story

Logged ·

AWS Secrets Manager for Script Authentication

Using secrets in scripts is a problem and there's a plenty of ways to deal with it. Here, I'll explain how to use AWS Secrets Manager in your scripts to authenticate in tools and perform actions. AWS Environment To be properly used, AWS Secrets Manager (SM) requires configuratio…

Logged ·

Updating Digital Signatures

One of these days I got the task to update some digitally signed documents, which implied in updating the signatures too. I found it very interesting, so I decided to document the steps for further reference. Scenario First, it's important to describe the scenario. The document…

Logged ·

Web Architecture with CloudFlare and Netlify

CloudFlare is a great service for web protection and with its free plan, we're able to use many great features to improve the security of personal websites. In the following lines I'll describe how I got it working for me. Remember that my site is built upon Zola, deployed usin…

Logged ·

Roadmap to Incident Response Automation

Automating tasks in Incident Response (IR) is key to reduce the impact of incidents. Although it seems as easy as start writing scripts, in my experience, this objective must be tackled in a more scalable and robust way that encompasses security, data science, and software develo…

Logged ·

Logging Strategy

Logs are a key part of successful security or IT plan because they are an outstanding mechanism to diagnose many types of incidents. That's why every corporation should have a strategy to define what logs will be tracked and for how long. Usually, different log sources overlap da…

Logged ·

A Word on Cybersecurity Assessments

I've been working with the incident response (IR) for a few years and more recently when Red Teams (RTs) started trending, I experienced some avoidable friction between both teams I wanted to share. Disclaimer: This text is based on my own experience and may not reflect the whol…

Logged ·

Mac Essentials 2022

As a long-term user of Macs (since 2008) my core system changed over the years, but the target remains the same to me: keep it simple. I'm not a fan of having many apps, some of them that I barely use, for security reasons. Since I want to keep my system always up-to-date, the …

Logged ·

Checking IP Address Data

tl;dr: Use this script to query three of the best security services on the internet about security-relevant data on IP addresses. It is common for Information Security Engineers to check if a given IP address is good or malicious and [maybe] that's why there are so many service…

Logged ·

AWS Certified Security Specialty

For the last few months I had been studying for the AWS Certified Security - Specialty (SCS) certification and in this review, I am going to present every step I took to get this new certification in my career. The SCS (a.k.a. Security Engineering on AWS) is an advanced certific…

Logged ·

Becoming CISSP

In this post, I am going to share my personal experience to obtain the CISSP certification. CISSP is one of the most renowned certifications for the information security career and it is said that it is very hard to earn. Earlier this year (2020), I decided to give CISSP a try …

Logged ·

Why Keep Your Own Website

Blogging looks obsolete since streaming got popular, but have you tried to follow a video tutorial? Specifically for tech content, blogging is still a good platform to share knowledge, but as a blog owner who receives few visitors, sometimes I find myself thinking if it worth to…

Logged ·

NetBox Scanner v2

Back in 2018, I was leading the SOC and NOC teams and although I'm not an excellent network engineer, I always tried to help technically the networking team. On that year we were struggling with the IPAM tool and started looking for a replacement. Then we found and tested NetBo…

Logged ·

Criando um Tema para o Zola

O Zola tem um subsistema simples e robusto para criação de templates, o Tera, que é baseado no Jinja2 e no Django. Apesar disso, provavelmente por não ser um projeto muito difundido [ainda], o Zola não tem muitos temas disponíveis, o que obriga o administrador a colocar a mão n…

Logged ·

CompTIA Security+: Notas

No fim de 2019, a empresa onde eu trabalho ofereceu um curso preparatório para a certificação CompTIA Security+ (S+), com direito a um voucher para o exame. Até então, essa era uma das certificações que eu planejava pedir para os contratados do SOC, mas achei uma ótima oportunid…

Logged ·

Certificações e Carreira em TI

Seleção de pessoal é um assunto extenso e que eu não domino. Há muito o que se considerar, entre a titulação, experiência e outros atributos, mas neste texto quero passar minha visão sobre o assunto, com foco nos títulos, já que é um assunto que vez ou outra aparece nas discussõ…