SlideShare a Scribd company logo

Monitoramento de Vulnerabilidades com Zabbix, RHEL e Yum Security Plugin

Alessandro Silva
Alessandro Silva

Vulnerabilidade é uma falha no desenvolvimento de software que pode ser explorada por um potencial atacante para ganhar acesso à sua rede ou sistema. O uso de serviços mal configurados, senhas fracas e a presença de pacotes que contenham bugs ou falhas de segurança são brechas que podem ser exploradas a qualquer momento. O Zabbix Security Insights é uma solução que implementa o monitoramento de vulnerabilidades usando o Zabbix, o recurso nativo conhecido como UserParameter e o plugin de segurança do Yum, disponível no Red Hat Enterprise Linux/CentOS/Fedora e distribuições derivadas, para coletar informações sobre as vulnerabilidades e posteriormente gerar um dashboard com visões de segurança, para o melhor gerenciamento e conformidade. Através de uma apresentação e posteriormente uma demo, Administradores de Sistemas e Gestores de TI serão capazes de entender como usar a solução Zabbix Security Insights para monitorar proativamente as vulnerabilidades e minimizar o risco de possíveis invasões por falhas de segurança já conhecidas.

Technology
1 of 21
Zabbix Conference Latam 2016 Monitoring Vulnerabilities with Zabbix, RHEL and Yum Security Plugin Alessandro Silva Technical Account Manager, Red Hat alsilva@redhat.com Twitter: @alessssilva
Zabbix Conference Latam 2016 $ Who am I • Pós-graduando em Segurança da Informação – NCE/UFRJ • Mais de 12 anos na indústria de TI e 10 somente com Linux. • Certificações: • RHCE - Red Hat Certified Engineer • RHCSA em Openstack • LPIC-3 Core • LPIC-303 Security Specialist • Zabbix Certified Specialist • Desde 2011 trabalhando com Zabbix • Technical Account Manager na Red Hat • “Zabbix guy” na Red Hat
Zabbix Conference Latam 2016 Agenda • Vulnerabilidades, impactos e contramedidas • Por que monitorar vulnerabilidades? • Segurança do Produto • Como Zabbix pode nos ajudar? • A solução Enterprise e Open Source • Demo
Mas, afinal, o que é uma vulnerabilidade?
Zabbix Conference Latam 2016 CVE Common Vulnerabilities and Exposures • Formato padronizado para notificação e acompanhamento de questões de segurança relacionadas a software • Mantido pela empresa MITRE Corporation • Common Vulnerability Scoring System (CVSS) • Severidades: Crítica, Importante, Moderada e Baixa Vulnerabilidades 0 1000 2000 3000 4000 5000 6000 7000 8000 Número de Vulnerabilidades | Desde 1999 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 cve.mitre.org
Zabbix Conference Latam 2016 Resposta a Incidentes de Segurança • ERISI/CSIRT - Computer Security Incident Response Team ✔ Investiga e analisa questões relacionadas a segurança de software ✔ Analisa quais produtos são afetados, impactos e contramedidas • Publicação de erratas ✔ Severidades ✔ Impactos ✔ CVE
Zabbix Conference Latam 2016 Segurança do Produto • Red Hat Security Advisory (RHSA) • Red Hat Bug Fix Advisory (RHBA) • Red Hat Enhancement Advisory (RHEA) RHEL 6.0 RHEL 6.1 RHEL 6.2 RHEL 6.3 RHEL 6.4 0,0 1,0 2,0 3,0 4,0 5,0 6,0 7,0 8,0 9,0 Erratas de Segurança por mês Red Hat Enterprise Linux - Instalação default do Servidor Critica Importante Baixa/Moderada Sistema Operacional Errataspormês
Zabbix Conference Latam 2016 Segurança do Produto Red Hat Enterprise Linux 5 98% Das vulnerabilidades Críticas são corrigidos em 1 dia Red Hat Enterprise Linux 6 92% Das vulnerabilidades Críticas são corrigidos em 1 dia Red Hat Enterprise Linux 7 97% Das vulnerabilidades Críticas são corrigidos em 1 dia
Zabbix Conference Latam 2016 Mas, o que iremos monitorar? Servidores Físicos Eles ainda existem e precisam ser monitorados Servidores Virtuais Monitore servidores virtuais em qualquer hypervisor Monitore instâncias da nuvem Cloud servers, contêiners,...
Zabbix Conference Latam 2016 Por que Monitorar? Gerenciamento e compliance Manutenção do ciclo de vida Manter a vigilância na infraestrutura
Como o Zabbix pode ajudar?
Zabbix Conference Latam 2016 Usando o Zabbix para monitorar Notificações Controle Centralizado Configuração Status Checagens Monitoração SNMP Monitoração com agente Monitoração com ping e porta Dispositivos monitorados Dispositivos de rede Servidores com Agente Zabbix Servidores sem Agente Zabbix
Zabbix Conference Latam 2016 Zabbix + RHEL + Yum Security Plugin YUMYUM Security Plugin + +
Zabbix Conference Latam 2016 Implementação • Instalação do YUM security plugin • Agendar os relatórios de segurança no Cron • Estender o agente Zabbix via UserParameter • Criar o template RHN Security ✔ itens, triggers, gráficos, telas ... • Criar o script de checagem de vulnerabilidades
Zabbix Conference Latam 2016 YUM Security Plugin # yum install -y yum-plugin-security # yum updateinfo Loaded plugins: product-id, refresh-packagekit, rhnplugin, security, subscription-manager Updates Information Summary: available 42 Security notice(s) 5 Critical Security notice(s) 15 Important Security notice(s) 7 Low Security notice(s) 15 Moderate Security notice(s) 143 Bugfix notice(s) 13 Enhancement notice(s) updateinfo summary done # yum install -y yum-plugin-security # yum updateinfo Loaded plugins: product-id, refresh-packagekit, rhnplugin, security, subscription-manager Updates Information Summary: available 42 Security notice(s) 5 Critical Security notice(s) 15 Important Security notice(s) 7 Low Security notice(s) 15 Moderate Security notice(s) 143 Bugfix notice(s) 13 Enhancement notice(s) updateinfo summary done YUMYUM Security Plugin Gerando o Relatório de Segurança # crontab -e * 0 * * * yum updateinfo > $zbxlogdir/security-reports/sec-report
