Atomic CLI scan

•

1 recomendación•4,210 vistas

Lalatendu Mohanty

Introduction to OpenSCAP project and atomic CLI from Project Atomic to scan Linux containers and images for CVEs.

Atomic scan
With OpenSCAP

$whoami
● Lalatendu Mohanty
● Twitter: @lalatenduM
● lalatendu.org

System security (Software)
● Software vulnerabilities
● Configuration flaws

Configuration flaws
● Not following security policies
○ Example: Weak password settings
● Not using correct access control

Software vulnerabilities
● Undiscovered vulnerabilities
● Known vulnerabilities
○ Common Vulnerabilities and Exposures (CVE®)

Common Vulnerabilities and Exposures (CVE®)
● Publicly known cybersecurity vulnerabilities
● Example:
○ Heartbleed : CVE-2014-0160
■ OpenSSL
○ Shellshock: CVE-2014-6271
■ GNU Bash

atomic scan
● Scan a container or container
image for CVEs.
● Can scan all images or
containers at once.
● Plugin architecture for scan
tool.
From atomic CLI

How does this work?
● Detect the operating system
● Get the appropriate CVE feed from vendor
● Check the image or container with OpenSCAP
● Parse the results

atomic scan options

Demo
$ atomic scan rhel

CVE®
● CVE List is maintained The MITRE Corporation (not for profit)
● Sponsored by United States Computer Emergency Readiness Team.
● National Vulnerability Database (NVD):
○ Superset of CVE list.
○ Contains additional analysis, database and fine-grained search engine
○ Maintained by US National Institute of Standards and Technology (NIST)
○ Data represented using Security Content Automation Protocol (SCAP)

Heartbleed CVE page
● https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160

Heartbleed CVE in NVD
● https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160

SCAP
● SCAP is a line of compliance standards managed by NIST.
● Provide a standardized approach to security e.g.
○ Automatically verifying the presence of patches
○ Checking system security configuration settings
○ Examining systems for signs of compromise

OpenSCAP
● Create a framework of libraries to improve the accessibility of SCAP and
enhance the usability of the information it represents.
● Awarded the SCAP 1.2 certification by NIST in 2014.

Demo SCAP Workbench
On Fedora 23
● $ sudo dnf install scap-security-guide
● $ sudo dnf install scap-workbench

References:
● http://developers.redhat.com/blog/2016/05/02/introducing-atomic-scan-
container-vulnerability-detection/
● https://access.redhat.com/documentation/en-
US/Red_Hat_Network_Satellite/5.5/html/User_Guide/chap-
Red_Hat_Network_Satellite-User_Guide-OpenSCAP.html
● https://cve.mitre.org/about/
● https://www.youtube.com/watch?v=DxMd0T9_apo

Questions?
Collaborate : https://github.com/projectatomic/atomic

Más contenido relacionado

La actualidad más candente

Docker and the Linux Kernel

Docker and the Linux Kernel

Docker and the Linux Kernel

Presented by Udo Seidel, Chief Architect and Digital Evangelist, Amadeus In the recent past there were quite some discussions about security in the context of introducing or using Docker. It is true that there are some gaps to be closed but the whole story does not start from square one either. At Amadeus we are using Docker to build our future-oriented services and to introduce devops culture. Due to the nature of our business we have to deal with Security certifications like PCI-DSS, SSAE 16 and ISO 27001. This talks described the challenges we were facing in that context and how we mastered them. The story has technical and non-technical aspects.

DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...

DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...

DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...

Docker serverless v1.0

Docker serverless v1.0

Docker serverless v1.0

Presentation by Michael Neale, co-founder, CloudBees In this presentation I will show how you can use and abuse namespaces to do things that you might not think were possible in docker. In doing this I will show how you can create a volume bind mount in a running container, and use "super privileged" containers to control other containers on the same machine. There are many uses for this, but at it also demystifies what some of the namespaces in linux are, and how they work (hint: everything is files, its unix!).

DockerCon EU 2015: Persistent, stateful services with docker cluster, namespa...

DockerCon EU 2015: Persistent, stateful services with docker cluster, namespa...

DockerCon EU 2015: Persistent, stateful services with docker cluster, namespa...

