Work Diary - Research work & Deployment of Security Policies

Aditya Anand
May 19, 2019 · 4 min read

I just recently joined a startup and have been a part of their InfoSec team. Recently this thought popped up in my mind that I should document the work that I have been doing and how things change when you are independent security personnel to when you start working for an organisation.

Here it goes…

I used to be the guy who was solely focused on the attack vectors and defence was one of those part which I rarely focused on as a independent security researcher, but things totally turned around when I joined the startup and my work totally focuses on the defence aspect of things and how I can contribute to that. Enhancing the security of the company, understanding what policies need to implemented, how to roll out those security policies, documenting steps for insider threats and many more like the same.

Image for post
Image for post

Work work work!

So, to deploy all these security policies first I had to develop my skills in the field of cyber security defence. First complete week I devoted to research on these subjects trying to gather as much as information on these as possible. Documenting is extremely important as you might encounter really amazing ideas, regarding how you can enhance your chances to spot a insider threat or how a simple policy change in your web application firewall can prevent against 70% - 80% of generic attacks. I kept on making notes, on each and every topic I researched upon and kept saving the url links next to those notes so that I can refer them later on if I need to.

Image for post
Image for post

Once, I had a list of policies that we could deploy, the problem then comes to how should we go ahead with the deployment. The one thing that we most of the time underestimate while working alone is how drastically we have to scale up while working for a company. While working alone we end up manually making changes in the .config files and automation never gets due attention. Instead of making the whole thing a single step process we think it is totally fine to make it a several step process. This is something that hits you hard when you start to work as these policies we prepared are worthless if we can’t deploy them with a click of a single button or in a similar fashion.

After the policies were ready, then we started looking into the process of white-listing the applications that are installed in the system of the employees and which one of them could be used to break or bypass the security policy we had in place. So then we need to view at each applications and carried out tests, to see whether these applications comply with the policies. We found various apps that helped user to bypass the security measures and few of them which were not necessary in the first place and just consumed space.

Image for post
Image for post

Writing the list of applications and dependencies that are required by the other employees and the configuration files that were needed to be modified so that we can enforce these rules we need a way to deploy them. I decided to write a bash script for carrying out the whole deal in on click. So we had nearly 25 - 30 dependencies and few configuration files that needed to be changed. I then setup a virtual machine where I installed each and every one of the dependencies one by one trying to figure out what are problems pop up so that when I write the whole bash script it does not pose a problem there.

Installed all the dependencies and made the other required changes in the virtual machine, then I went on to write a script that will automate the entire process and all the person needs to do is to just press a enter key and every single file that is required will be installed, updated and upgraded.

What next?

This seemed like a win for me, to carry out this whole thing in the first two week of my internship, but then arises the next hurdle. This still isn’t a corporate level solution as the security admin still has to manually run the scripts on each and every machine, it might be a single click solution but when you need to carry that out on 50 - 60 machines or even more that becomes a hard task as well.

If you enjoyed it please do clap & let’s collaborate. Get, Set, Hack!

Website : | Donate :

Telegram :

Twitter :

LinkedIn :

E-mail : aditya12anand@protonmail.com

P.S. In my next article I will explain how we dealt with the above problem as well in more than one way actually.

InfoSec Write-ups

A collection of write-ups from the best hackers in the…

Sign up for Infosec Writeups

By InfoSec Write-ups

Newsletter from Infosec Writeups 

By signing up, you will create a Medium account if you don’t already have one. Review our for more information about our privacy practices.

Check your inbox
Medium sent you an email at to complete your subscription.

Aditya Anand

Written by

CyberSec Professional | Hacker | Developer | Open Source Lover | Website - aditya12anand.com | Donate - paypal.me/aditya12anand

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. Maintained by Hackrew

Aditya Anand

Written by

CyberSec Professional | Hacker | Developer | Open Source Lover | Website - aditya12anand.com | Donate - paypal.me/aditya12anand

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. Maintained by Hackrew

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface.

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox.

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store