Ankit Giri

A complete tech enthusiast, who likes to learn new technologies. With his expertise in Application Security, Ankit works as Associate Security Consultant for TO THE NEW. A speaker, presenter, and a blogger, Ankit has a diverse background in writing informational blogs while working at TO THE NEW. He is a nature lover, photography enthusiast and avid follower of governance. Being in application security domain, Ankit also takes an interest in RTI activism and carry it as a skill with RTI certifications.

Application Security, AWS

AWS Security practices demystified

We come across a lot of instances of Cloud based applications being hit by DDoS attacks. We must accept the fact that most of us are unaware of risks and protection methods available for DDoS protection in the cloud. This blog post emphasizes on understanding DDos attack and providing an approach to prevent unauthorized access and usage...


Application Security, Technology

Preventing Brute Force attacks due to OpenSSH Vulnerability (MaxAuthTries bypass)

About OpenSSH OpenSSH is an open-source suite of programs that helps us to secure network communications by encrypting the network traffic over many authentication methods and it provides secure tunneling. It eliminates eavesdropping, connection hijacking, and other such attacks. Let's learn Preventing Brute Force attacks due to...


Application Security, Technology

Is your MongoDB publicly accessible?

MongoDB is a NoSQL database that delivers a performance oriented, highly available and scalable database system. Recently, a large number of MongoDB instances were found to be publicly accessible over the Internet. A large amount of data was leaked due to the fact that these instances were running an outdated and unpatched version of...


Application Security, Technology

OpenSSL Vulnerability (CVE-2015-1793) and Remediation

A high-severity vulnerability was announced by OpenSSL. This vulnerability is marked as CVE-2015-1793. Common Vulnerabilities and Exposures is a system that provides a reference-method for publicly known security vulnerabilities and exposures. This blog explains OpenSSL Vulnerability (CVE-2015-1793) and Remediation. OpenSSL Team released...


AWS, Technology

AWS Device Farm: A service to test mobile apps on real devices

AWS Device Farms Device Farms is a recently introduced service that can test mobile apps on real devices in the AWS Cloud. Currently, it supports Android and Fire OS apps. This service can be used to improve the quality of testing by running the test on real smartphones and tablets with different hardware, OS versions and form factors. ...



Mongo Monitoring Service to ensure uptime of MongoDB

Mongo Monitoring Service(MMS) is a service that ensures that the MongoDB is up and running and can alert us when the service is stopped/restarted.It can be run on an on-premise architecture or in the cloud like AWS. Use Case We have multiple servers running MongoDB service and they are present in different environments as Production,...



Autoscaling Environment Logs Collection using LogEntries

LogEntries Managing log data across large autoscaling environments can be a time-consuming and expensive job. Logentries has designed a scalable service that dynamically supports autoscaling environment as log volumes expand and change dynamically. By centralizing all logs across distributed instances into one secure location, we can...


AWS, Technology

AWS Lambda Invocation using Amazon S3

To start, we create a Lambda function to consume events published by Amazon S3. For any object uploaded to a bucket, S3 will invoke our Lambda function by passing event information in the form of function parameters. AWS Lambda executes the function. As the function executes, it reads the S3 event data, logs some of the event information...


AWS, DevOps

Using AWS CloudFormer to create template of existing infrastructure

AWS CloudFormer is a template creation tool and it creates AWS CloudFormation template from our existing resources in AWS account. We can select any supported AWS resources that are running in our account, and CloudFormer creates a template in an Amazon S3 bucket. We will be using AWS CloudFormer to create template of existing...



Configuring server to relay email through Amazon SES (Simple Email Service)

Configuring server to relay email through Amazon SES will provide easy, real-time access to our sending statistics. It has built-in notifications for bounces, complaints, and deliveries which helps us fine-tune our email-sending strategy. Postfix is a free and open-source mail transfer agent (MTA) that routes and delivers electronic...



Introduction To AWS LAMBDA

The next buzz in cloud computing is the event-driven computing service. The service in preview mode “AWS Lambda” brings the same to existence. Lambda makes the best of the concept of "pay-per-use" and “as a service” much further than it did in the case of EC2. It offers pay-per-millisecond computing, a service always available...