• Aditya Anand

Work Diary - SystemBack & Third Party Security Tools

I have recently joined a startup and have been a part of their InfoSec team. Recently this thought popped up in my mind that I should document the work that I have been doing and how things change when you are independent security personnel to when you start working for an organisation.

Here it goes…

So in the last article that I wrote about my work, I mentioned the problems I faced and we did come up with temporary solution for that but we are still actually working on the long time solution for it. You can read my previous article by clicking on the link below.

Work Diary - Research Work & Deployment of Security Policies

So, the temporary solution that I came up with was using a tool SystemBack. If you remember from the previous article the problem we were suffering from was that we have to manually install the applications and dependencies on each and every machine and that is totally a waste of time. The list of dependencies and the applications were so long that we nearly had to wait for 15 minutes for everything to be installed on the system of the user and for anyone who has worked in a big organisation knows that this is impossible to carry this task in real life and not feasible at all.

The other problem that was bugging us was how to deploy the security polices on these systems, we have had the basic policies in place but to micro-manage the access control policies we needed to have something that is meant exclusively for this purpose.

Work work work!

So, now that we know the problem of having to install all the applications and dependencies on each and every system over and over again. We needed a solution that would help us from having to do this whole rigorous process over and over. Now, wait for a moment and think what kind of a solution would you have used? What would you have done if you were in such a situation? think about it before reading ahead.

The solution I came up with was SystemBack. So what it does is that it helps us create an identical copy of the OS, which you might be working on and then helps you create a .iso file out of it. So once you have the .iso file of your system with all the configurations already done then the only thing that would be needed is to install that on your system and the problem is solved. SystemBack saved us from having to install all the dependencies and now you can also pre-configure the OS according to your need and directly ship out your own custom OS. This is an excellent solution and you have no idea how easy it made things for us. A simple solution that saved 100+ hours of man time of having to run the bash script that installs all these apps and dependencies, not only that but also helping to provide custom-designed OS to our employees, with the exact settings that makes it extremely efficient for us to deploy.

Once, this was done we still needed the tools to micro-manage the security policies and set the access control on our environment. I have been currently working on this project and have been trying to research the tools we need to bring in our systems and how to enhance the security of our company multi-fold. These are the few tools I have in my mind

SELinuxFail2BanAppArmorSquid Proxy

What next?

As of now I have been working and researching on these tools and how I can implement them, currently I have set them up on a VirtualBox. The next step for us is to install the .iso image of the OS that we have obtained with the help of SystemBack automatically with the help of network boot so that the SysAdmin won’t even have to install this system on the employee’s machine and the .iso image will be installed in the machine as soon as it is booted up.

P.S. If you have any more information about the third-party security tools that I have mentioned above please do feel free to contact me, I can use some help and save my time reading all those documentation files ;)

If you enjoyed it please do clap & let’s collaborate. Get, Set, Hack!

Website : | Donate :

Telegram :

Twitter :

LinkedIn :

E-mail : [email protected]

4 views0 comments

Recent Posts

See All