My Favourite Cloud Tools and Readings

Here are some of tools I created or found online, which are my favourites to use daily. 

Most of sites are listing at (keep updating)

• https://sites.51sec.org
• https://nav.51sec.org

My Online Tools

1. Portainer 
2. Log - https://51sec.loggly.com/
3. Server Monitoring
• HetrixTools - https://on.51sec.org/
• NetData - https://app.netdata.cloud/spaces/jon-netsec-space/rooms/all-nodes/
4. Websites / Web App Monitoring
• http://51sec.org/monitor/
• https://monitor.51sec.eu.org/
• https://up.51sec.org/
• Zabbix -
5. Email - https://51sec.org/mail
6. OneDrive Manager
• http://od.51sec.org
• http://myod.51sec.eu.org
7. Google Drive Indexer- 
• https://gd.51sec.org
• no-password  https://gd.itprosec.eu.org/ - Tools
• https://upload.itprosec.eu.org/ - movie + upload
• Download Google Drive - http://download.51sec.org
8. Wiki - 
• https://sec.myxwiki.org/
• docs.51sec.org
• docs.itprosec.org
9. Proxy
• https://proxy.51sec.eu.org
• https://hide.51sec.eu.org/
• https://proxy.itprosec.eu.org/
• https://proxy.itprosec.com/
10. Nodequery - VPS Monitoring (10 VPS, API supported) - NodeInfo - https://51sec.org/monitor
11. Online Calendar Booking - https://calendly.com/51sec/
12. Bookmarks - https://sites.51sec.org, https://nav.51sec.org
13. Github - https://github.com/51sec
14. KMS -  key : https://docs.microsoft.com/zh-cn/windows-server/get-started/kmsclientkeys
• 192.168.2.8
15. Jira / Confluence / Trello - https://51sec.atlassian.net/ (need to re-create)
16. WebSSH - http://ssh.51sec.org 
17. IFTTT - Connects all of your different apps and devices together with a chains of simple conditional statements. I am using Blogger-2-Weebly and Blogger-2-Wordpress two applets to help me updating multiple sites. 
18. Screenshots with online links
• Photos.51sec.org - Backblaze storage integrated with Cloudflare in Bandwidth Allience (10G) 
• p.51sec.org - tebi.io - 
19. Other Cloud Storage
• Scaleway - S3 - 75GB of Storage in C14 Cold Storage's Glacier class. Support bandwith alliance as well. Trying to see if it can be integrated with cloudflare CDN. 
20. Show Public ip: 
• curl ifconfig.me
• https://ip.51sec.org/api  (Vercel Deployment)
21. Camera App:
• Heroku:  https://camera51.herokuapp.com/

Online Business Tools

• https://www.waveapps.com/ - Free financial management tool
• https://www.dnb.com/ - Free D-U-N-S Number and Company Credit monitoring

Other Online Tools

1. Short-tem exchange of pasted information between parties: https://paste.ubuntu.com/
2. Free Kubernetes cluster to play : https://www.katacoda.com/courses/kubernetes/playground 
3. Free Docker Playground:https://labs.play-with-docker.com/
4. Free deploy app into Kubernetes: https://kubesail.com/
• Oketeto
• IBM Red Hat OpenShift
5. Heroku is a platform as a service (PaaS) that enables developers to build, run, and operate applications entirely in the cloud: https://www.heroku.com/
• Vercel
• Netlify
6. Azure Sandbox: Once activated sandbox from Azure Exercise, you can sign into  Azure portal for sandbox to explore at most 10 sandboxes for a day. Each sandbox lasts 4 hours. 

My Readings

1. Top Six Communicating Skills - Listening, Coaching (Learning&Sharing), Teaching, Guiding, Advising, Motivating
2. Operation - (运维 )
• Agile - (Documentation -> Process -> Technology -> Monitor -> Backup) - Jira / Confluence / Wiki
• CMDB - Device42? 
• Some posts in this forum
3. Architecture 
• Multi-layered Security -  Vertical - Cloud - Perimeter - network - endpoint - Application - data
• Multi-Zones Security - Lateral (Horizontal) - 产品区域、生产区域、内网区域、合作区域
• Zero Trusted Network / Security - identify verification for every person and device. - IAM & PAM (Least Privilege Access), 0 Day Attack, MicroSegmentation, MFA , CASB (Identity verification, Access Control, DLP, URL Filtering, Packet Inspection, Sandboxing, Browser Isolation, Anti-Malware), 
4. CISO Skills
• 如何做好首席安全官 - 企业安全体系与架构实现
5. NIST 
• CSF - 50% used at US organizations at 2020
• Other Publications
• Special Publication 800-53: provides a catalog of security and privacy controls for all U.S
• Special Publication 800-40: Creating a Patch and Vulnerability Management Program 
• Special Publication 800-30: Risk Management Guide for Information Technology Systems
• Roadmap - CSF
• Tiers - (1. Partial, 2. Risk Informed, 3. Repeatable, 4. Adaptive) vs Maturity level
• Categories with Core Functions - Identify , Protect, Detect, Respond, Recover - 23 Categories, 108 Subcategory, mapping to CSC, ISA, ISO, COBIT, NIST SP 800-53
• Profiles - For each subcategory, set up Priority, Gaps, Budget, Short/Intermediate/Long Term activities
• Vulnerability Management
• 800-30 & 800-40
• TRA
• Qualitative vs Quantitative
6. ISO27001
7. 52PJ
8. Pen Testing