1. Monkey In a Jungle
Securing Your Chaotic Infrastructure
2. whoami
• @GO-JEK
• OSCP
• Documentation Contributor to Security Monkey
• Electrical Engineer from Brigham Young University, USA
• Security enthusiast
• Die hard guns n roses fan
3. Experiment
• Created a VM
• Open SSH and HTTP
• Leave it for 1 month
• Extract IPs from log files
• Visualize
5. Security Monkey monitors your AWS and GCP accounts for
policy changes and alerts on insecure configurations. Security
Monkey can also watch and monitor your GitHub
organizations, teams, and repositories.
Security Monkey can be extended with custom account types,
custom auditors, and custom alerters.
7. Security Monkey Can:
Monitor multiple AWS/GCP accounts
Tell you what is changing
Provide historical context
Identify Security Problems in your AWS/GCP configuration
Flag deficient SSL/TLS certificates
Compare policies across regions and across
accounts
Be a platform to discuss parts of your
deployment
Backup parts of env to json
8. There are many variations of passages of Lorem Ipsum available, but the
majority have suffered alteration in some form, by injected humour, or
randomised words which don’t look even slightly believable.
Architecture