Continuous delivery workflow with Docker

Continuous delivery workflow with Docker

Continuous delivery workflow with Docker

Beginning mesos

Beginning mesos

Beginning mesos

Aditya Patawari

Customer trust and security is paramount for Salesforce. While containerization is great for DevOps due to flexibility, speed, isolation, transient existence, ease of management and patching, it becomes a challenging environment when the sensitivity level of the data traversing the environment increases. Monitoring systems, applications and network; performing disk, memory and network forensics in case of an incident; and vulnerability detection can easily become daunting tasks in such a volatile environment. In this presentation we would like to discuss the infrastructure we have built to address these issues and to secure our Docker container platform while we rapidly containerize Salesforce. Our solutions focus on securing the container pipeline, building security into the architecture, monitoring, Docker forensics (disk, memory, network), and automation. We also would like to demonstrate some of our live memory analysis capabilities we leverage to assure container and application integrity during execution.

Securing the Container Pipeline at Salesforce by Cem Gurkok

Securing the Container Pipeline at Salesforce by Cem Gurkok

Securing the Container Pipeline at Salesforce by Cem Gurkok

Docker - introduction

Docker - introduction

Docker - introduction

Michał Kurzeja

Troubleshooting Tips from a Docker Support Engineer

Troubleshooting Tips from a Docker Support Engineer

Troubleshooting Tips from a Docker Support Engineer

Join Laura Frank and Stephen Day as they explain and examine technical concepts behind container orchestration systems, like distributed consensus, object models, and node topology. These concepts build the foundation of every modern orchestration system, and each technical explanation will be illustrated using Docker’s SwarmKit as a real-world example. Gain a deeper understanding of how orchestration systems like SwarmKit work in practice and walk away with more insights into your production applications.

Container Orchestration from Theory to Practice

Container Orchestration from Theory to Practice

Container Orchestration from Theory to Practice

Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby

Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby

Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby

Michelle Antebi

Docker Security and Content Trust

Docker Security and Content Trust

Docker Security and Content Trust

Docker Introduction + what is new in 0.9

Docker Introduction + what is new in 0.9

Docker Introduction + what is new in 0.9

Jérôme Petazzoni

virtualization-vs-containerization-paas

virtualization-vs-containerization-paas

virtualization-vs-containerization-paas

Monitoring docker container and dockerized applications

Monitoring docker container and dockerized applications

Monitoring docker container and dockerized applications

Ananth Padmanabhan

Shipping python project by docker

Shipping python project by docker

Shipping python project by docker

Docker SF Meetup January 2016

Docker SF Meetup January 2016

Docker SF Meetup January 2016

Patrick Chanezon

What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi

What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi

What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi

Sysdig - Introducing a new definition of Monitoring

Sysdig - Introducing a new definition of Monitoring

Sysdig - Introducing a new definition of Monitoring

Docker leverages capabilities in Linux like namespaces and cgroups to enable containers and then builds tooling on top to enable users to build distributed apps. A common question is "What about Docker support for Windows?" In this session the Windows engineering leads will dive deep into the primitives within Windows to enable an awesome Docker experience on Windows. This session will also include a live demo of Docker and Windows Server.

Windows Server and Docker - The Internals Behind Bringing Docker and Containe...

Windows Server and Docker - The Internals Behind Bringing Docker and Containe...

Windows Server and Docker - The Internals Behind Bringing Docker and Containe...

La actualidad más candente (20)

Docker and the Linux Kernel

Docker and the Linux Kernel

Docker and the Linux Kernel

DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...

DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...

DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...

Docker serverless v1.0

Docker serverless v1.0

Docker serverless v1.0

DockerCon EU 2015: Persistent, stateful services with docker cluster, namespa...

DockerCon EU 2015: Persistent, stateful services with docker cluster, namespa...

DockerCon EU 2015: Persistent, stateful services with docker cluster, namespa...

