DEV Community: Sam

Using Continuous Export to Track Secure Score over Time

Sam — Mon, 22 Aug 2022 20:39:28 +0000

For awhile, my team had been going about Microsoft Defender for Cloud(MDFC), the wrong way. It had been a challenge to keep clear visibility of security centric user stories, exemptions, vulnerabilities, and regulatory compliance for my team.

After doing a bit of research, I came across a method to continuously export the data within MDFC to a Log Analytics workspace, so that anyone that wanted a dashboard overview of security posture across multiple teams could easily access a pre-configured workbook with that information.

To get all of this setup, I’ll walk you through step-by-step the pre-requisites needed to see a dashboard like this

Step 1: Create a Log Analytics Workspace

The Resource Group may be negligible to you, but if you logically group all your log analytics workspaces together, I would select that resource group.

Because my team is one of several teams, and because each of my teams is segregated into multiple subscriptions, I was very very intentional about the way I named the instance. However, as long as you remember what workspace you’re porting the data to when it comes time in the setup instructions, then the name may be arbitrary. It really comes down to how large your team is, and what your organizational structure may look like.

Create the workspace!

Step 2: Check Subscriptions in Default Subscription Filter

The Importance here is knowing what subscriptions you have that need security recommendation traceability, so that when you apply continuous export settings, you understand exactly what to select

Step 3: Change Continuous Export Settings

Go to MDFC

Go to ENV Settings on the left hand side

Utilize Arrows in tenant group section and view all applicable subscriptions

Step 4: Select Continuous Export Settings for Each Applicable Subscription

This part is important! You’ll want to have an understanding of what is needed from a security perspective.

It could be that you only need to see Regulatory Compliance over Time, or perhaps want to only see security recommendations that have changed, or resources that have become unhealthy. No matter the case, this is where you’ll select these preferences on a subscription-by-subscription basis

These preferences also depend on the management of security alerts. It could be your organization has an SIEM or third-party SOC that manages security alerts. Unless you’re certain that thresholds for alerting have been configured properly, I’d recommend staying away. Now that being said, it may be negligible anyways because you’ll have control of what you want to see on a workbook by workbook basis. So even if all these settings are enabled and streamed to the analytics workspace, you can choose what to view in Defender for Cloud.

Later In this tutorial, we’ll explore two of the most popular workbooks/templates.

Step 5: Configure Streaming Settings (These Appear by Scrolling Down)

This next part is straightforward — just simply choose the Log Analytics Workspace that you want to send data to !

Step 6: SAVE Configuration !

Step 7: Viewing Workbooks!

Within workbooks, select the template you’re interested in, and select the Log Analytics Workspace that data is being sent to, as well as the time frame

Note: If you’ve just configured this, you may not see data right away, as it is streaming, not previous historical data

Thanks for Reading!

Thanks for reading! If you liked this article, please follow me on medium, and let’s connect on Linkedin: https://www.linkedin.com/in/samuel-armentrout/

Kotlin Compile Time

Sam — Sun, 22 May 2022 17:52:32 +0000

Hi guys, new to Kotlin Development. Got a machine running windows 10, latest build of Android Studio

Simple Hello_world.kt file has insane build and run time, and I'm trying to reduce it

Something I saw was this:

Dev.To Recommendation

With all the insights gathered so far, the question still remains how to assign memory to the kotlinc process. For us, the following worked:
org.gradle.jvmargs=-Xmx8g -Dkotlin.daemon.jvm.options=-Xmx6g
We put this line into a file named gradle.properties, which is located right next to our gradlew executable (so, top-level in the project). This will assign 8GB of RAM to the gradle process, as well as another 6GB dedicated to the kotlin compiler.

These Changes did nothing for me

Let me know if there are any quick recommendations

My machine has 4 cores, 16 gigs of ram. I've got a decent pc, but I have worked in Java for a long time with eclipse as an IDE and never seen anything like this

Best Way to Learn Rust

Sam — Tue, 27 Apr 2021 12:19:38 +0000

Hi all, just starting out learning Rust, and was curious what the best way to go about it would be. I have two books on the subject:

Zero to Production in Rust:
An Opinionated Introduction to Backend Development

By:
Luca Palmieri

and of course
The Rust Programming Language

By:

Steve Klabnik and Carol Nichols

What are some other ways to gain practical knowledge here?

I have access to Pluralsight through work and can do Rust Foundations, but are there are any Udemy Courses that are recommended?
I know this has great reviews, but I'm curious of its worth
The Rust Programming Language ?

And too, I guess I'm curious what path people take. I'm interested of course in web development, but is it worth it to tackle 2D gaming development with Rust as well?