VPN Security Monitor at MyTutor

MyTutor use a high quality external VPN provider. But to ensure that key urls are hidden behind it, I built this simple monitor to test that a list of key URL’s remain unavailable when the VPN is not in use.

RDS User Monitor for MyTutor

At MyTutor, we aimed to ensure that the application database was accessed only by authorised user accounts for legitimate reasons. This project involved analysing AWS CloudWatch logs for the AWS RDS instances to extract relevant information. A list of users and their executed queries was compiled, excluding certain allowed users. The accounts that did not meet the criteria were then posted to a Slack channel for review.

Application Code Security Scanner for MyTutor

I implemented Trivy scanning for the MyTutor application code. Trivy scans for:

Terraform Security Scanner for MyTutor

I took over a project from a previous DevOps engineer who had recently left MyTutor. The project involves scanning Terraform files for vulnerabilities using the tfsec utility. Initially, the scan results were uploaded as an HTML file to Slack, which required downloading to identify vulnerabilities.