Why

Over the last few years, I’ve helped run a crypto exchange as CTO. Handled a bunch of DDoS attacks that Cloudflare couldn’t handle, because they were too small, specific. Wondered each morning if someone had gotten in - how would you know? Did a little due dilligence also. I’ve probably asked the same series of questions 25 times:

Simon (me): has there been a breach in the last N months? Target: No, never. Me: How do you know?

No one has been able to answer.

You see, the big players have complex systems to detect and report back to an internal team. The rest of us, do not.

What

At the very least, this will give you a report that will let you know:

  1. If someone is trying to get in
  2. If someone did get in
  3. Who is scanning your infra.

Those three things are some of the most valuable bits of information you need as a CTO, SRE etc.

This site uses Just the Docs, a documentation theme for Jekyll.