Used for educational and assessment purposes only, no liability taken or given.
-
SSHD - disabled
-
Application LB - deployed
-
Latest kernel - deployed
-
AWS WAF v2 - deployed on ALB
-
AWS SSM - operational
-
AIDE - deployed
-
SElinux - enforcing
TODO:
-
custom AMI / dockerize - musl based for even less attack vectors
-
aws shield
-
aws guardduty
-
aws inspector
-
cloudwatch alarms and cloudtrail
-
sns on events
-
crowdsec https://www.crowdsec.net/blog/protect-your-applications-with-aws-waf-and-crowdsec