Zabbix Conference Latam 2016 Agente Zabbix Estendendo com UserParameter UserParameter=rhn.security,grep -m 1 "Security notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print"0"}' UserParameter=rhn.security.critical,grep "Critical Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.security.important,grep "Important Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.low,grep "Low Security" /var/log/zabbix/security-reports/sec- report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.moderate,grep "Moderate Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.bugfix,grep "Bugfix notice" /var/log/zabbix/security-reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.enhancement,grep "Enhancement notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security,grep -m 1 "Security notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print"0"}' UserParameter=rhn.security.critical,grep "Critical Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.security.important,grep "Important Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.low,grep "Low Security" /var/log/zabbix/security-reports/sec- report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.moderate,grep "Moderate Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.bugfix,grep "Bugfix notice" /var/log/zabbix/security-reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.enhancement,grep "Enhancement notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' $DIR/etc/zabbix_agentd.conf.d/zabbix_agentd.userparams.conf
Zabbix Conference Latam 2016 Relatório de Vulnerabilidades Vulnerabilidade Severidade Fix ---------------------- -------------------- ------------- CVE-2015-1781 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-7423 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2015-1473 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-1753 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4616 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4650 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2015-3276 Moderate/Sec. openldap-2.4.40-8.el7.x86_64 CVE-2015-3194 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3196 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3195 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-7575 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.2.x86_64 CVE-2016-0797 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0702 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0705 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0800 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2015-3197 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 Vulnerabilidade Severidade Fix ---------------------- -------------------- ------------- CVE-2015-1781 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-7423 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2015-1473 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-1753 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4616 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4650 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2015-3276 Moderate/Sec. openldap-2.4.40-8.el7.x86_64 CVE-2015-3194 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3196 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3195 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-7575 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.2.x86_64 CVE-2016-0797 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0702 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0705 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0800 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2015-3197 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 Gerando o Relatório de Vulnerabilidades: # crontab -e * 0 * * * yum updateinfo list cve > $zbxlogdir/security-reports/vuln-report
Zabbix Conference Latam 2016 Projeto está disponível • Template • Arquivos de configuração • Scripts https://github.com/alessssilva/zabbix/tree/master/zabbix-security-insights It's better to SHARE Your mother was right
DEMO
Zabbix Conference Latam 2016 Referências • Product Security Overview ✔ https://access.redhat.com/site/security/team/ • Red Hat Security Center ✔ https://access.redhat.com/security/ • Documentação oficial do Zabbix ✔ http://zabbix.com/documentation • Common Vulnerabilities and Exposure ✔ http://cve.mitre.org/
22INSERT DESIGNATOR, IF NEEDED OBRIGADO! plus.google.com/+Red Hat linkedin.com/company/red-h at youtube.com/user/RedHatVide os facebook.com/redhati nc twitter.com/RedHatNe ws

Recommended

Zabbix Performance Tuning
Zabbix Performance TuningZabbix Performance Tuning
Zabbix Performance TuningAlessandro Silva
 
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.xEMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.xAruba, a Hewlett Packard Enterprise company
 
