BanklessDAO
BanklessDAO
/
Operations Department
Operations Department
/
📖
Notion Administration
/
Top-Level BanklessDAO Notion Pages
Top-Level BanklessDAO Notion Pages
/
🚧
Projects
/
🛡️
InfoSec Team
/
BanklessDAO InfoSec Meeting 48

BanklessDAO InfoSec Meeting 48

Created
Mar 22, 2023
Tags
Meeting Date
Attendees
Tony Stark, Dysan, bogdrakonov.eth, Stackthat.eth
Goals for Season 7
  • Add to Google Workspace if financing and requirements make sense
  • Stackthat.eth will be added to the mutli-sig to replace montgomery
  • Team: Increase Bankless Consulting <> InfoSec Offerings
    • This in turn creates revenue for the DAO
      • Close AWS Account - Completed
      • It’s deprecated and no resources should be running in it. We are not offering AWS as a service.
      • Cloudflare controls DNS and domain registration now
  • Focus on access control both inside and outside of Discord
    • JumpCloud
    • SAML
    • Discord OIDC?
    • Discord role audit continuing
  • Tony.Stark
    • working on web crawler Kapture bot
    • Machine Learning Project on Kapture
    • Adding some Mad Hatter logic to not grant Guest Pass without First Quest Complete
      • We’d like to consider having it revoke manually added Guest Passes as well so this logic can be enforced
      • This will happen once First Quest is fixed. We’re going to work with them on that
  • downl0re - Education
    • Weekly the past month
    • Currently Published Educational Articles/Posts 2
      • Weekly rollup newsletter - 02/17/23
      • DeFi download newsletter -
    • vaultwarden documentation
  • stackthat.eth
    • Discord Audit / Cleanup continuation
    • Continue infrastructure additions/maintenance
    • Extend vaultwarden to InfoSec team members
    • Machine Learning Project on Kapture
  • Dysan
    • Planning / Tracking KPI’s
    • Discord Management
    • Discord Audit / Cleanup continuation
Weekly Review
 
  • InfoSec to go back to using discord InfoSec worklog channel for task management.
  • InfoSec still working to ratify S7 funding issue with GC.
Work log
  • Deprecate SAML Connection from jumpcloud to google.
    • Will have to work with marketing
  • Stackthat cleaned up terraform resources for AWS
  • Tony is planning to add logic to madhatter that requires people to have “First Quest Complete”
    • Tony will be inviting Bog to the madhatter server
  • Finding ways to kick users who have “First Quest Welcome” role but are not active
  • Replacing Montgomary with stackthat on multisig
  • Bankless Card -
    • Tony/Stackthat have to still go through best practices
 
  • working w/ Bankless Cards on DevOps related issue.
    • We are working on containerization of taxman and bankless card main website repo and deploying it to either digital ocean or github pages.
    • We are also looking to build a ci/cd pipeline for this project.
  • has been working on an InfoSec bot for advanced moderation and combat recent phishing wave in the DAO.
  • Monthly Discord message has been posted last week
  • Tony working on web crawler Kapture for InfoSec Website for InfoSec content/news
    • Configure the DB w/ BigQuery & TerraForm
    • Daily Summary
  • Risk council started by Tertius to look at forms of risk for the DAO
    • Currently a multi-guild collaboration, d0wnlore will be the liason for InfoSec
    • No updates at the moment but underway
  • Treasury's initiative of standardizing accounting process DAO wide
  • Discord policy update to enforce a restriction on accounts younger that 2 days
Action Items
Adding Stackthat.eth to multisig instead of Montgomery
to work on connecting a BigQuery DB to crawler
to configure TerraForm for this
to continue working on InfoSec bot
to reach out to DevOps to create a list discord members with administrator access.
to work an article for Phishing campaign for next week.
Bog Drakonov to monitor funding issue w/ GC
Domain Migration
 
Partnerships
 
Bankless Consulting
Marketing materials needs improvement.
 
