Daemon Cloud Community Debrief — August 2022
On August 4th, the Daemon Clubhouse was home for our third Cloud Community event for 2022, this time with a theme — Cyber Security.
As mentioned by Nathan Webster in his debrief for our January event, here at Daemon we are keen on getting people together for a social, and this was no exception with an amazing turnout of 30 people — including a very special guest speaker from an external Cyber Security consulting agency (which I will cover in more detail below).
We managed to pack in a full afternoon, starting with a Pizza lunch (shout out to Napoli Gang in Ladbroke Grove), followed by the event itself which I would like to share in more detail.
Our special guest — Richard Brinson — CEO & Co-Founder @ Savanti
Richard joined us for a fireside chat to talk about his career and how he came to run a very successful Cyber Security consultancy, Savanti. It was very enlightening to hear how he started out, the choices he made and some of the struggles endured which made him who he is today. He certainly inspired me and I am sure, many other Daemonites as I have never seen the microphone passed around quite so much during a post-session Q&A. Thank you, Richard!
Prowler & AWS Security Hub Remediation — Marc Peiser @ Daemon
We like to ensure the AWS Cloud environments we work with/provision are meeting and maintaining modern security standards which is why Prowler is a great tool for the job. Prowler allows you to perform security best practices assessments across your AWS accounts with the ability to output findings into AWS Security Hub.
It was great to see Marc demo the tool in real-time, and seeing security vulnerabilities being quickly identified and remediated so easily. Check it out @ Prowler.
checkov by Bridgecrew — Rahim Baraky @ Daemon
Further to catching security vulnerabilities after deployment, why not catch them beforehand or better yet, before they make it to your SCM? Checkov is a Policy-as-Code tool which allows you to scan your IaC code and find misconfigurations with the intent of preventing bad configurations entering production and helps engineers write better, more secure IaC code.
Rahim showed a few ways checkov could be used, manual invocation, using pre-commit webhooks and finally, GitHub Actions. A great open-source tool in my opinion with a paid (more feature-rich) version baked into Bridgecrew Enterprise. Check it out @ checkov.
Daemon Internal VPN Overview — Sandeep Jassal @ Daemon
Sandeep, who also assisted the organisation and co-hosted the event, gave everyone a rundown of a very important security tool we use internally at Daemon, our VPN. Without giving too much away, he explained how the decision was made to use the most cutting-edge and secure VPN technologies and how it is running which was in my opinion, some really cool design.
I think people really appreciated the work that is required to get something like this setup and making it so resilient to failure. It’s not just clicking the connect button!
Let’s Have Some Fun — Quiz Time!
Who doesn’t like a good old quiz? Especially when you can win prizes. While having regular breaks in events like this is important, it’s also important to try and break things up a little in other ways which is why we decided to run a Security/AWS-themed quiz for all attendees.
It was great to see everyone get involved and have some fun. I guess it came down to some clever question writing and an excellent Quiz Master — our co-head of the Daemon Cloud Practice — Des Walker.
Other Cloud Community Bits
We like to keep our community up-to-date with what’s new and upcoming here at Daemon. It is important for people to feel involved, know who they are working with and what projects are underway/in the pipeline. Throw in some really cool and exciting announcements too and it’s a great way to cap off the event!
With some great weather in London at the moment, it would be foolish not to take advantage of it. For this reason, we decided to change things up. Rather than some clubhouse drinks or heading to the nearby watering hole with a beer garden, why not make use of this huge park which we are lucky enough to have just a short stroll from the office?
A few of us headed over to Hyde Park armed with some plastic tubs, drinks (although someone forgot the ice) and a few bits of sporting equipment for a post-event social.
Overall a great day with great content and people. It was so good to see a few new faces from our Monday intake too. Looking forward to the next event and beyond although, we may need a bigger venue!
On a personal note, it is also worth mentioning, this is the first time that I have ever helped organise a professional event of any size. I was quite nervous about doing so, but it all came together in the end with the tremendous support of the team.
My advice to others out there who have been considering doing something similar is — just do it! Put your hand up, get something in the calendar and get stuck into it as you will find it rewarding both professionally and personally!