MariaDB 10.5 binary install (바이너리 설치)
MariaDB 10.5 binary install (바이너리 설치)MariaDB 10.5 binary install (바이너리 설치)
MariaDB 10.5 binary install (바이너리 설치)NeoClova
 
初心者向けWebinar AWS上でのファイルサーバ構築
初心者向けWebinar AWS上でのファイルサーバ構築初心者向けWebinar AWS上でのファイルサーバ構築
初心者向けWebinar AWS上でのファイルサーバ構築Amazon Web Services Japan
 
Introduction to appDynamics
Introduction to appDynamics Introduction to appDynamics
Introduction to appDynamics Siddhanta Rath
 
Hpe Intelligent Management Center
Hpe Intelligent Management CenterHpe Intelligent Management Center
Hpe Intelligent Management CenterAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.xEMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.xAruba, a Hewlett Packard Enterprise company
 
Kuberntes Ingress with Kong
Kuberntes Ingress with KongKuberntes Ingress with Kong
Kuberntes Ingress with KongNebulaworks
 

Recommended

Zabbix Performance Tuning
Zabbix Performance TuningZabbix Performance Tuning
Zabbix Performance TuningAlessandro Silva
 
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.xEMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.xAruba, a Hewlett Packard Enterprise company
 
MariaDB 10.5 binary install (바이너리 설치)
MariaDB 10.5 binary install (바이너리 설치)MariaDB 10.5 binary install (바이너리 설치)
MariaDB 10.5 binary install (바이너리 설치)NeoClova
 
初心者向けWebinar AWS上でのファイルサーバ構築
初心者向けWebinar AWS上でのファイルサーバ構築初心者向けWebinar AWS上でのファイルサーバ構築
初心者向けWebinar AWS上でのファイルサーバ構築Amazon Web Services Japan
 
Introduction to appDynamics
Introduction to appDynamics Introduction to appDynamics
Introduction to appDynamics Siddhanta Rath
 
Hpe Intelligent Management Center
Hpe Intelligent Management CenterHpe Intelligent Management Center
Hpe Intelligent Management CenterAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.xEMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.xAruba, a Hewlett Packard Enterprise company
 
Kuberntes Ingress with Kong
Kuberntes Ingress with KongKuberntes Ingress with Kong
Kuberntes Ingress with KongNebulaworks
 
KubeConEU - NATS Deep Dive
KubeConEU - NATS Deep DiveKubeConEU - NATS Deep Dive
KubeConEU - NATS Deep Divewallyqs
 
AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...
AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...
AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...Amazon Web Services
 
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for EveryoneAlexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for EveryoneZabbix
 
BIG IP F5 GTM Presentation
BIG IP F5 GTM PresentationBIG IP F5 GTM Presentation
BIG IP F5 GTM PresentationPCCW GLOBAL
 
Windows Automation with Ansible
Windows Automation with Ansible Windows Automation with Ansible
Windows Automation with Ansible Agile Testing Alliance
 
Introducing Cloudflare Workers
Introducing Cloudflare WorkersIntroducing Cloudflare Workers
Introducing Cloudflare WorkersMeghan Weinreich
 
Zabbix Performance Tuning
Zabbix Performance TuningZabbix Performance Tuning
Zabbix Performance TuningRicardo Santos
 
Guest Access with ArubaOS
Guest Access with ArubaOSGuest Access with ArubaOS
Guest Access with ArubaOSAruba, a Hewlett Packard Enterprise company
 
Chef vs Puppet vs Ansible vs Saltstack | Configuration Management Tools | Dev...
Chef vs Puppet vs Ansible vs Saltstack | Configuration Management Tools | Dev...Chef vs Puppet vs Ansible vs Saltstack | Configuration Management Tools | Dev...
Chef vs Puppet vs Ansible vs Saltstack | Configuration Management Tools | Dev...Simplilearn
 
AWS Black Belt Techシリーズ Amazon WorkDocs / Amazon WorkMail
AWS Black Belt Techシリーズ Amazon WorkDocs / Amazon WorkMailAWS Black Belt Techシリーズ Amazon WorkDocs / Amazon WorkMail
AWS Black Belt Techシリーズ Amazon WorkDocs / Amazon WorkMailAmazon Web Services Japan
 
EMEA Airheads – Aruba controller features used to optimize performance
EMEA Airheads – Aruba controller features used to optimize performanceEMEA Airheads – Aruba controller features used to optimize performance
EMEA Airheads – Aruba controller features used to optimize performanceAruba, a Hewlett Packard Enterprise company
 
