ISM – Australian Government Information Security Manual – Australian Cyber Security Centre (ACSC)

2018/12/04

Download PDF

An updated ISM has appeared. Now with 27% fewer controls.

via ISM – Australian Government Information Security Manual – Australian Cyber Security Centre (ACSC)

The change log lists the controls which have changed and the justification for the change. https://acsc.gov.au/publications/ism/ISM_2018_Changes_Document.pdf

 


5 open source tools for container security | Opensource.com

2018/10/18

via 5 open source tools for container security | Opensource.com


A mapping (no not a Swardley thing) of On Prem, AWS and Azure Security Components

2018/05/28

A useful one pager to compare the various security products of AWS, Azure and the usual on-prem suspects/capabilities.

via Conceptual Mapping of On-premises Infrastructure Security Components to Cloud Security Services by Adrian Grigorof CISSP, CISM, CRISC,CCSK – physical, providers, security function | Peerlyst


Spectre 2.0

2018/05/08

More Spectre like goodness in the pipeline. I suspect the Cloud platforms are madly patching their millions of servers as we speak.

And to think, people still like to run their own tin.

If your patching processes haven’t matured this FY (WannaCry, Spectre v1 and now v2) then you’re doing it wrong.

Despite positive first quarter results for 2018, Intel faces continuing issues with its foundries, both with the oft-delayed 10nm, as well as its own modem production in 14nm. Intel revealed in the earnings conference call that volume 10nm manufacturing had been delayed to 2019, without specifying which part of the year.

Source: Intel Foundries Continue to Face Issues and Another Spectre-Like Vulnerability Disclosure May Be Looming


Azure AD Connector Configuration Dumper

2018/03/06

So today I discovered that if you inspect the Azure AD Connector config via its GUI the config it gives you is actually about 5% of what is actually there. Specifically, the GUI doesn’t display the rules for OU filtering.

To work around this you can use the sync tool to display the OU filtering config. You’ll need to login as your in-prem AD sync user though to do this. If you don’t have those credentials then you can gather the config using the tool below and then turn it into an easier to review HTML output.

Be warned though, a small AD I ran this against produced a 3MB html file of stuff. There is A LOT of items in AADC that average admins wont ever see or hear about.

Microsoft/AADConnectConfigDocumenter: AAD Connect configuration documenter is a tool to generate documentation of an AAD Connect installation.


Don’t leave your keys in the lock

2018/02/05

MS Azure has announced a nifty tool that spots secret information in Github related to Azure keys.

via Managing Azure Secrets on GitHub Repositories | Blog | Microsoft Azure


Technet landing page for Windows Event Forwarding information.

2018/01/11

Probably more information about Windows Event Forwarding (WEF) than you will ever need.

via Windows Event Forwarding – TechNet Articles – United States (English) – TechNet Wiki