All-in-one security with open source tools
The talk will cover the integration of different open source tools and techniques to manage both the offensive and defensive side of security and automating the security solution and scalability. This will include the automation of SIEM and server health monitoring using custom made chron jobs and ELK. Automating web application security pen testing using different open source tools and also figuring out the cloud specific vulnerabilities through meta data information. Setting up an incident response alerting system using custom scripts and pingdom for high priority incidents for instant actions. Setting up network security automation and patch management using nessus and puppet and automating vulnerability management process using open source tools. Intense hardening & patching using ansible and app amor for sure deployment. Automating secure SDLC using sonar cube and many more. Security in Cloud (AWS, Google Cloud etc.).
We will also discuss:
- Configuration best practices for Identity & Access Management Portals
- Planning the right network architecture with use of VPC and VPN
- Securing instances by running only the required services
- Configuring instances at the boot time to remove unwanted softwares or upgrade to stable software versions with no known vulnerabilities
- Using access tokens and Cloud API’s to regularly rotate keys/passwords