2019 Webinar ZABBIX CERTIFICATIONS - From User to Expert, and +
2019 Webinar ZABBIX CERTIFICATIONS - From User to Expert, and +2019 Webinar ZABBIX CERTIFICATIONS - From User to Expert, and +
2019 Webinar ZABBIX CERTIFICATIONS - From User to Expert, and +Julio Zanette
 
Aruba Mobility Controller 7200 Installation Guide
Aruba Mobility Controller 7200 Installation GuideAruba Mobility Controller 7200 Installation Guide
Aruba Mobility Controller 7200 Installation GuideAruba, a Hewlett Packard Enterprise company
 
OpenStack: Inside Out
OpenStack: Inside OutOpenStack: Inside Out
OpenStack: Inside OutEtsuji Nakai
 
Introduction to sandvine dpi
Introduction to sandvine dpiIntroduction to sandvine dpi
Introduction to sandvine dpiMohammed Abdallah
 
DB2をAWS上に構築する際のヒント&TIPS 2018年1月版
DB2をAWS上に構築する際のヒント&TIPS 2018年1月版DB2をAWS上に構築する際のヒント&TIPS 2018年1月版
DB2をAWS上に構築する際のヒント&TIPS 2018年1月版Akira Shimosako
 
Zabbix para iniciantes
Zabbix para iniciantesZabbix para iniciantes
Zabbix para iniciantesWerneck Costa
 
Igor Nicoli: External scripts O poder do Zabbix em suas mãos
Igor Nicoli: External scripts O poder do Zabbix em suas mãosIgor Nicoli: External scripts O poder do Zabbix em suas mãos
Igor Nicoli: External scripts O poder do Zabbix em suas mãosZabbix BR
 
Database Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesDatabase Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesMariaDB plc
 
いまさら、AWSのネットワーク設計
いまさら、AWSのネットワーク設計いまさら、AWSのネットワーク設計
いまさら、AWSのネットワーク設計Serverworks Co.,Ltd.
 
AppSec California 2016 - Making Security Agile
AppSec California 2016 - Making Security AgileAppSec California 2016 - Making Security Agile
AppSec California 2016 - Making Security AgileOleg Gryb
 
Pragmatic Pipeline Security
Pragmatic Pipeline SecurityPragmatic Pipeline Security
Pragmatic Pipeline SecurityJames Wickett
 

More Related Content

What's hot

KubeConEU - NATS Deep Dive
KubeConEU - NATS Deep DiveKubeConEU - NATS Deep Dive
KubeConEU - NATS Deep Divewallyqs
 
AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...
AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...
AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...Amazon Web Services
 
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for EveryoneAlexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for EveryoneZabbix
 
BIG IP F5 GTM Presentation
BIG IP F5 GTM PresentationBIG IP F5 GTM Presentation
BIG IP F5 GTM PresentationPCCW GLOBAL
 
Introducing Cloudflare Workers
Introducing Cloudflare WorkersIntroducing Cloudflare Workers
Introducing Cloudflare WorkersMeghan Weinreich
 
Zabbix Performance Tuning
Zabbix Performance TuningZabbix Performance Tuning
Zabbix Performance TuningRicardo Santos
 
Chef vs Puppet vs Ansible vs Saltstack | Configuration Management Tools | Dev...
Chef vs Puppet vs Ansible vs Saltstack | Configuration Management Tools | Dev...Chef vs Puppet vs Ansible vs Saltstack | Configuration Management Tools | Dev...
Chef vs Puppet vs Ansible vs Saltstack | Configuration Management Tools | Dev...Simplilearn
 
AWS Black Belt Techシリーズ Amazon WorkDocs / Amazon WorkMail
AWS Black Belt Techシリーズ Amazon WorkDocs / Amazon WorkMailAWS Black Belt Techシリーズ Amazon WorkDocs / Amazon WorkMail
AWS Black Belt Techシリーズ Amazon WorkDocs / Amazon WorkMailAmazon Web Services Japan
 
2019 Webinar ZABBIX CERTIFICATIONS - From User to Expert, and +
2019 Webinar ZABBIX CERTIFICATIONS - From User to Expert, and +2019 Webinar ZABBIX CERTIFICATIONS - From User to Expert, and +
2019 Webinar ZABBIX CERTIFICATIONS - From User to Expert, and +Julio Zanette
 
OpenStack: Inside Out
OpenStack: Inside OutOpenStack: Inside Out
OpenStack: Inside OutEtsuji Nakai
 
Introduction to sandvine dpi
Introduction to sandvine dpiIntroduction to sandvine dpi
Introduction to sandvine dpiMohammed Abdallah
 
DB2をAWS上に構築する際のヒント&TIPS 2018年1月版
DB2をAWS上に構築する際のヒント&TIPS 2018年1月版DB2をAWS上に構築する際のヒント&TIPS 2018年1月版
DB2をAWS上に構築する際のヒント&TIPS 2018年1月版Akira Shimosako
 
