Category Archives: Site Updates

Category is for any updates to the website, meetup format, or improvements about the group as a whole.

BSidesCT Azure Security Talk

As I sit here on the nice shady patio enjoying my morning coffee, I figured I should probably post up my slide deck from my first official talk.  First of all BSidesCT was great!  The organizers made some classy laser cut badges this year and the CTF was a good time (actually got 4th in it!).  Will I submit another?  Who knows?  I think I will build on it a bit and learn more about ASP.NET in the process.  Ok, on to the side deck as my yard work is calling (thought I took Friday off for fun?)

Of Course My Cloud App is Secure, It’s in Azure

Some notes to add to the deck when it comes to the logging Azure Websites:

  • Azure has added the ability to bring log files down via FTP/FTPS.
  • They have added other log tools such as Log Stream which lets you watch your application and web log activity.
  • Azure PowerShell can do it using get-azurewebsitelog –name <appname> -Tail
  • Azure Powershell can do it with save-azurewebsitelogSaves to zip in directory you run the command from.

Other items to note when moving to any cloud solution:

  • Many security features are not enabled by default, though Microsoft does notify you of certain ones to turn on through Security Center
  • You can encrypt your Azure SQL Databases!
  • You can enable 2FA for your Azure/Live Account as well as implementing it within Azure for Azure AD or Web Apps.
  • Review your SLAs!!!
  • And of course way the risks of any cloud service.  Not all data is created equal and some of it is better off staying on-premise.

OK the temp is rising and it isn’t even noon yet, the yard awaits!

Things are happening!

We are being quite productive over here.  The site is up and running, a calendar of events has been added, and now we are running over SSL!  Eventually the stuff over on Meetup.com will be moved over to here.  Feel free to register to become part of the CT InfoSec community!

Also don’t forget the first official Meetup night on October 15th @ NESIT Hackerspace!

-@NutmegInfoSec

WE LIVE!!!!

Please be patient, we have just woken up and are still a little groggy.  Welcome to the future home for the CT InfoSec collective… we mean Community.  We know there are more of you out there.  Our goal is to assim… invite you to the group so that we may have share knowledge and improve our skills in the world of infosec within the Nutmeg state.

For now you can go to our meetup site and follow us on twitter.

Don’t forget to come to our new monthly meetup beginning October 15th, see the meetup page for more details.