Continuous delivery workflow with Docker

Continuous delivery workflow with Docker

Continuous delivery workflow with Docker

Beginning mesos

Beginning mesos

Beginning mesos

Securing the Container Pipeline at Salesforce by Cem Gurkok

Securing the Container Pipeline at Salesforce by Cem Gurkok

Securing the Container Pipeline at Salesforce by Cem Gurkok

Docker - introduction

Docker - introduction

Docker - introduction

Troubleshooting Tips from a Docker Support Engineer

Troubleshooting Tips from a Docker Support Engineer

Troubleshooting Tips from a Docker Support Engineer

Container Orchestration from Theory to Practice

Container Orchestration from Theory to Practice

Container Orchestration from Theory to Practice

Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby

Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby

Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby

Docker Security and Content Trust

Docker Security and Content Trust

Docker Security and Content Trust

Docker Introduction + what is new in 0.9

Docker Introduction + what is new in 0.9

Docker Introduction + what is new in 0.9

virtualization-vs-containerization-paas

virtualization-vs-containerization-paas

virtualization-vs-containerization-paas

Monitoring docker container and dockerized applications

Monitoring docker container and dockerized applications

Monitoring docker container and dockerized applications

Shipping python project by docker

Shipping python project by docker

Shipping python project by docker

Docker SF Meetup January 2016

Docker SF Meetup January 2016

Docker SF Meetup January 2016

What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi

What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi

What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi

Sysdig - Introducing a new definition of Monitoring

Sysdig - Introducing a new definition of Monitoring

Sysdig - Introducing a new definition of Monitoring

Windows Server and Docker - The Internals Behind Bringing Docker and Containe...

Windows Server and Docker - The Internals Behind Bringing Docker and Containe...

Windows Server and Docker - The Internals Behind Bringing Docker and Containe...

Destacado

Monetising Your Skill

Monetising Your Skill

Monetising Your Skill

Open Source Tools for Container Security and Compliance @Docker LA Meetup 2/13

Open Source Tools for Container Security and Compliance @Docker LA Meetup 2/13

Open Source Tools for Container Security and Compliance @Docker LA Meetup 2/13

Practical Approaches to Container Security

Practical Approaches to Container Security

Practical Approaches to Container Security

A talk given at Docker London on Wednesday, July 20th, 2016. This talk is a fast-paced overview of the potential threats faced when containerizing applications, married to a quick run-through of the "security toolbox" available in the Docker engine via Linux kernel capabilities and features enabled by OCI's libcontainer/runc and Docker. A video recording of this talk is available here: https://skillsmatter.com/skillscasts/8551-container-security

Docker London: Container Security

Docker London: Container Security

Docker London: Container Security

Understanding container security

Understanding container security

Understanding container security

Docker is hot, Docker security is not? In this talk the risks, benefits and defenses of Docker are discussed. They are followed up by some best practices, which can you use in your daily activities. What is clear is that there is still a lot to do to get your containers secured. Event: Docker Amsterdam Meetup - January 2015 This presentation was given by Michael Boelen, January 23rd at Schuberg Philis. The event was organized by Mark Robert Coleman with help of Harm Boertien. With a full house of people, Docker security was discussed. About the author: Michael Boelen is founder of CISOfy and researches Linux security to build tools and documentation, to simplify it for others. Examples are tools like Rootkit Hunter and Lynis, blog posts and presentations.

Docker Security: Are Your Containers Tightly Secured to the Ship?

Docker Security: Are Your Containers Tightly Secured to the Ship?

Docker Security: Are Your Containers Tightly Secured to the Ship?

Get hands-on with security features and best practices to protect your containerized services. Learn to push and verify signed images with Docker Content Trust, and collaborate with delegation roles. Intermediate to advanced level Docker experience recommended, participants will be building and pushing with Docker during the workshop. Led By Docker Security Experts: Riyaz Faizullabhoy David Lawrence Viktor Stanchev Experience Level: Intermediate to advanced level Docker experience recommended

Docker Security workshop slides

Docker Security workshop slides

Docker Security workshop slides

ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...

ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...

ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...

DynamicInfraDays

How GitLab and HackerOne help organizations innovate faster without compromis...

How GitLab and HackerOne help organizations innovate faster without compromis...

How GitLab and HackerOne help organizations innovate faster without compromis...

Why You Need to Rethink Container Security

Why You Need to Rethink Container Security

Why You Need to Rethink Container Security

Your customers expect you to continuously deliver delightful experiences. This means that you’ll need to continuously deliver application and infrastructure updates. Hand-crafted servers lovingly built and maintained by a system administrator are a thing of the past. Golden images are fine for initial provisioning but will quickly fail as your configuration requirements change over time. It’s time for you to fully automate the provisioning and management of your infrastructure components. Welcome to the world of infrastructure as code! In this new world, you’ll be able to programmatically provision and configure the components of your infrastructure. Disposable infrastructure whose provisioning, configuration, and on-going maintenance is fully automated allow you to change the way you build and deliver applications. Move your applications and infrastructure towards continuous delivery. In this talk, we’ll explore the ideas behind “infrastructure as code” and, specifically, look at how Chef allows you to fully automate your infrastructure. If you’re brave enough, we’ll even let you get your hands on some Chef and experience the delight of using Chef to build and deploy some infrastructure components.

