After a 'discussion' involving brewed liquids with some colleagues over my ISM project there was a suggestion I should make a word-cloud, since everybody is on the word-cloud bandwagon these days I couldn't see a reason not to....
So you have over a thousand servers in your fleet, how do you make sure your passwords are secure for each of them? An even scarier thought is, what if a malicious actor doesn't even need your password to move horizontally within your environment? A malicious actor may have access to one of your low-value assets and without knowing your passwords, authenticate to higher-value assets - Game over....
One does not simply contact ASD; but when an envoy of one of the seven Great Houses of Defense contact you, humble words of surprise are invoked, mainly because a lion doesn't concern itself with the opinion of sheep....
Stop me if you've heard this one before, X11Forwarding is bad, because the ISM doesn't tell us so.
Let me start by giving some context around this problem; You have a Piece Of Software that you need to run on your Linux Server somewhere in your environment, that's cool. However this 'PoS' requires a GUI for it to be used/managed and you need to be able to administer this machine remotely, that's bad if you intend do do this via X11 Forwarding over SSH; and I'll explain why....
So I was off doing family and friends things over the break, and I though it would also be a good idea for me to have a stab at a visual representation of the ISM I've been wanting to do for a while. Also, since it has been a bit quiet for me on the ISM front for a while (and I've heard squat from ASD about ISM2015 yet), I decided to sate my own appetite and provide some visual representation....
