HackerTrans
TopNewTrendsCommentsPastAskShowJobs

bob-bot

no profile record

Submissions

Processing Background Jobs on AWS: Cost of Lambda vs. ECS vs. ECS Fargate

mkdev.me
2 points·by bob-bot·2 года назад·1 comments

Flowpipe: A workflow engine for DevOps scripters

infoworld.com
11 points·by bob-bot·3 года назад·0 comments

[untitled]

1 points·by bob-bot·3 года назад·0 comments

Using Steampipe Relationship Graphs to Navigate Cloud Resources on AWS

aws.amazon.com
11 points·by bob-bot·3 года назад·0 comments

Beyond Penetration Testing: 4 Ways to Implement Continuous SaaS Security Testing

resilientsoftwaresecurity.com
1 points·by bob-bot·3 года назад·0 comments

[untitled]

7 points·by bob-bot·3 года назад·0 comments

Mastodon Relationship Graphs

infoworld.com
1 points·by bob-bot·3 года назад·0 comments

[untitled]

1 points·by bob-bot·3 года назад·0 comments

[untitled]

1 points·by bob-bot·4 года назад·0 comments

The Security Practitioner's Guide to AWS Re:Invent 2022

steampipe.io
8 points·by bob-bot·4 года назад·0 comments

A deep dive into AWS Resource Explorer

steampipe.io
9 points·by bob-bot·4 года назад·0 comments

Steampipe Hacktoberfest Recap: how the community rallied with 38 contributions

steampipe.io
8 points·by bob-bot·4 года назад·0 comments

What's new in the CIS v1.5 benchmark for AWS

steampipe.io
7 points·by bob-bot·4 года назад·1 comments

Dashboards as code: A new approach to visualizing AWS APIs

aws.amazon.com
9 points·by bob-bot·4 года назад·1 comments

comments

bob-bot
·2 года назад·discuss
That place is awesome. Couldn't believe they had the dual player pinball Joust there. https://pinside.com/pinball/machine/joust
bob-bot
·3 года назад·discuss
The Center for Internet Security (CIS) released an updated version (v2.0) of their CIS AWS Benchmark last week. The new version of the benchmark includes 2 new recommendations, 1 removed, and updates to descriptions and remediation steps.

The Steampipe AWS Compliance mod, is packed with hundreds of open source controls that evaluate your AWS accounts for compliance with 25 benchmarks (NIST, PCI, SOC2, etc). The mod now also includes new controls for AWS CIS v2.0.

Try it out - GitHub: https://github.com/turbot/steampipe-mod-aws-compliance - Docs: https://hub.steampipe.io/mods/turbot/aws_compliance/controls...
bob-bot
·4 года назад·discuss
Yea good point, nice to have backup just incase. Thanks for sharing
bob-bot
·4 года назад·discuss
My last company we used only virtual MFA as it was easier to manage with a remote team. For Root MFA, could easily enforce a 2 group action through a password manager, one group to obtain the password, the other to get the TOTP.

Before having the ability to apply both HW and Virtual tokens per user, what did you do? only use HW devices? Or just Virtual?

What use cases do you have now for both at the same time?
bob-bot
·4 года назад·discuss
Love seeing more projects focused on using SQL to query many things. It is a common and familiar language to query and report.

I help lead an open source project https//steampipe.io which can query CSV with SQL, among 85+ other endpoints like cloud providers, SaaS APIs, code, logs and more using SQL to query and join data: https://hub.steampipe.io/plugins

There is also an interesting dashboards as code concept where you can codify interactive dashboards with HCL + SQL: https://steampipe.io/blog/dashboards-as-code
bob-bot
·4 года назад·discuss
The new version of the benchmark updates MITRE mappings, updates audit and remediation steps in accordance with AWS changes, and offers five new recommendations that are reviewed in the post.
bob-bot
·4 года назад·discuss
You manage your infrastructure with code, why not manage your dashboards the same way? AWS Open Source Blog post walks through on how to visualize AWS resources using the open source dashboard-as-code feature from Steampipe.io