0 views collected around this technical thread.
This article explains internal network tunneling, compares popular open‑source tools like frp, ngrok, and nps, and outlines essential security measures, risk‑control checklists, and compliance tips to help operations teams safely expose internal services without compromising security.
This article reviews JD Cloud’s bastion host solution presented at the 2020 Global New‑Generation Software Engineering Summit, detailing the security challenges of modern operations, compliance requirements, design principles, cloud‑native architecture, and real‑world deployments in enterprises and finance.
This article explains the concept of operations security, why it has become critical, enumerates common mis‑configurations and vulnerabilities such as open ports, weak permissions, insecure scripts and supply‑chain risks, and provides a comprehensive set of best‑practice guidelines and an enterprise‑level framework to build a resilient operations security posture.
This article reviews a decade of cloud security experience and outlines the key challenges of operations security in public cloud environments, offering concrete solutions such as VPC isolation, encrypted VPNs, RAM policies, Linux key‑based login, Windows RDP port changes, privileged‑account management, and ActionTrail auditing.
This article examines the most common operational security vulnerabilities—such as unpatched Struts, server‑status leaks, backup file exposure, SVN leaks, and weak default credentials—explains why they are critical, and offers practical recommendations for enterprises to improve their ops‑security posture.
This article introduces CrazyEye, an open‑source bastion host that centralizes permission and audit management for large server fleets, explains its key features such as fine‑grained access control, command logging, and batch operations, and provides setup screenshots and the Git repository link.