!