Technical part

authentication / protection of exposed services and credentials / active defense

FBK useful services

 

  • OpenObserve

Observability platform for logs, metrics, traces, and monitoring

Software for shortening links, making them more intelligible, easy to communicate, and share

Password manager (hosted by FBK) that allows saving, storing, sharing, and protecting credentials, SSH keys, and other information, in an encrypted digital vault

VPN based on WireGuard, for creating private, secure, and fast peer-to-peer mesh networks, RBAC access to hosts…

  • Authenticated Reverse proxy

Entry point for all incoming requests from the protected exterior, with the possibility of integration with Authentik for authentication and access limitation

  • Crowdsec

Log analysis system, WAF, and proactive blocking of malicious actors to block different attack categories (http, ssh, smtp, etc) in real-time

Tool that integrates SSO authentication via OIDC with SSH, allowing access to remote servers via corporate identity with MFA