

#093 Getting ISO 27001 certified as a 2-person company
6 snips Apr 10, 2025
Two entrepreneurs share their journey navigating ISO 27001 certification as a small company. They discuss performance challenges with Amazon Linux 2023 and the impact of OpenSSL on their antivirus development. Insights on automation tools for compliance highlight their innovative approach to achieving certification. Additionally, the hosts explore the balance between using consultants and software for managing security—offering listeners valuable tips and practical experiences from their process.
AI Snips
Chapters
Transcript
Episode notes
OpenSSL Performance Bug
- During migration to Amazon Linux 2023, Michael Wittig discovered OpenSSL performance issues on low-memory instances.
- Calculating checksums for small files took seconds, impacting BucketAV's virus signature updates.
Temp Folder in Memory
- Disable tempfs for
/tmp
in Amazon Linux 2023 on low-memory instances. - Mask and stop the
temp.mount
unit to move/tmp
back to disk, improving performance.
ZRAM and Swap Files
- Remove ZRAM and add a swap file on EBS for low-memory instances using Amazon Linux 2023.
- This mitigates performance issues caused by ZRAM's memory compression on limited CPU resources.