cloudonaut

#093 Getting ISO 27001 certified as a 2-person company

6 snips
Apr 10, 2025
Two entrepreneurs share their journey navigating ISO 27001 certification as a small company. They discuss performance challenges with Amazon Linux 2023 and the impact of OpenSSL on their antivirus development. Insights on automation tools for compliance highlight their innovative approach to achieving certification. Additionally, the hosts explore the balance between using consultants and software for managing security—offering listeners valuable tips and practical experiences from their process.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ANECDOTE

OpenSSL Performance Bug

  • During migration to Amazon Linux 2023, Michael Wittig discovered OpenSSL performance issues on low-memory instances.
  • Calculating checksums for small files took seconds, impacting BucketAV's virus signature updates.
ADVICE

Temp Folder in Memory

  • Disable tempfs for /tmp in Amazon Linux 2023 on low-memory instances.
  • Mask and stop the temp.mount unit to move /tmp back to disk, improving performance.
ADVICE

ZRAM and Swap Files

  • Remove ZRAM and add a swap file on EBS for low-memory instances using Amazon Linux 2023.
  • This mitigates performance issues caused by ZRAM's memory compression on limited CPU resources.
Get the Snipd Podcast app to discover more snips from this episode
Get the app