Codecademy Logo

Secure Configurations, Automation, Monitoring, and Logging

Print Cheatsheet

Software Diversity

Software Diversity is a Cybersecurity concept in which an organization utilizes different types of software to achieve seemingly similar goals.

This is in the interest of ensuring dependability in the face of attack or failure

Security Configuration

In Cybersecurity, security configuration is another term for benchmarking or baselining.

The security configuration documents all requirements to determine whether a system, device, or application is allowed to operate within an organizational information environment.

Provisioning & Deprovisioning

When creating a secure configuration, provisioning and deprovisioning refer to delivering components of IT infrastructure.

The components must be current, utilized, and monitored, or they are removed from the infrastructure if they are not.

Patch Management

Patch Management is the practice of regularly updating, fixing, and improving (aka “patching”) firmware, operating systems, and applications in order to avoid existing vulnerability exploitation by attackers.

Limiting Permissions

In Cybersecurity, limiting permissions whenever possible ensures that users cannot intentionally, or unintentionally make changes that expose a system to malicious attacks.

The Principle of Least Privilege is an example of a way to limit permissions.

Secure Coding Techniques

Secure Coding Techniques are standards that exist to prevent hacking, reverse engineering, and overall exploitation of code.

This includes, but is not limited to:

  • Data Normalization
  • Stored procedures
  • Obfuscation/camouflage
  • Code reuse
  • Removal of dead code
  • Data validation
  • Memory management
  • Use of third-party libraries and software development kits (SDKs)

Secure Configuration Components

In Cybersecurity, some things that go into creating a secure configuration would be:

  • Environment
  • Provisioning/Deprovisioning
  • Integrity Measurement
  • Secure Coding Techniques
  • Software Diversity
  • Elasticity
  • Scalability
  • Version Control
  • Local Development Environments

    The local development environment is a developer’s computer where they create features of an application.

    Integration Environments

    The integration environment is where developers attempt to merge features into a unified codebase, often using version-control software like Git.

    Testing Environments

    The quality assurance (QA) / testing environment is where tests are executed to ensure the functionality and usability of a project.

    Staging Environments

    The staging environment mimics the final production environment.

    Final performance tests can be executed before real users are involved.

    Production Environments

    The production environment refers to the infrastructure resources that support the application accessed by clients.

    This infrastructure consisted of hardware and software components including databases, servers, APIs, and external services scaled for real-world usage.

    High Availability

    In Cybersecurity, high availability refers to the assurance that a system will be available to respond to requests and complete requested operations in a timely manner.

    Elasticity and scalability are two important pieces of ensuring high availability.

    High Availability Components

    In Cybersecurity, high availability is an important part of creating a secure configuration. The two main components of high availability are:

    • Elasticity
    • Scalability

    Elasticity

    In Cybersecurity, elasticity is the idea that your resources can increase AND decrease to account for short-term changes in activity.

    Elasticity is a part of ensuring high availability.

    Scalability

    In Cybersecurity, scalability is defined by the ability to expand resources of an environment to support longer-term growth.

    Scalability is a part of ensuring high availability.

    Automated Courses of Action

    In Cybersecurity, automated courses of action refers to an automated series of steps or activities performed in order to produce consistent results.

    Continuous Monitoring

    Continuous monitoring refers to visibility throughout different phases of the Secure Development Life Cycle.

    Continuous Deployment

    Continuous deployment is the automatic process of deploying a project to the production environment after it has been tested on testing and staging environments.

    Continuous Delivery

    Continuous delivery is the process of automatically preparing a project to be deployed to a production environment. It usually involves the code being tested and built on an intermediary environment.

    Continuous Integration

    Continuous Integration is the practice of frequently merging changes into a single code repository. Before being merged, the code is automatically built and tested by automated tools.

    DevOps Automation Benefits

    Benefits of automation include:

    1. Faster speed
    2. Less human error
    3. Easier standardization
    4. Flexibility
    5. Cost effectiveness

    DevOps Automation

    Automation is the process of using tools, scripts, and other software to perform aspects of software development and operations.

    Common automated tasks include:

    1. Setting up infrastructure
    2. CI/CD
    3. Testing
    4. Monitoring
    5. Log management

    Scripts

    A script is a program-like sequence of actions that can typically only be run within a specific context.