implementing-immutable-backup-with-restic

Featured

Implements immutable backup strategy using restic with S3-compatible storage and object lock for ransomware-resistant data protection. Automates backup creation, integrity verification via restic check --read-data, snapshot retention policy enforcement, and restore testing. Integrates with AWS S3 Object Lock, MinIO, and Backblaze B2 for WORM (Write Once Read Many) storage that prevents backup deletion or encryption by ransomware actors.

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Implementing Immutable Backup with Restic ## When to Use - Establishing ransomware-resistant backup infrastructure with cryptographic integrity verification - Implementing 3-2-1-1-0 backup strategy where the extra 1 is an immutable copy - Automating backup verification workflows that test restore capability on a schedule - Protecting backup repositories from deletion or modification by compromised admin accounts - Meeting compliance requirements for data retention with tamper-proof storage **Do not use** as the sole backup solution without also maintaining offline/air-gapped copies. Object lock protects against logical deletion but not physical storage failure. ## Prerequisites - restic binary installed (https://restic.readthedocs.io/) - S3-compatible storage with Object Lock enabled (AWS S3, MinIO, Backblaze B2) - Python 3.8+ with subprocess module - AWS CLI or MinIO client (mc) configured for bucket access - Sufficient storage for backup repository (typically 2-3x source data with deduplication) ## Workflow ### Step 1: Initialize Restic Repository with Encryption Create an encrypted restic repository on S3-compatible storage with object lock enabled. Restic uses AES-256-CTR for encryption with Poly1305-AES for authentication, ensuring backup data is both confidential and tamper-evident. ### Step 2: Configure Object Lock Retention Enable S3 Object Lock in Compliance mode on the backup bucket to prevent any principal (including root) from deleting or modifying obj...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Integrates with

AWS · Cloud

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

implementing-ransomware-backup-strategy

Designs and implements a ransomware-resilient backup strategy following the 3-2-1-1-0 methodology (3 copies, 2 media types, 1 offsite, 1 immutable/air-gapped, 0 errors on restore verification). Configures backup schedules aligned to RPO/RTO requirements, implements backup credential isolation to prevent ransomware from compromising backup infrastructure, and establishes automated restore testing. Activates for requests involving ransomware backup planning, backup resilience, air-gapped backup design, or backup recovery point objective configuration.

12,642 Updated today
mukul975
AI & Automation Featured

validating-backup-integrity-for-recovery

Validate backup integrity through cryptographic hash verification, automated restore testing, corruption detection, and recoverability checks to ensure backups are reliable for disaster recovery and ransomware response scenarios.

12,642 Updated today
mukul975
AI & Automation Featured

recovering-from-ransomware-attack

Executes structured recovery from a ransomware incident following NIST and CISA frameworks, including environment isolation, forensic evidence preservation, clean infrastructure rebuild, prioritized system restoration from verified backups, credential reset, and validation against re-infection. Covers Active Directory recovery, database restoration, and application stack rebuild in dependency order. Activates for requests involving ransomware recovery, post-encryption restoration, or disaster recovery from ransomware.

12,642 Updated today
mukul975
Testing & QA Featured

testing-ransomware-recovery-procedures

Test and validate ransomware recovery procedures including backup restore operations, RTO/RPO target verification, recovery sequencing, and clean restore validation to ensure organizational resilience against destructive ransomware attacks.

12,642 Updated today
mukul975
AI & Automation Solid

implementing-backup-strategies

This skill implements backup strategies for databases and applications. It generates configuration files and setup code to ensure data protection and disaster recovery. Use this skill when the user requests to "implement backup strategy", "configure backups", "setup data recovery", or needs help with "backup automation". The skill provides production-ready configurations, best practices, and multi-platform support for database and application backups. It focuses on security and scalability.

2,266 Updated today
jeremylongshore