Posts

Security Terms: XDR vs MDR

XDR (Extended Detection and Response) and MDR (Managed Detection and Response) are terms used in the field of cybersecurity, specifically in the context of threat detection and response. Let's break down each term: 1. XDR (Extended Detection and Response):    Definition: XDR is a security solution that evolved from traditional Endpoint Detection and Response (EDR) systems. It expands the scope beyond endpoints to include various security telemetry sources such as network traffic, cloud services, and email.    - Key Features:       - Cross-Layered Detection: XDR integrates and correlates data from multiple security layers, providing a more comprehensive view of potential threats. This may include endpoints, networks, emails, and cloud services.       - Analytics and Automation: XDR leverages advanced analytics and automation to identify patterns and anomalies in the collected data. It often incorporates machine learning and artificial intelligence to enhance threat detection capabil

How to enable AWS EBS Volume snapshots encryption

Using the AWS console: Sign in to AWS console and navigate to https://console.aws.amazon.com/ec2/ From the left navigation choose snapshots option. Select the actionable snapshot, choose actions. Choose the Copy Snapshot option. Check the encryption option. Under the Master key choose the kms key (It is recommended to choose KMS CMK when EBS snapshot consist of highly sensitive data). Click on copy. Once the newly encrypted snapshot is ready old snapshot should be deleted. Using AWS CLI $> aws ec2 copy-snapshot --description [description-for-new-snapshot] --destination-region [region-name] --encrypted --kms-key-id [kms-key-id] ---source-region [region-name] --source-snapshot-id [actionable-snapshot-id] Command reference: https://docs.aws.amazon.com/cli/latest/reference/ec2/copy-snapshot.html $> aws ec2 delete-snapshot --snapshot-id [actionable-snapshot-id] --region [region-name] Command reference: https://docs.aws.amazon.com/cli/latest/reference/ec2/delete-snapshot.html Note: App

How to prevent identity theft?

  Identity theft happens when anyone steals your personal information, like your name, Social Security number, or credit card info, and uses it for fraud or other criminal activities. Below are some tips to help prevent identity theft: ● Protect your personal information: Be cautious when giving out your personal information online and offline. Don't share your Social Security number, credit card number, or other sensitive information unless you trust the source and must provide it. ● Strong passwords: Strong and unique passwords for all your accounts are must. Also, avoid using the same password for multiple accounts. Use a password manager to store passwords securely. ● Monitor accounts: Frequently review your bank and credit card statements for unauthorized transactions, and check your credit report once a year for any suspicious activity. ● Phishing scams: Emails, texts, or phone calls asking for your personal information or credentials could be a scam. Avoid clicking on links

How to check SSL certificate expiration time through shell script

Image
  In this blog we will learn "How to check SSL certificate  number of days for expiration of our domain" I am going to show here in a Linux environment by using Shell script.  Create file by the name checkssl.sh - sudo nano checkssl.sh Code- Copy this code and save file. data=`echo | openssl s_client -servername $1 -connect $1:${2:-443} 2>/dev/null | openssl x509 -noout -enddate | sed -e 's#notAfter=##'` ssldate=`date -d "${data}" '+%s'` nowdate=`date '+%s'` diff="$((${ssldate}-${nowdate}))" echo $((${diff}/86400)) Output- You will get result as below

The key points of cost optimization and enhanced security for AWS and Azure infrastructure:

1. Cost Optimization: a. Resource Right-Sizing: Begin by analyzing the current resources in use on AWS and Azure. Identify any over-provisioned instances or underutilized resources. Utilize AWS and Azure tools like AWS Trusted Advisor, AWS Cost Explorer, and Azure Cost Management to gain insights into resource utilization and make informed decisions on right-sizing. b. Reserved Instances and Savings Plans: Investigate opportunities to leverage Reserved Instances (RIs) on AWS and Savings Plans on Azure. These commitment-based options can lead to substantial cost savings over pay-as-you-go pricing. c. Auto-Scaling: Implement auto-scaling for AWS and Azure resources to dynamically adjust resource capacity based on demand. This ensures that you are not over-provisioning resources during peak times and are not paying for idle capacity during low-demand periods. d. Storage Optimization: Evaluate your data storage practices, including the use of different storage classes, data archiving,

AWS resource cleanup

  Let's go through each of these areas and discuss some resource cleanup best practices, considerations, and specific actions you can take in the AWS environment 1. EC2 Instances: Regularly review your running instances and identify those that are no longer needed. Terminate instances that are not actively in use. Consider using Amazon EC2 Auto Scaling to dynamically adjust the number of instances based on demand. This can help optimize costs and resource utilization.Use Elastic Load Balancing (ELB) to distribute traffic across multiple instances, improving availability and reducing the impact of instance failures. Consider using AWS Lambda or EC2 instance-based automation to schedule instance start and stop times, particularly for non-production instances. 2. Amazon S3 Buckets: Use AWS Identity and Access Management (IAM) policies to control access to S3 buckets and objects. Regularly audit your S3 buckets to ensure they are not publicly accessible unless required. Implement bucke

AWS top services associated with their costing

  Below are the few AWS services for their potential cost factors: 1.Amazon S3: S3 storage pricing is based on the amount of data stored, data transfer, and number of requests. Costs can vary based on storage class (Standard, Intelligent-Tiering, Glacier, etc.) and region. 2.Amazon ECS: ECS pricing includes costs for the underlying EC2 instances or Faregate resources used to run containers, as well as networking and data transfer costs. 3.Amazon EMR : EMR pricing depends on the instance types used for the cluster, data storage, data transfer, and the processing power needed. 4.AWS IAM: IAM itself is generally not associated with direct costs; you're billed for the resources you manage using IAM. 5.Amazon QuickSight: QuickSight pricing is based on the number of users and the amount of data processed for visualization. 6.AWS Glue: Glue pricing considers factors such as the number of development units (DPU) used for ETL jobs and the amount of data processed. 7.AWS Lambda: Lambda