Skip to content
View rileydakota's full-sized avatar
  • Aquia, Inc
  • Remote

Highlights

  • Pro

Block or report rileydakota

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this userโ€™s behavior. Learn more about reporting abuse.

Report abuse
rileydakota/README.md

Welcome to Dakota Riley's GitHub Portfolio page!

I am a Security Engineer, Consultant, and Leader with skills in Cloud Security, Application Security, Detection Engineering, and Automation.

"I just want to do cool cloud security stuff with my friends" - me

alt text

I have worked at startups, large enterprises, FAANG, and the Federal Government, helping customers solve security engineering challenges, as both a consultant, and owner. I enjoy getting to solve large scale challenges with both code and strategy, and enabling engineering teams to move fast without having to worry about security. I deeply care about making the right thing as easy as possible, and the end user experience of security.

I prefer environments that reward creative thinking, strong ownership of problems, and data driven decision making.

While I enjoy going deep on technical problems, I love being able to step back and solve problems at the source vs bandaid fixes.

Speaking

CloudNativeSecurityCon 2024: Detection Engineering in Kubernetes Environments

๐Ÿ“ˆ Slides

AWS Community Day Midwest: Exploring Amazon Lake

๐Ÿ“น YouTube
๐Ÿ“ˆ Slides
๐Ÿ““ Jupyter Notebook

SANS CloudSecNext 2023: Detective Controls in Kubernetes Environments

๐Ÿ“น Youtube

The Security Engineers Guide To Infrastructure-As-Code

๐Ÿ“ˆ Slides

Blogs

Exploring the GitHub Advisory Database for fun and (no) profit

In this blog, I downloaded the entire GitHub Advisory Database, and loaded it into Pandas to look for trends across Open Source Vulnerabilities.

Tactical Cloud Audit Log Analysis with DuckDB - AWS CloudTrail \

In this blog, I cover how to load, parse, and interact with AWS CloudTrail logs utilizing DuckDB, a tool that allows you to locally query and interact with larger than memory datasets that still fit on a single device. Its a great tool for needing to query when you don't have a SIEM available, and is faster than Athena with certain data sizes.

Taking the Secrets Manager Lambda Extension for a spin

This blog, I use the AWS Secrets Manager Lambda extension in different Lambda functions, and benchmark how it impacts performance compared to other methods.

Threat Detection on EKS - Comparing Falco and GuardDuty for EKS Protection

I partnered with co-worker and friend Dustin Whited [@dgwhited] to compare Falco and EKS GuardDuty as options for threat detection in EKS environments.

Using Semgrep to find security issues and misconfigurations in AWS Cloud Development Kit projects

In this blog, I combined my love of static code analysis and infrastructure-as-code to find problems in CDK projects in the actual CDK code itself.

Contributions and OSS

Stratus Red Team - added GCP Support and Initial GCP Technique, added an EKS specific technique that eventually made it into the codebase as well

Peirates - added support for detecting AWS as a Cloud Provider when IMDSv2 is in use

Semgrep - added rules for the static analysis of AWS Cloud Development Kit (CDK) projects

Panther-Analysis - added new detection rules for CodeBuild Public Projects on AWS and some initial K8s rules (WIP)

Matano - added a managed enrichment table for the Cybersecurity and Infrastructure Agency Known Exploited Vulnerabilities (AKA CISA KEV), allowing users to help enrich/prioritize vulnerability finding data sources with KEV status.

CfnSweeper - A CLI tool I built for finding AWS resources unmanaged by AWS Cloudformation, built to help engineers clean up AWS resources often left behind from CDK constructs that have removalPolicies that retain the resource by default.

rileydakota's Stats rileydakota's Streak rileydakota's Top Languages

Pinned Loading

  1. valheim-ecs-fargate-cdk valheim-ecs-fargate-cdk Public

    AWS CDK/Cloudformation to deploy a Valheim Server using ECS Fargate!

    TypeScript 79 25

  2. cfn-sweeper cfn-sweeper Public

    A CLI Tool to find resources in an AWS Account not actively managed by Cloudformation!

    Python 11 1

  3. cdk-day-2021-security-cdk-talk cdk-day-2021-security-cdk-talk Public

    My CDK Day 2020 Talk: Why Security Pros Should Embrace The AWS CDK!

    4 1

  4. nku-cyber-2021-iac-security nku-cyber-2021-iac-security Public archive

    Live Demo Repo and Supporting Content for my NKU Cyber Symposium 2021 talk - The Security Engineers Guide To Infrastructure As Code!

    HCL 2