Labs
Below you can find a list of projects we have been working on with our partners and clients.
DHIS2 deployments with LXD
To make more robust DHIS2 deployments on LXD infrastructure, we have released dhis2-tools-dab, a successor of dhis2-tools-ng.
This new tool brings new features such as lxd cluster support, centralized logging and SIEM capabilities.
The code can be found here.
DHIS2 server security auditor
This inspec profile verifies compliance of DHIS2 deployments with CIS benchmarks. It can be run locally or remotely to a container in a local LXD host/cluster. It can also run as part of a CD/CI pipeline or automated deployment scripts.
Goal is to ensure DHIS2 has been deployed following international security standards.
The code can be found on Github.
Linux workstation compliance: alr
To scale management of Linux workstation for compliace purposes, alr is what you need: it's a wrapper for lynis and it automatically scans the machine with a predefined or user-supplied profile tailored to the business needs.
To actually manage the reports and make it a fully scalable solution, you will need to leverage the custom crafted web user interface: alr webui, which provides easy to access reports across your fleet.
The code for alr can be found here.
The code for alr webui can be found here.
Infrastructure as Code
IaC is a must paradigm for resilient cloud-native companies. Here is a list of modules to spin secure infrastructure via Terraform:
- Hardened EKS cluster
- Hardened GKE cluster
- GCP Organizational Policies
- Cloudwatch DDoS Dashboard & Alerts