strongDM can’t terraform Mars, but we can Terraform your DevOps workflow
Terraform, we are a go for launch on the strongDM provider! We are happy to announce that strongDM has officially launched as a Terraform provider. That means that in one single configuration you can spin up a fleet of servers, import them into strongDM, and provision your users access in a matter of minutes.
How to Change the MySQL root Password
On an unmodified MySQL install, the root user account does not have a password. This is extremely insecure! As a systems administrator, we know that the easiest way to compromise a system is using the default unchanged password with admin privileges.
Create a User in MongoDB and Manage Them Securely
Abstract-away usernames and passwords and allow the systems administrator to keep the master passwords safe under lock & key.
SSH Audit Made Simple
SSH audit logs allow you to determine, either retroactively or in real-time, when an unauthorized or destructive action was taken, and by whom.
A Practical Approach to Just-in-Time (JIT) Access for Developers
Should application developers have access to production database systems? This is a question as old as Vampires and Werewolves.
AWS Console Alternative, Secure AWS Management
Gone are the days of sharing AWS root account credentials in a shared 1Password vault or worse, via email. With this in mind, one of the first steps to securing our AWS account is setting up AWS IAM.
3 ways to Implement Role-Based Access Controls for Kubernetes
Managing RBAC in a way that’s suitable to the size of your company is confusing and overwhelming. Before speeding to implementing policy, it’s worth figuring out what problems RBAC is actually trying to solve.
Connecting Postgres to Active Directory for Authentication
While primarily geared towards developers, PostgreSQL is also designed to help system administrators safely and robustly store information in databases. In this post, we will demonstrate how to install a PostgreSQL database and then configure Active Directory users to authenticate to it.
How We Automate User Provisioning & Keep Track of Credentials
There are a number of ways to automate user provisioning but the real challenge lies in keeping track of those credentials.
How Splunk Built A Practical Approach to DevSecOps At Scale
Joel Fulton is the Chief Information Security Officer for Splunk. At Splunk, they've put effort into transforming their organization from a waterfall approach to agile, to now a DevSecOps approach.
SOC 2 Terminology Glossary
SOC 2 compliance, like so many things related to IT and security, is chock full of terms and acronyms to learn. If you are just getting started with SOC 2, it’s helpful to get familiar with this alphabet soup ahead of time so you can move your compliance efforts forward with confidence. Below is a SOC 2 terminology glossary to get you started: