SecEng Newsletter #6
![SecEng Newsletter #6](/content/images/2024/04/bannerlogo-4.png)
Welcome to Issue #6 of the Security Engineering Newsletter.
A super light one again this week – a sign I should send this newsletter out biweekly instead of weekly, but I haven't made a determination on that yet.
I've been reading Nuclear War: A Scenario by Annie Jacobsen. It is one of the most depressing non-fiction books I have ever read, but, at the same time, I can't put it down. I have probably read about half of it over the past two days. Jacobsen chronicles the harsh reality of what would happen if NK randomly fired a nuke or two at the United States (called "a bolt out of the blue" scenario). Turns out, it is really hard to shoot an ICBM out of the sky. 10/10 would recommend. Also watching Interview with the Vampire on AMC which is fantastic.
![](https://is1-ssl.mzstatic.com/image/thumb/Publication221/v4/30/c2/1a/30c21afb-0420-4d4e-9f18-c634606e6df5/9780593476109.d.jpg/1200x630wz.png)
Other than that, I am headed to the OFFICIAL Denver Cybersecurity Summit this week.
-- Andrew
I had a need this week to set up a monthly automated workflow to pull the latest image from a DockerHub repo, push it to AWS ECR, and force deploy an AWS ECS Fargate service using the new image. I considered using GitHub Actions, but this article from Alexander Hose presents an easy, AWS-native way to do most of what I needed. The article doesn't cover the redeployment to Fargate part, but it was fairly easy to add it to the BuildSpec script. I ended up creating a CloudFormation template for the whole process 🥷
![](https://www.bleepstatic.com/content/hl-images/2021/04/01/VMware.jpg)
I always assume there is some catch to announcements like this, but maybe I should just accept it as good news – VMware Workstation Pro and Fusion Pro are free for personal (non-commercial) use! 🎉
![](https://www.canva.dev/_next/static/media/thumbnail.5db88d83.jpg)
Santiago Gutiérrez wrote a highly detailed article about performing endpoint vulnerability management at scale at Canva's (mainly) macOS shop. It is always interesting to see what other organizations are doing to solve this painful issue. There are so many moving parts: not ruining the end user experience, dealing with huge amounts of data, creating and routing tickets, reporting – it can be a mess. SentinelOne's application vulnerability feature was particularly notable for me. It seems like it is crucial in the process and has some nicely built-out APIs.
If you're a T1 SOC analyst, how do you get feedback on your work?
by u/Medical_Chipmunk3459 in cybersecurity
As someone who has never been a SOC analyst, I thought this Reddit thread was interesting. Based on the responses, it doesn't seem like most SOC analysts get feedback about the work they do. Most people assume that no feedback is good feedback. Without feedback or some quality control process, how can you be sure people are actually handling things correctly? 😶🌫️
![](https://is1-ssl.mzstatic.com/image/thumb/Podcasts116/v4/f3/27/9a/f3279ac3-80c0-20bb-4a0a-f08187432904/mza_16243751727141277012.png/1200x630wp.png)
![](https://is1-ssl.mzstatic.com/image/thumb/Podcasts113/v4/f8/be/33/f8be3352-b8ef-4b49-0246-d8307935a211/mza_6872775259424368511.jpg/1200x630wp.png)
![](https://is1-ssl.mzstatic.com/image/thumb/Podcasts115/v4/0b/f3/56/0bf356ed-1a9e-570f-b7c2-c2f8519759f3/mza_16637652720340476334.png/1200x630wp.png)
Simon Willison (the AI blogging GOAT) published a writeup on the new GPT-4 model. This is the gpt2-chatbot
that I wrote about in an earlier newsletter. I've been using it extensively for the past few days, and the speed is incredibly apparent.
Thank you for reading this week's issue, and see you next week! If you have any feedback, hit me up!
Discussion