[python]Create AWS VPC with boto3

Background This is a follow up on this post https://cyruslab.net/2018/10/19/pythontrying-out-aws-sdk/ back then I was only trying out… However I am beginning to take this seriously… as a hobby… Pre-requisites Setup awscli. The awscli is used to setup a default connection, by putting your access key id and secret key id, your preferred region and your … Continue reading [python]Create AWS VPC with boto3

Link: http://cyruslab.net/2019/05/05/pythoncreate-aws-vpc-with-boto3/

SaaS Product, Cloudneeti – Paul’s Security Weekly #601

Guru Pandurangi is the CEO and Founder of Cloudneeti, to talk about how their SaaS product is delivering continuous cloud security and compliance assurance to businesses migrating or using cloud providers such as Azure, AWS, Office365, to develop and host their applications! To learn more about Cloudneeti, visit:https://securityweekly.com/cloudneeti Full Show Notes Follow us on Twitter: […]
The post SaaS Product, Cloudneeti – Paul’s Security Weekly #601 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/7Mc0eSmPapk/

Making Our Security Portfolio Simpler — and Better

Since its inception in 2009, Incapsula has been a proud part of Imperva, the analyst-recognized cybersecurity leader. However, cybersecurity needs are evolving, and so are we. On April 7th, we will officially retire Incapsula.com. All of the great Incapsula web site content that wasn’t already migrated to Imperva.com will move on that date. You can […]
The post Making Our Security Portfolio Simpler — and Better appeared first on Blog.

Link: http://feedproxy.google.com/~r/Imperviews/~3/LkvUgbiDdu0/

Imperva Cloud WAF and Graylog, Part II: How to Collect and Ingest SIEM Logs

This guide gives step-by-step guidance on how to collect and parse Imperva Cloud Web Application Firewall (WAF, formerly Incapsula) logs into the Graylog SIEM tool. Read Part I to learn how to set up a Graylog server in AWS and integrate with Imperva Cloud WAF. This guide assumes: You have a clean Graylog server up […]
The post Imperva Cloud WAF and Graylog, Part II: How to Collect and Ingest SIEM Logs appeared first on Blog.

Link: http://feedproxy.google.com/~r/Imperviews/~3/qU1l2a3nAy0/

How Our Threat Analytics Multi-Region Data Lake on AWS Stores More, Slashes Costs

Data is the lifeblood of digital businesses, and a key competitive advantage. The question is: how can you store your data cost-efficiently, access it quickly, while abiding by privacy laws? At Imperva, we wanted to store our data for long-term access. Databases would’ve cost too much in disk and memory, especially since we didn’t know […]
The post How Our Threat Analytics Multi-Region Data Lake on AWS Stores More, Slashes Costs appeared first on Blog.

Link: http://feedproxy.google.com/~r/Imperviews/~3/0WO62f69Eys/

Imperva Makes Major Expansion in Application Security

When Imperva announced in 2018 it would acquire the application security solution provider Prevoty, a company I co-founded with Julien Bellanger, I knew it would be a win-win for our industry. Prevoty’s flagship product, Autonomous Application Protection, is the most mature, market-tested runtime application self-protection (RASP) solution (as proof, Prevoty was just named a Silver […]
The post Imperva Makes Major Expansion in Application Security appeared first on Blog.

Link: http://feedproxy.google.com/~r/Imperviews/~3/uLiG91hnGh8/

Ixia, Yubico, Fortinet, and ZeroStack – Enterprise Security Weekly #118

Ixia extends collaboration with ProtectWise, Ping Identity brings in New Customer Identity as a service solution, Fortinet introduces new security automation capabilities on AWS, and Yubico announces YubiHSM 2 integration with AWS IoT Greengrass! Enterprise News Ixia extends collaboration with ProtectWise – Ixia´s Vision ONE network packet broker and the CloudLens visibility platform, combined with The ProtectWise […]
The post Ixia, Yubico, Fortinet, and ZeroStack – Enterprise Security Weekly #118 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/xb5dHFgIXos/

AWS EC2 instance userData

In the effort to get me blogging again I’ll be doing a few short posts to get the juices flowing (hopefully).Today I learned about the userData instance attribute for AWS EC2. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.htmlIn general I thought metadata was only things you can hit from WITHIN the instance via the metadata url: http://169.254.169.254/latest/meta-data/However, if you read the link above there is an option to add metadata at boot time. You can also use instance metadata to access user data that you specified when launching your instance. For example, you can specify parameters for configuring your instance, or attach a simple script. That’s interesting right?!?!  so if you have some AWS creds the easiest way to check for this (after you enumerate instance IDs) is with the aws cli.$ aws ec2 describe-instance-attribute –attribute userData –instance-id i-0XXXXXXXXAn error occurred (InvalidInstanceID.NotFound) when calling the DescribeInstanceAttribute operation: The instance ID ‘i-0XXXXXXXX’ does not existah crap, you need the region…$ aws ec2 describe-instance-attribute –attribute userData –instance-id i-0XXXXXXXX –region us-west-1{    “InstanceId": "i-0XXXXXXXX",    "UserData": {        "Value": "bm90IHRvZGF5IElTSVMgOi0p"}anyway that can get tedious especially if the org has a ton of things running.  This is precisely the reason @cktricky and I built weirdAAL.  Surely no one would be sticking creds into things at boot time via shell scripts :-)That module is in the current version of weirdAAL. Enjoy.-CG

Link: http://carnal0wnage.attackresearch.com/2018/11/aws-ec2-instance-userdata.html