canglad

Beautiful Cloud and Automated Day Trading Experiment

The Beginning Lyrics: “Last Christmas I gave you my heart, But the very next day you gave it away”. It was actually last, last Christmas, while the great white north was cold, and I was sitting at home, warm and cozy, started to think whether there was a way to generate some constant small income daily from the stock market. As I am no stock expert, and can be very emotional seeing my stocks going up and down, plus a full time job every day, I wondered if it was possible to write an automated day trading program that was 100% hands-free, 100% emotion-free, and generates small amount of money daily to supplement my income. Read more →

November 3, 2023

AWS Network Firewall egress filtering can be easily bypassed

If you are thinking of or are already using AWS Network Firewall to control and filter egress traffic to only allow connections to approved destination sites, you need to read this post, as it may not work as you have thought. AWS Network Firewall is a fully managed service that can work as an IDS/IPS device when injected into the middle of network traffic flow, e.g., between your workloads inside of your VPC and the Internet. Read more →

September 16, 2023

21 Security advices I gave to a mid-sized firm

Many years ago, a mid-sized firm asked me for advice on how they could improve their IT security posture after they had encountered something unexpected. The challenge with them, was that they did not have in-house IT security expertise and had no one dedicated to manage IT security. At that time, they also started to test waters in AWS which brought additional venues to protect. Considering where they were at the time, I collected my thoughts and gave them some high level suggestions based on my past experience and observations in the IT security industry. Read more →

September 7, 2023

Simple Math of Aws KMS Key Rotation Costs

AWS Key Management Services is a fully managed service that lets you “create, manage, and control cryptographic keys across your applications and AWS services”. It seamlessly integrates with most AWS services and has a very nice and convenient feature to let you automatically rotate a customer managed KMS key. Once this future is enabled on a KMS key, this KMS key will be automatically rotated every 365 days, without needing you to lift a finger. Read more →

September 1, 2023