AWS: Cost Explorer – costs checking on the CloudWatch Logs example

7 September 2021
 

 This post isn’t an overview of the AWS Cost Explorer service, but just a quick example of how to detect costs for your AWS account and its services. So, when I came back from the vacation, I noticed that we’ve paid more than usually for the AWS CloudWatch for August – almost 50 dollars per… Read More »

.NET Meetup Temabit

7 September 2021
 

  Immerse yourself into the world of .NET together with the experts at Temabit and Microsoft at the new .NET Meetup coming up on September 14. Meet our speakers:  Christos Matskas, Microsoft Topic: Secure your apps with Azure and Microsoft Identity’ Anton Koposov, Temabit Fozzy Group Topic: Messaging with MassTransit Meetup will be moderate by:… Read More »

AWS: Lambda functions – an overview, and integration with AWS API Gateway

18 August 2021
 

 AWS Lambda allows running a code without the need to create and manage servers, also known as the serverless approach. AWS Lambda will determine how much CPU and memory is needed to run a function, and when it’s necessary it will perform autoscaling. A code to be running is organized in lambda functions and can be… Read More »

Git: scan repositories for secrets using Gitleaks

16 August 2021
 

 A confidential data leak such as RDS keys or passwords to a Git repository, even if it is a private Github repository, is a very bad thing and it’s good to check your repositories to know if any developer pushed a commit with such data. Scanning utilities To check Git repositories for a leak, at… Read More »

Tableau: install Tableau Bridge to access a database server in a private network

9 August 2021
 

 To access a database server, that has no public access (as it must be – access only inside an AWS VPC), Tableau suggests using its tool called Tableau Bridge. The idea is to have a Bridge service running in a network, which has access to a database server via its Private IP. Also, Bridge will… Read More »

Let’s Encrypt: SSL and the “SERVFAIL looking up CAA for domain.com” error

29 July 2021
 

 One of mine website stopped working with the “Connection reset.” error. NGINX configs seem to be correct, and other sites on the same server are working. NGINX also gave nothing, no errors, PHP-FPM also are good. Let’s check the website with the curl: The cause Because the error above are reported from the SSL_connect call,… Read More »

AWS: Route53 Private Hosted Zones — hiding domains from the Internet

26 July 2021
 

 Private Hosted Zone in AWS Route53 allows to limit access to DNS records of a domain, thus making it inaccessible for the DNS Enumeration (or DNS brute-force), when an attacker checks for available records in a domain to know endpoints list to check them for vulnerabilities. For such attacks, there is a lot of utilities… Read More »

AWS: WAF WebACL logging and Logz.io integration

22 July 2021
 

 In the first post – AWS: Web Application Firewall overview, configuration, and its monitoring – we spoke about its main components, created a WebACL and Rules for it, and did basic monitoring. Also, we’ve configured WebACL’s logs collection with AWS Kinesis, but now it’s time to see them Logz.io, as CloudWatch Logs isn’t available for… Read More »

AWS: Web Application Firewall overview, configuration, and its monitoring

19 July 2021
 

  AWS WAF (Web Application Firewall) is an AWS service for monitoring incoming traffic to secure a web application for suspicious activity like SQL injections. Can be attached to an AWS Application LoadBalancer, AWS CloudFront distribution, Amazon API Gateway, and AWS AppSync GraphQL API. In case of finding any request that sits WAF’s rules, it… Read More »

AWS: CloudTrail overview and integration with CloudWatch and Opsgenie

15 July 2021
 

 AWS CloudTrail is a service for auditing AWS accounts events and is enabled by default. It saves all actions that were done by a user, IAM role, or an AWS service via AWS Console, AWS CLI, or AWS SDK. CloudTrail will write information about every API call, log in to the system, services events, and… Read More »