TL;DR: The Queensland government website that is in charge of registering and booking COVID-19 vaccinations has been down for over a week and uh, no one seems to give a s**t

I got an email last week from Queensland Health inviting me to get the COVID-19 vaccination. I was excited to get the invitation as I really want to get the COVID-19 vaccination, so I immediately read the email and went to the link provided in the email.

Unfortunately, the website doesn’t work. Each person that applies is supposed to get an invitation code that’s generated by a Microsoft App…


The three coworkers sit down at the bar and the bartender asks them what they’ll have. “We’ll take 3 beers,” says the developer, “but before you pour them we need you to settle an argument for us.” The bartender, who was used to such requests smiled and said “Sure, what’s the argument?”

So the sysadmin started it off: “We are having an argument about how we can deliver ‘secure’ applications. Management is pissed and is pushing us for change because we’ve had a high profile data breach recently.” The bartender nodded knowingly as another voice chimed in. “We’ve been arguing…


Paul McCarty — SecureStack Founder & CTO

When we talk to potential customers we always ask questions about their existing cloud infrastructure. We ask which cloud providers they are using and why. When they are using more than one cloud provider we usually ask what are their reasons for having these two, or more, sets of cloud infrastructure. We are really interested to see if there were feature or functionality reasons that made more than one cloud important. Was it pricing or maybe scalability? Did they bring on a CTO or architect after the initial architecture was built out and…


Paul McCarty — Lead Engineer at SecureStack

It’s our job to find good security practice and codify it. That’s what we do at SecureStack mostly: automate security into infrastructure. We do this a number of ways. For example, we build hardened operating systems that limit the attack surface of a server, and address a lot of the baked in security issues with default images you get from the cloud providers. We also use tools like WAF, dynamic firewalls, SELinux and others to do the actual securing part. We then audit it all and use centralised real-time logging and aggregation to make sure you can see all your…


Paul McCarty — Founder & CTO of SecureStack

Over the years many people have asked me what I do to secure my workspace and online presence. My process is a combination of using free and paid security tools in a layered approach to make my life safer. In today’s world there will never be ONE security app or practice to make you safer.

So with that in mind I thought I would put together a list for you:

Multi-Factor Authentication: Before you do anything else install a multi-factor authentication (MFA) app on your smart phone if you don’t have one…


SecureStack now offers Microsoft Windows Server images!

SecureStack Base images for Redhat 7, CentOS 7, Ubuntu 16.04 and now Windows Server 2016

Yes you heard that right, we’ve listened to our MSP and enterprise customers who wanted us to publish a SecureStack Windows Base image to round out our noticeably Linux heavy offerings. Now the same security and flexibility they’ve been enjoying with our Linux images is available to them for Windows Server 2016. This includes the same intrusion detection and other security controls they’ve been using to successfully secure their environments. So, Windows Servers will plug right into existing SecureStack Enterprise deployments. …


SecureStack is pleased to announce that we now support Redhat 7! Our SecureStack Base Redhat 7 product is a hardened version of Redhat 7.4 and comes with security tools built right in.

Our Base products plug directly into your SecureStack SIPServer, allowing you to create hardened instances that are talking to your centralized logging and SIEM the second they come into existence. You don’t have to create any automation or build scripts, SecureStack does it for you! …


There’s a new meetup on the Gold Coast and SecureStack is super-mega-stoked to be a sponsor! Gold Coast DevOps group is having its inaugural meetup on March 22nd.

It’s the one that says “DevOps” on it

We will be meeting at the Gold Coast Techspace in Mudgeeraba. Address is 57A Railway St. Here’s a map. Things kick off at 6:30pm and pizza will arrive at 7pm. Feel free to bring your friends.

Talks will be on Terraform, Azure, CI/CD on the cheap and more!

You can find more info at the Meetup.com page: https://www.meetup.com/Gold-Coast-DevOps/events/248183206/


Last Friday Australia’s new Mandatory Data Breach Notification law went into effect. Broadly speaking it requires businesses to advertise when they’ve had a data breach that involves personal identifying information. They must let the customers who have been affected as well as the government know, usually within 30 days of a breach.

So, what this means simply is that Australia businesses, as well as global companies that do business here need to have protections in place in the event of a data breach. Moreover, they need to know how to advertise the fact in the event that one happens.

Before…


It’s 2017 and I’ve been in the IT industry over 21 years now. I started out in tech support at an ISP in Logan, Utah in 1996. I had been a unix hacker in college and knew enough to get hired as a junior admin. Most of our production services were on Sun pizza boxes but I started adding secondary systems first with Minix and then with Slackware Linux. I built my first Linux firewall in November of that year. My love for *nix networking and security grew from there.

Fast forward 20 years and I’m still here. Still plugging…

Paul @ SecureStack

DevSecOps specialist. Founder SecureStack.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store