Introduction to Infrastructure as Code & Automation / Introduction to Chef

Introduction to Infrastructure as Code & Automation / Introduction to Chef

Introduction to Infrastructure as Code & Automation / Introduction to Chef

Veer's Container Security

Veer's Container Security

Veer's Container Security

Security best practices for kubernetes deployment

Security best practices for kubernetes deployment

Security best practices for kubernetes deployment

AWS Security Best Practices and Design Patterns

AWS Security Best Practices and Design Patterns

AWS Security Best Practices and Design Patterns

Amazon Web Services

AWS Security Architecture - Overview

AWS Security Architecture - Overview

AWS Security Architecture - Overview

Sai Kesavamatham

Monitoring, Logging and Tracing on Kubernetes

Monitoring, Logging and Tracing on Kubernetes

Monitoring, Logging and Tracing on Kubernetes

London HUG 19/5 - Kubernetes and vault

London HUG 19/5 - Kubernetes and vault

London HUG 19/5 - Kubernetes and vault

London HashiCorp User Group

How to securely deploy your containers, by the author of rkhunter and auditing tool Lynis. Many introductory talks about Docker and its container technology, have been given. This attention to the subject is not surprising, seeing the amount of people "doing DevOps" now. With container technology being fairly new on the Linux platform, the security aspects of containers are often being overlooked. While Linux containers do still not fully contain from a security point of view, we can definitely improve the security level of them. In this talk, we have a look at the underlying Linux security measures, followed by the features Docker itself has to offer. The goal is to get an understanding how we can deploy containers in a secure way. After all, Docker is no longer just a toy, and our precious data is involved.

Docker Security - Secure Container Deployment on Linux

Docker Security - Secure Container Deployment on Linux

Docker Security - Secure Container Deployment on Linux

Video: https://youtu.be/C_u4_l84ED8 Karl Isenberg reviews the history of distributed computing, clarifies terminology for layers in the container stack, and does a head to head comparison of several tools in the space, including Kubernetes, Marathon, and Docker Swarm. Learn which features and qualities are critical for container orchestration and how you can apply this knowledge when evaluating platforms.

Container Orchestration Wars

Container Orchestration Wars

Container Orchestration Wars

Docker Security Overview

Docker Security Overview

Docker Security Overview

Sreenivas Makam

Destacado (20)

Monetising Your Skill

Monetising Your Skill

Monetising Your Skill

Open Source Tools for Container Security and Compliance @Docker LA Meetup 2/13

Open Source Tools for Container Security and Compliance @Docker LA Meetup 2/13

Open Source Tools for Container Security and Compliance @Docker LA Meetup 2/13

Practical Approaches to Container Security

Practical Approaches to Container Security

Practical Approaches to Container Security

Docker London: Container Security

Docker London: Container Security

Docker London: Container Security

Understanding container security

Understanding container security

Understanding container security

Docker Security: Are Your Containers Tightly Secured to the Ship?

Docker Security: Are Your Containers Tightly Secured to the Ship?

Docker Security: Are Your Containers Tightly Secured to the Ship?

Docker Security workshop slides

Docker Security workshop slides

Docker Security workshop slides

ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...

ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...

ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...

How GitLab and HackerOne help organizations innovate faster without compromis...

How GitLab and HackerOne help organizations innovate faster without compromis...

How GitLab and HackerOne help organizations innovate faster without compromis...