Zabbix para iniciantes
Zabbix para iniciantesZabbix para iniciantes
Zabbix para iniciantesWerneck Costa
 
Igor Nicoli: External scripts O poder do Zabbix em suas mãos
Igor Nicoli: External scripts O poder do Zabbix em suas mãosIgor Nicoli: External scripts O poder do Zabbix em suas mãos
Igor Nicoli: External scripts O poder do Zabbix em suas mãosZabbix BR
 
Database Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesDatabase Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesMariaDB plc
 
いまさら、AWSのネットワーク設計
いまさら、AWSのネットワーク設計いまさら、AWSのネットワーク設計
いまさら、AWSのネットワーク設計Serverworks Co.,Ltd.
 

What's hot (20)

KubeConEU - NATS Deep Dive
KubeConEU - NATS Deep DiveKubeConEU - NATS Deep Dive
KubeConEU - NATS Deep Dive
 
AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...
AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...
AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...
 
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for EveryoneAlexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
 
BIG IP F5 GTM Presentation
BIG IP F5 GTM PresentationBIG IP F5 GTM Presentation
BIG IP F5 GTM Presentation
 
Windows Automation with Ansible
Windows Automation with Ansible Windows Automation with Ansible
Windows Automation with Ansible
 
Introducing Cloudflare Workers
Introducing Cloudflare WorkersIntroducing Cloudflare Workers
Introducing Cloudflare Workers
 
Zabbix Performance Tuning
Zabbix Performance TuningZabbix Performance Tuning
Zabbix Performance Tuning
 
Guest Access with ArubaOS
Guest Access with ArubaOSGuest Access with ArubaOS
Guest Access with ArubaOS
 
Chef vs Puppet vs Ansible vs Saltstack | Configuration Management Tools | Dev...
Chef vs Puppet vs Ansible vs Saltstack | Configuration Management Tools | Dev...Chef vs Puppet vs Ansible vs Saltstack | Configuration Management Tools | Dev...
Chef vs Puppet vs Ansible vs Saltstack | Configuration Management Tools | Dev...
 
AWS Black Belt Techシリーズ Amazon WorkDocs / Amazon WorkMail
AWS Black Belt Techシリーズ Amazon WorkDocs / Amazon WorkMailAWS Black Belt Techシリーズ Amazon WorkDocs / Amazon WorkMail
AWS Black Belt Techシリーズ Amazon WorkDocs / Amazon WorkMail
 
EMEA Airheads – Aruba controller features used to optimize performance
EMEA Airheads – Aruba controller features used to optimize performanceEMEA Airheads – Aruba controller features used to optimize performance
EMEA Airheads – Aruba controller features used to optimize performance
 
2019 Webinar ZABBIX CERTIFICATIONS - From User to Expert, and +
2019 Webinar ZABBIX CERTIFICATIONS - From User to Expert, and +2019 Webinar ZABBIX CERTIFICATIONS - From User to Expert, and +
2019 Webinar ZABBIX CERTIFICATIONS - From User to Expert, and +
 
Aruba Mobility Controller 7200 Installation Guide
Aruba Mobility Controller 7200 Installation GuideAruba Mobility Controller 7200 Installation Guide
Aruba Mobility Controller 7200 Installation Guide
 
OpenStack: Inside Out
OpenStack: Inside OutOpenStack: Inside Out
OpenStack: Inside Out
 
Introduction to sandvine dpi
Introduction to sandvine dpiIntroduction to sandvine dpi
Introduction to sandvine dpi
 
DB2をAWS上に構築する際のヒント&TIPS 2018年1月版
DB2をAWS上に構築する際のヒント&TIPS 2018年1月版DB2をAWS上に構築する際のヒント&TIPS 2018年1月版
DB2をAWS上に構築する際のヒント&TIPS 2018年1月版
 
Zabbix para iniciantes
Zabbix para iniciantesZabbix para iniciantes
Zabbix para iniciantes
 
Igor Nicoli: External scripts O poder do Zabbix em suas mãos
Igor Nicoli: External scripts O poder do Zabbix em suas mãosIgor Nicoli: External scripts O poder do Zabbix em suas mãos
Igor Nicoli: External scripts O poder do Zabbix em suas mãos
 
Database Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesDatabase Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best Practices
 
いまさら、AWSのネットワーク設計
いまさら、AWSのネットワーク設計いまさら、AWSのネットワーク設計
いまさら、AWSのネットワーク設計
 

Similar to Monitoramento de Vulnerabilidades com Zabbix, RHEL e Yum Security Plugin

