cloudonaut #093 Getting ISO 27001 certified as a 2-person company
6 snips
Apr 10, 2025 Two entrepreneurs share their journey navigating ISO 27001 certification as a small company. They discuss performance challenges with Amazon Linux 2023 and the impact of OpenSSL on their antivirus development. Insights on automation tools for compliance highlight their innovative approach to achieving certification. Additionally, the hosts explore the balance between using consultants and software for managing security—offering listeners valuable tips and practical experiences from their process.
AI Snips
Chapters
Transcript
Episode notes
OpenSSL Performance Bug
- During migration to Amazon Linux 2023, Michael Wittig discovered OpenSSL performance issues on low-memory instances.
- Calculating checksums for small files took seconds, impacting BucketAV's virus signature updates.
Temp Folder in Memory
- Disable tempfs for
/tmpin Amazon Linux 2023 on low-memory instances. - Mask and stop the
temp.mountunit to move/tmpback to disk, improving performance.
ZRAM and Swap Files
- Remove ZRAM and add a swap file on EBS for low-memory instances using Amazon Linux 2023.
- This mitigates performance issues caused by ZRAM's memory compression on limited CPU resources.