On Sunday, Sam reminded me that Jupyter Notebooks exist and asked if Locksmith should provide a Remediation Guide in the form of a Jupyter Notebook (JN).

He’s 100% correct, and it would be amazing. A JN could provide:

  • Summary of Findings
  • A Sorted list of Active Directory Certificate Services (AD CS) findings with the following included for each:
    • Finding
      • Asset
      • Misconfiguration
      • Explanation of why this is an issue
    • Priority
    • All possible methods for fixing the issue, each having the follow info
      • Code
      • Explanation of Code
      • A button to run the fix

This all sounds amazing, and it will definitely make it into Locksmith soon. But I also thought I could start using JN as a presentation framework for all sorts of things I do in security…

But then, a co-worker showed me some graphics he’s been building in Power BI (PBi) using CSVs. The graphics looked much more impactful, and the ability to output directly to PowerPoint… whew. I’m getting the vapors.

But maybe most importantly, JN looks and feels like a development/data science tool - because it is. PBi looks like an office tool - because it is. While most of the people I work with are highly technical and have no problem navigating dev-centric tools, I appreciate that sometimes a tool should hide the sausage.

So today, I’m going to attempt to build a Locksmith deliverable (as described above), and we’ll see which tool is easier to work with. I’m guessing both will have their place!