GitHub - SwiftOnSecurity/OrgKit: Provision a brand-new company with proper defau...
Provision a brand-new company with proper defaults in Windows, Office365, and Azure.
OrgKit is designed to provide a series of templates to "boot-up" a new highly-documented IT environment for a mid-size organization, serve as a public example of what's possible, be a gold-standard implementation, and allow informed decisions by companies who do not know what's really done by other businesses.
The specific target is a company having to start-over after a complete network compromise, or the spin-up of a new subsidiary business.
If you want to jump ahead, here's some of the work I will be citing in addition to my own, and which you can go ahead and use yourself
- Center for Internet Security baselines
- PAW by Rich "unassassinable"
- win10-secure-baseline-gpo by Maxim Khitrov "mxk"
- Win10-Initial-Setup-Script by "Disassembler0"
- awesome-windows-domain-hardening by "PaulSec"
- Windows-Secure-Host-Baseline by The NSA
- windows-event-forwarding by Palantir
It's important to note that the reason a comprehensive repository of Microsoft product configuration guidance for organizations is so rare is because the entire ecosystem is designed to be customized per-organization. However, most organizations are not equipped nor understand the breadth of what this really means. This divergent configuration history of their customers, along with fears about having to support it, then prevents Microsoft providing strong defaults and guidance in a generic form.
Strictly, Powershell DSC is the correct tool to build and maintain a Windows environment with this level of centralized design and vision. It is a great set of abilities, and it will likely be included in the future. However, this project is aimed at Windows administrators who will already be intidated by the breadth of new technologies and concepts, and need to run the system over a long-term with other staff.
Powershell DSC is currently a specialized skill designed to revert anything done outside its central control. It requires whole-organization buy-in, and for that reason, the kind of use-cases for this set of guidance cannot rely on it.
None of this project is sold as unique work or groundbreaking. Where possible, it will reference the existing work of others, or heavily credit them in adaptation - with their permission. Many IT organizations have a set of capabilities similar to this. They press a button and can build an entire company, just like this. However, it is properitary work product their staff cannot publicly share. This is intended to remediate that.
pipeline - REST API to provision or reuse managed Kubernetes clusters in the cloud and deploy cloud native apps
README.md cert-manager cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources. It will ensure certificates are valid...
As much as I liked the ability to quickly and easily build development and test databases with SQL Provision , I thought the dashboard of cloned databases was hi...
Now you can provision Dropbox users with G Suite...
slime-company - Company-mode completion backend for Slime.
company-quickhelp - Documentation popup for Company
Contribute to company-flow development by creating an account on GitHub.
README.md Company-AUCTeX This is a group of backends for company-mode providing auto-completion for
README.md company-box A company front-end with icons.
README.md 公司名语料库（Company-Names-Corpus） 业余项目“萌名（一个基于语料库技术的取名工具）”的副产品。不定期更新。只删词，不加词。 可用于中文分...