I recently helped a client migrate their Devops Pipelines to Github Actions. One of the nice features about GH is that its relatively easy to setup and use an identity provider that will allow Github to do what it needs without having to store credentials. I found some great resources [...]
Recently I was helping a company audit their 1password account. Thought I’d share some useful snippets using jq and the 1password CLI tool.
This command suspends users who haven’t logged in for 3 months
op list users | jq -r '.[] | .uuid' | xargs -iUSER op get user USER | jq -r ' select(.lastAuthAt | fromdateiso8601 <= now - 7776000).uuid' | xargs -iUSER op suspend USERAfter suspending all the users for a few days (waiting to see if people complain), this command can be used to purge those users and free up their licenses.
op list users | jq -r '.[] | select(.state=="S") | .uuid' | xargs -iUSER op delete user USER
Recently a friend of mine told me his company, in an effort to improve security, was launching a bug bounty program. I’m a huge fan of bug bounty programs, hiring ...