StackThat & Tony working w/ Bankless Card to work fix their hosting issues.
BanklessDAO
BanklessDAO
/
Operations Department
Operations Department
/
📖
Notion Administration
/
Top-Level BanklessDAO Notion Pages
Top-Level BanklessDAO Notion Pages
/
🚧
Projects
/
🛡️
InfoSec Team
/
BanklessDAO InfoSec Meeting 48

BanklessDAO InfoSec Meeting 48

Created
Mar 22, 2023
Tags
Meeting Date
Attendees
Tony Stark, Dysan, bogdrakonov.eth, Stackthat.eth
Goals for Season 7
  • Add to Google Workspace if financing and requirements make sense
  • Stackthat.eth will be added to the mutli-sig to replace montgomery
  • Team: Increase Bankless Consulting <> InfoSec Offerings
    • This in turn creates revenue for the DAO
      • Close AWS Account - Completed
      • It’s deprecated and no resources should be running in it. We are not offering AWS as a service.
      • Cloudflare controls DNS and domain registration now
  • Focus on access control both inside and outside of Discord
    • JumpCloud
    • SAML
    • Discord OIDC?
    • Discord role audit continuing
  • Tony.Stark
    • working on web crawler Kapture bot
    • Machine Learning Project on Kapture
    • Adding some Mad Hatter logic to not grant Guest Pass without First Quest Complete
      • We’d like to consider having it revoke manually added Guest Passes as well so this logic can be enforced
      • This will happen once First Quest is fixed. We’re going to work with them on that
  • downl0re - Education
    • Weekly the past month
    • Currently Published Educational Articles/Posts 2
      • Weekly rollup newsletter - 02/17/23
      • DeFi download newsletter -
    • vaultwarden documentation
  • stackthat.eth
    • Discord Audit / Cleanup continuation
    • Continue infrastructure additions/maintenance
    • Extend vaultwarden to InfoSec team members
    • Machine Learning Project on Kapture
  • Dysan
    • Planning / Tracking KPI’s
    • Discord Management
    • Discord Audit / Cleanup continuation
Weekly Review
 
  • InfoSec to go back to using discord InfoSec worklog channel for task management.
  • InfoSec still working to ratify S7 funding issue with GC.
Work log
  • Deprecate SAML Connection from jumpcloud to google.
    • Will have to work with marketing
  • Stackthat cleaned up terraform resources for AWS
  • Tony is planning to add logic to madhatter that requires people to have “First Quest Complete”
    • Tony will be inviting Bog to the madhatter server
  • Finding ways to kick users who have “First Quest Welcome” role but are not active
  • Replacing Montgomary with stackthat on multisig
  • Bankless Card -
    • Tony/Stackthat have to still go through best practices
 
  • working w/ Bankless Cards on DevOps related issue.
    • We are working on containerization of taxman and bankless card main website repo and deploying it to either digital ocean or github pages.
    • We are also looking to build a ci/cd pipeline for this project.
  • has been working on an InfoSec bot for advanced moderation and combat recent phishing wave in the DAO.
  • Monthly Discord message has been posted last week
  • Tony working on web crawler Kapture for InfoSec Website for InfoSec content/news
    • Configure the DB w/ BigQuery & TerraForm
    • Daily Summary
  • Risk council started by Tertius to look at forms of risk for the DAO
    • Currently a multi-guild collaboration, d0wnlore will be the liason for InfoSec
    • No updates at the moment but underway
  • Treasury's initiative of standardizing accounting process DAO wide
  • Discord policy update to enforce a restriction on accounts younger that 2 days
Action Items
Adding Stackthat.eth to multisig instead of Montgomery
to work on connecting a BigQuery DB to crawler
to configure TerraForm for this
to continue working on InfoSec bot
to reach out to DevOps to create a list discord members with administrator access.
to work an article for Phishing campaign for next week.
Bog Drakonov to monitor funding issue w/ GC
Domain Migration
 
Partnerships
 
Bankless Consulting
Marketing materials needs improvement.
 
StackThat & Tony working w/ Bankless Card to work fix their hosting issues.