How to set up GCP CIS 1.2.0 Benchmark Inspec Profile tool for conducting CIS assessment
This post covers an introduction and instructions to set up the Inspec tool for learning.
Category: academy
-
![This post covers an introduction and instructions to set up the Inspec tool for learning.]()
-
![Last week a vulnerability affecting the most common logging packages in Java, Log4j, was made public, complete with exploit code. The vulnerability is rated with a critical severity rating of 10. Successful exploitation allows for a very uncomplicated remote command execution without requiring any authentication over the Internet resulting in a complete compromise of data and system confidentiality, integrity and availability. This blogpost explains the detection methods, exploitation techniques and mitigation instructions of the vulnerability.]()
Log4j (CVE-2021-44228): Detection, Exploitation and Mitigation
Last week a vulnerability affecting the most common logging packages in Java, Log4j, was made public, complete with exploit code. The vulnerability is rated with a critical severity rating of 10. Successful exploitation allows for a very uncomplicated remote command execution without requiring any authentication over the Internet resulting in a complete compromise of data and system confidentiality, integrity and availability. This blogpost explains the detection methods, exploitation techniques and mitigation instructions of the vulnerability.
-
![An AWS ELB with HTTP Desync mitigation mode set to **monitor** could allow a class of HTTP desynchronization attacks against the web server behind the Load Balancer. This article provides a step by step guide on how you can check and update the HTTP Desync mitigation mode for your ELB to a more secure option using AWS CLI.]()
How to update AWS ELB HTTP Desync mitigation mode using AWS CLI
An AWS ELB with HTTP Desync mitigation mode set to **monitor** could allow a class of HTTP desynchronization attacks against the web server behind the Load Balancer. This article provides a step by step guide on how you can check and update the HTTP Desync mitigation mode for your ELB to a more secure option using AWS CLI.
-
![An AWS ELB with HTTP Desync mitigation mode set to **monitor** could allow a class of HTTP desynchronization attacks against the web server behind the Load Balancer. This article provides a step by step guide on how you can check and update the HTTP Desync mitigation mode for your ELB to a more secure option.]()
How to update AWS ELB HTTP Desync mitigation mode
An AWS ELB with HTTP Desync mitigation mode set to **monitor** could allow a class of HTTP desynchronization attacks against the web server behind the Load Balancer. This article provides a step by step guide on how you can check and update the HTTP Desync mitigation mode for your ELB to a more secure option.
-
![This academy article provides hands-on guidance on how to setup AWS CLI on Linux. Follow the steps in this article to set up AWS CLI]()
How to setup AWS CLI on Linux
This academy article provides hands-on guidance on how to setup AWS CLI on Linux. Follow the steps in this article to set up AWS CLI
-
![IAM password policies can be used to enforce minimum password length to ensure password complexity. This article provides the step by step guide on how you can update your IAM password policy using AWS CLI.]()
How to update IAM password policy to require minimum password length of 14 or greater using AWS CLI
IAM password policies can be used to enforce minimum password length to ensure password complexity. This article provides the step by step guide on how you can update your IAM password policy using AWS CLI.
