DevSecOps Chronicles Part 1
This is my first blog post after a very long hiatus. I’m hoping to create a blog post series on DevSecOps. This is my first blog in that series which explores some basic concepts around DevSecOps.
Active Directory Lab Setup Tool
The AD Pentesting tool is a tool created in PowerShell to quickly setup an Active directory lab for testing purposes. This tool can help setup a Domain controller and Workstation in a lab environment quickly and effectively. While the tool is specifically written to configure an Active directory environment in a lab environment the tool can be easily stretched for production environment as its released under MIT license.
Ransomware Tabletop Exercise
“Everybody has a plan until they get punched in the mouth” - Mike Tyson
CyberSecurity Version
“Everybody has an “Incident Response plan” until they get hit by a Ransomware” - Sonny
A well documented and well rehearsed Incident Response (IR) plan can help an organization when dealing with a security incident such as a Ransomware attack. Often an IR plan can be the difference between an organization surviving the cyber attack or going out of business1.
The key to have a good IR plan is to regularly conduct tabletop exercise and address the gaps discovered during the exercise. Ransomware has wreaked havoc in recent times as such an IR plan is incomplete if it does not include the scenario addressing ransomware attack. This blog post discusses some key questions which should be part of an IR tabletop exercise for ransomware attack scenario.