Using AWS Secrets Manager in Your Scripts
Using secrets in scripts is a problem and there's a plenty of ways to deal with it. Here, I'll explain how to use AWS Secrets Manager in your scripts to authenticate in tools and perform actions. AWS Environment To be properly used, AWS Secrets Manager (SM) requires configuratio…
Getting Started with CloudFlare for Web Protection
CloudFlare is a great service for web protection and with its free plan, we're able to use many great features to improve the security of personal websites. In the following lines I'll describe how I got it working for me. Remember that my site is built upon Zola, deployed usin…
Updating Signed Documents with GPG
One of these days I got the task to update some digitally signed documents, which implied in updating the signatures too. I found it very interesting, so I decided to document the steps for further reference. Scenario First, it's important to describe the scenario. The document…
Automating Incident Response: A Scalable and Robust Approach
Automating tasks in Incident Response (IR) is key to reduce the impact of incidents. Although it seems as easy as start writing scripts, in my experience, this objective must be tackled in a more scalable and robust way that encompasses security, data science, and software develo…
The Importance of Logging Strategy
Logs are a key part of successful security or IT plan because they are an outstanding mechanism to diagnose many types of incidents. That's why every corporation should have a strategy to define what logs will be tracked and for how long. Usually, different log sources overlap da…
Friction Between Red Teams and Incident Response
I've been working with the incident response (IR) for a few years and more recently when Red Teams (RTs) started trending, I experienced some avoidable friction between both teams I wanted to share. Disclaimer: This text is based on my own experience and may not reflect the whol…
My Minimalistic Approach to Mac System Setup
As a long-term user of Macs (since 2008) my core system changed over the years, but the target remains the same to me: keep it simple. I'm not a fan of having many apps, some of them that I barely use, for security reasons. Since I want to keep my system always up-to-date, the …
Query Security Services for IP Reputation
tl;dr: Use this script to query three of the best security services on the internet about security-relevant data on IP addresses. It is common for Information Security Engineers to check if a given IP address is good or malicious and [maybe] that's why there are so many service…
AWS Certified Security - Specialty Review
For the last few months I had been studying for the AWS Certified Security - Specialty (SCS) certification and in this review, I am going to present every step I took to get this new certification in my career. The SCS (a.k.a. Security Engineering on AWS) is an advanced certific…
My Journey to CISSP Certification
In this post, I am going to share my personal experience to obtain the CISSP certification. CISSP is one of the most renowned certifications for the information security career and it is said that it is very hard to earn. Earlier this year (2020), I decided to give CISSP a try …
Blogging and the Freedom of the Web
Blogging looks obsolete since streaming got popular, but have you tried to follow a video tutorial? Specifically for tech content, blogging is still a good platform to share knowledge, but as a blog owner who receives few visitors, sometimes I find myself thinking if it worth to…
Automating Network Management with NetBox Scanner
Back in 2018, I was leading the SOC and NOC teams and although I'm not an excellent network engineer, I always tried to help technically the networking team. On that year we were struggling with the IPAM tool and started looking for a replacement. Then we found and tested NetBo…
Criando um Tema para o Zola
O Zola tem um subsistema simples e robusto para criação de templates, o Tera, que é baseado no Jinja2 e no Django. Apesar disso, provavelmente por não ser um projeto muito difundido [ainda], o Zola não tem muitos temas disponíveis, o que obriga o administrador a colocar a mão n…
Minha Experiência Estudando para a Certificação CompTIA Security+
No fim de 2019, a empresa onde eu trabalho ofereceu um curso preparatório para a certificação CompTIA Security+ (S+), com direito a um voucher para o exame. Até então, essa era uma das certificações que eu planejava pedir para os contratados do SOC, mas achei uma ótima oportunid…
Certificações em seleção de pessoal
Seleção de pessoal é um assunto extenso e que eu não domino. Há muito o que se considerar, entre a titulação, experiência e outros atributos, mas neste texto quero passar minha visão sobre o assunto, com foco nos títulos, já que é um assunto que vez ou outra aparece nas discussõ…