AppSec California 2016 - Making Security Agile
AppSec California 2016 - Making Security AgileAppSec California 2016 - Making Security Agile
AppSec California 2016 - Making Security AgileOleg Gryb
 
Pragmatic Pipeline Security
Pragmatic Pipeline SecurityPragmatic Pipeline Security
Pragmatic Pipeline SecurityJames Wickett
 
Alexey Kupriyanenko "Release Early, Often, Stable"
Alexey Kupriyanenko "Release Early, Often, Stable"Alexey Kupriyanenko "Release Early, Often, Stable"
Alexey Kupriyanenko "Release Early, Often, Stable"Fwdays
 
InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020Mandi Walls
 
Blue Teamin' on a Budget [of zero]
Blue Teamin' on a Budget [of zero]Blue Teamin' on a Budget [of zero]
Blue Teamin' on a Budget [of zero]Kyle Bubp
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Softwaredefconmoscow
 
Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration Amazon Web Services
 
2013-06-12 Compliance Made Easy, Red Hat Summit 2013
2013-06-12 Compliance Made Easy, Red Hat Summit 20132013-06-12 Compliance Made Easy, Red Hat Summit 2013
2013-06-12 Compliance Made Easy, Red Hat Summit 2013Shawn Wells
 
2015-06-25 Red Hat Summit 2015 - Security Compliance Made Easy
2015-06-25 Red Hat Summit 2015 - Security Compliance Made Easy2015-06-25 Red Hat Summit 2015 - Security Compliance Made Easy
2015-06-25 Red Hat Summit 2015 - Security Compliance Made EasyShawn Wells
 
Sensu and Sensibility - Puppetconf 2014
Sensu and Sensibility - Puppetconf 2014Sensu and Sensibility - Puppetconf 2014
Sensu and Sensibility - Puppetconf 2014Tomas Doran
 
AWS Loft Talk: Behind the Scenes with SignalFx
AWS Loft Talk: Behind the Scenes with SignalFxAWS Loft Talk: Behind the Scenes with SignalFx
AWS Loft Talk: Behind the Scenes with SignalFxSignalFx
 
Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Canturk Isci
 
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAPKontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAPQAware GmbH
 
2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...
2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...
2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...Lucy Huh Kerner
 
Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...
Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...
Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...QAware GmbH
 
SAP (in)security: New and best
SAP (in)security: New and bestSAP (in)security: New and best
SAP (in)security: New and bestERPScan
 
DevOpsDays Singapore - Continuous Auditing with Compliance as Code
DevOpsDays Singapore - Continuous Auditing with Compliance as CodeDevOpsDays Singapore - Continuous Auditing with Compliance as Code
DevOpsDays Singapore - Continuous Auditing with Compliance as CodeMatt Ray
 

Similar to Monitoramento de Vulnerabilidades com Zabbix, RHEL e Yum Security Plugin (20)

AppSec California 2016 - Making Security Agile
AppSec California 2016 - Making Security AgileAppSec California 2016 - Making Security Agile
AppSec California 2016 - Making Security Agile
 
Pragmatic Pipeline Security
Pragmatic Pipeline SecurityPragmatic Pipeline Security
Pragmatic Pipeline Security
 
Alexey Kupriyanenko "Release Early, Often, Stable"
Alexey Kupriyanenko "Release Early, Often, Stable"Alexey Kupriyanenko "Release Early, Often, Stable"
Alexey Kupriyanenko "Release Early, Often, Stable"
 
Effective DevSecOps
Effective DevSecOpsEffective DevSecOps
Effective DevSecOps
 
InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020
 
Blue Teamin' on a Budget [of zero]
Blue Teamin' on a Budget [of zero]Blue Teamin' on a Budget [of zero]
Blue Teamin' on a Budget [of zero]
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Software
 
Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration
 
SAST Code Security Advisor for SAP [Webinar]
SAST Code Security Advisor for SAP [Webinar]SAST Code Security Advisor for SAP [Webinar]
SAST Code Security Advisor for SAP [Webinar]
 
2013-06-12 Compliance Made Easy, Red Hat Summit 2013
2013-06-12 Compliance Made Easy, Red Hat Summit 20132013-06-12 Compliance Made Easy, Red Hat Summit 2013
2013-06-12 Compliance Made Easy, Red Hat Summit 2013
 
2015-06-25 Red Hat Summit 2015 - Security Compliance Made Easy
2015-06-25 Red Hat Summit 2015 - Security Compliance Made Easy2015-06-25 Red Hat Summit 2015 - Security Compliance Made Easy
2015-06-25 Red Hat Summit 2015 - Security Compliance Made Easy
 
Sensu and Sensibility - Puppetconf 2014
Sensu and Sensibility - Puppetconf 2014Sensu and Sensibility - Puppetconf 2014
Sensu and Sensibility - Puppetconf 2014
 
AWS Loft Talk: Behind the Scenes with SignalFx
AWS Loft Talk: Behind the Scenes with SignalFxAWS Loft Talk: Behind the Scenes with SignalFx
AWS Loft Talk: Behind the Scenes with SignalFx
 
Security in open source projects
Security in open source projectsSecurity in open source projects
Security in open source projects
 
Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016
 
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAPKontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
 
2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...
2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...
2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...
 
Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...
Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...
Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...
 
SAP (in)security: New and best
SAP (in)security: New and bestSAP (in)security: New and best
SAP (in)security: New and best
 
DevOpsDays Singapore - Continuous Auditing with Compliance as Code
DevOpsDays Singapore - Continuous Auditing with Compliance as CodeDevOpsDays Singapore - Continuous Auditing with Compliance as Code
DevOpsDays Singapore - Continuous Auditing with Compliance as Code
 

Recently uploaded

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 

Recently uploaded (20)

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 

Monitoramento de Vulnerabilidades com Zabbix, RHEL e Yum Security Plugin

  • 1. Zabbix Conference Latam 2016 Monitoring Vulnerabilities with Zabbix, RHEL and Yum Security Plugin Alessandro Silva Technical Account Manager, Red Hat alsilva@redhat.com Twitter: @alessssilva
  • 2. Zabbix Conference Latam 2016 $ Who am I • Pós-graduando em Segurança da Informação – NCE/UFRJ • Mais de 12 anos na indústria de TI e 10 somente com Linux. • Certificações: • RHCE - Red Hat Certified Engineer • RHCSA em Openstack • LPIC-3 Core • LPIC-303 Security Specialist • Zabbix Certified Specialist • Desde 2011 trabalhando com Zabbix • Technical Account Manager na Red Hat • “Zabbix guy” na Red Hat
  • 3. Zabbix Conference Latam 2016 Agenda • Vulnerabilidades, impactos e contramedidas • Por que monitorar vulnerabilidades? • Segurança do Produto • Como Zabbix pode nos ajudar? • A solução Enterprise e Open Source • Demo
  • 4. Mas, afinal, o que é uma vulnerabilidade?
  • 5. Zabbix Conference Latam 2016 CVE Common Vulnerabilities and Exposures • Formato padronizado para notificação e acompanhamento de questões de segurança relacionadas a software • Mantido pela empresa MITRE Corporation • Common Vulnerability Scoring System (CVSS) • Severidades: Crítica, Importante, Moderada e Baixa Vulnerabilidades 0 1000 2000 3000 4000 5000 6000 7000 8000 Número de Vulnerabilidades | Desde 1999 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 cve.mitre.org
  • 6. Zabbix Conference Latam 2016 Resposta a Incidentes de Segurança • ERISI/CSIRT - Computer Security Incident Response Team ✔ Investiga e analisa questões relacionadas a segurança de software ✔ Analisa quais produtos são afetados, impactos e contramedidas • Publicação de erratas ✔ Severidades ✔ Impactos ✔ CVE
  • 7. Zabbix Conference Latam 2016 Segurança do Produto • Red Hat Security Advisory (RHSA) • Red Hat Bug Fix Advisory (RHBA) • Red Hat Enhancement Advisory (RHEA) RHEL 6.0 RHEL 6.1 RHEL 6.2 RHEL 6.3 RHEL 6.4 0,0 1,0 2,0 3,0 4,0 5,0 6,0 7,0 8,0 9,0 Erratas de Segurança por mês Red Hat Enterprise Linux - Instalação default do Servidor Critica Importante Baixa/Moderada Sistema Operacional Errataspormês
  • 8. Zabbix Conference Latam 2016 Segurança do Produto Red Hat Enterprise Linux 5 98% Das vulnerabilidades Críticas são corrigidos em 1 dia Red Hat Enterprise Linux 6 92% Das vulnerabilidades Críticas são corrigidos em 1 dia Red Hat Enterprise Linux 7 97% Das vulnerabilidades Críticas são corrigidos em 1 dia
  • 9. Zabbix Conference Latam 2016 Mas, o que iremos monitorar? Servidores Físicos Eles ainda existem e precisam ser monitorados Servidores Virtuais Monitore servidores virtuais em qualquer hypervisor Monitore instâncias da nuvem Cloud servers, contêiners,...
  • 10. Zabbix Conference Latam 2016 Por que Monitorar? Gerenciamento e compliance Manutenção do ciclo de vida Manter a vigilância na infraestrutura
  • 11. Como o Zabbix pode ajudar?
  • 12. Zabbix Conference Latam 2016 Usando o Zabbix para monitorar Notificações Controle Centralizado Configuração Status Checagens Monitoração SNMP Monitoração com agente Monitoração com ping e porta Dispositivos monitorados Dispositivos de rede Servidores com Agente Zabbix Servidores sem Agente Zabbix
  • 13. Zabbix Conference Latam 2016 Zabbix + RHEL + Yum Security Plugin YUMYUM Security Plugin + +
  • 14. Zabbix Conference Latam 2016 Implementação • Instalação do YUM security plugin • Agendar os relatórios de segurança no Cron • Estender o agente Zabbix via UserParameter • Criar o template RHN Security ✔ itens, triggers, gráficos, telas ... • Criar o script de checagem de vulnerabilidades
  • 15. Zabbix Conference Latam 2016 YUM Security Plugin # yum install -y yum-plugin-security # yum updateinfo Loaded plugins: product-id, refresh-packagekit, rhnplugin, security, subscription-manager Updates Information Summary: available 42 Security notice(s) 5 Critical Security notice(s) 15 Important Security notice(s) 7 Low Security notice(s) 15 Moderate Security notice(s) 143 Bugfix notice(s) 13 Enhancement notice(s) updateinfo summary done # yum install -y yum-plugin-security # yum updateinfo Loaded plugins: product-id, refresh-packagekit, rhnplugin, security, subscription-manager Updates Information Summary: available 42 Security notice(s) 5 Critical Security notice(s) 15 Important Security notice(s) 7 Low Security notice(s) 15 Moderate Security notice(s) 143 Bugfix notice(s) 13 Enhancement notice(s) updateinfo summary done YUMYUM Security Plugin Gerando o Relatório de Segurança # crontab -e * 0 * * * yum updateinfo > $zbxlogdir/security-reports/sec-report
  • 16. Zabbix Conference Latam 2016 Agente Zabbix Estendendo com UserParameter UserParameter=rhn.security,grep -m 1 "Security notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print"0"}' UserParameter=rhn.security.critical,grep "Critical Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.security.important,grep "Important Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.low,grep "Low Security" /var/log/zabbix/security-reports/sec- report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.moderate,grep "Moderate Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.bugfix,grep "Bugfix notice" /var/log/zabbix/security-reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.enhancement,grep "Enhancement notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security,grep -m 1 "Security notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print"0"}' UserParameter=rhn.security.critical,grep "Critical Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.security.important,grep "Important Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.low,grep "Low Security" /var/log/zabbix/security-reports/sec- report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.moderate,grep "Moderate Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.bugfix,grep "Bugfix notice" /var/log/zabbix/security-reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.enhancement,grep "Enhancement notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' $DIR/etc/zabbix_agentd.conf.d/zabbix_agentd.userparams.conf
  • 17. Zabbix Conference Latam 2016 Relatório de Vulnerabilidades Vulnerabilidade Severidade Fix ---------------------- -------------------- ------------- CVE-2015-1781 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-7423 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2015-1473 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-1753 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4616 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4650 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2015-3276 Moderate/Sec. openldap-2.4.40-8.el7.x86_64 CVE-2015-3194 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3196 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3195 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-7575 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.2.x86_64 CVE-2016-0797 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0702 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0705 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0800 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2015-3197 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 Vulnerabilidade Severidade Fix ---------------------- -------------------- ------------- CVE-2015-1781 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-7423 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2015-1473 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-1753 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4616 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4650 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2015-3276 Moderate/Sec. openldap-2.4.40-8.el7.x86_64 CVE-2015-3194 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3196 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3195 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-7575 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.2.x86_64 CVE-2016-0797 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0702 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0705 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0800 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2015-3197 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 Gerando o Relatório de Vulnerabilidades: # crontab -e * 0 * * * yum updateinfo list cve > $zbxlogdir/security-reports/vuln-report
  • 18. Zabbix Conference Latam 2016 Projeto está disponível • Template • Arquivos de configuração • Scripts https://github.com/alessssilva/zabbix/tree/master/zabbix-security-insights It's better to SHARE Your mother was right
  • 19. DEMO
  • 20. Zabbix Conference Latam 2016 Referências • Product Security Overview ✔ https://access.redhat.com/site/security/team/ • Red Hat Security Center ✔ https://access.redhat.com/security/ • Documentação oficial do Zabbix ✔ http://zabbix.com/documentation • Common Vulnerabilities and Exposure ✔ http://cve.mitre.org/
  • 21. 22INSERT DESIGNATOR, IF NEEDED OBRIGADO! plus.google.com/+Red Hat linkedin.com/company/red-h at youtube.com/user/RedHatVide os facebook.com/redhati nc twitter.com/RedHatNe ws