Why You Need to Rethink Container Security

Why You Need to Rethink Container Security

Why You Need to Rethink Container Security

Introduction to Infrastructure as Code & Automation / Introduction to Chef

Introduction to Infrastructure as Code & Automation / Introduction to Chef

Introduction to Infrastructure as Code & Automation / Introduction to Chef

Veer's Container Security

Veer's Container Security

Veer's Container Security

Security best practices for kubernetes deployment

Security best practices for kubernetes deployment

Security best practices for kubernetes deployment

AWS Security Best Practices and Design Patterns

AWS Security Best Practices and Design Patterns

AWS Security Best Practices and Design Patterns

AWS Security Architecture - Overview

AWS Security Architecture - Overview

AWS Security Architecture - Overview

Monitoring, Logging and Tracing on Kubernetes

Monitoring, Logging and Tracing on Kubernetes

Monitoring, Logging and Tracing on Kubernetes

London HUG 19/5 - Kubernetes and vault

London HUG 19/5 - Kubernetes and vault

London HUG 19/5 - Kubernetes and vault

Docker Security - Secure Container Deployment on Linux

Docker Security - Secure Container Deployment on Linux

Docker Security - Secure Container Deployment on Linux

Container Orchestration Wars

Container Orchestration Wars

Container Orchestration Wars

Docker Security Overview

Docker Security Overview

Docker Security Overview

Similar a Atomic CLI scan

Ever Present Persistence - Established Footholds Seen in the Wild

Ever Present Persistence - Established Footholds Seen in the Wild

Ever Present Persistence - Established Footholds Seen in the Wild

AV Evasion with the Veil Framework

AV Evasion with the Veil Framework

AV Evasion with the Veil Framework

"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...

"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...

"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...

Andy has made mistakes. He's seen even more. And in this talk he details the best and the worst of the container and Kubernetes security problems he's experienced, exploited, and remediated. This talk details low level exploitable issues with container and Kubernetes deployments. We focus on lessons learned, and show attendees how to ensure that they do not fall victim to avoidable attacks. See how to bypass security controls and exploit insecure defaults in this technical appraisal of the container and cluster security landscape.

The Future of Security and Productivity in Our Newly Remote World

The Future of Security and Productivity in Our Newly Remote World

The Future of Security and Productivity in Our Newly Remote World

Higher Level Malware

Higher Level Malware

Higher Level Malware

IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies

IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies

IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies

Computer malware in all its forms is nearly as old as the first PCs running commodity OSes, dating back at least 30 years. However, the number and the variety of "computing devices" dramatically increased during the last several years. Therefore, the focus of malware authors and operators slowly but steadily started shifting or expanding towards Internet of Things (IoT) malware. Unfortunately, at present there is no publicly available comprehensive study and methodology that collects, analyses, measures, and presents the (meta-)data related to IoT malware in a systematic and a holistic manner. In most cases, if not all, the resources on the topic are available as blog posts, sparse technical reports, or Systematization of Knowledge (SoK) papers deeply focused on a particular IoT malware strain (e.g., Mirai). Some other times those resources are already unavailable, or can become unavailable or restricted at any time. Moreover, many of such resources contain errors (e.g., wrong CVEs), omissions (e.g., hashes), limited perspectives (e.g., network behaviour only), or otherwise present incomplete or inaccurate analysis. Hence, all these factors leave unattended the main challenges of analysing, tracking, detecting, and defending against IoT malware in a systematic, effective and efficient way. This work attempts to bridge this gap. We start with mostly manual collection, archival, meta-information extraction and cross-validation of more than 637 unique resources related to IoT malware families. These resources relate to 60 1 IoT malware families, and include 260 resources related to 48 unique vulnerabilities used in the disclosed or detected IoT malware attacks. We then use the extracted information to establish as accurately as possible the timeline of events related to each IoT malware family and relevant vulnerabilities, and to outline important insights and statistics. For example, our analysis shows that the mean and median CVSS scores of all analyzed vulnerabilities employed by the IoT malware families are quite modest yet: 6.9 and 7.1 for CVSSv2, and 7.5 and 7.5 for CVSSv3 respectively. Moreover, the public knowledge to defend against or prevent those vulnerabilities could have been used, on average, at least 90 days before the first malware samples were submitted for analysis. Finally, to help validate our work as well as to motivate its continuous growth and improvement by the research community, we open-source our datasets and release our IoT malware analysis framework and our IoT malware analysis framework.

IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies

IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies

IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies

DevSecOps: essential tooling to enable continuous security 2019-09-16

DevSecOps: essential tooling to enable continuous security 2019-09-16

DevSecOps: essential tooling to enable continuous security 2019-09-16

The State of the Veil Framework

The State of the Veil Framework

The State of the Veil Framework

Introduzione a junit + integrazione con archibus

Introduzione a junit + integrazione con archibus

Introduzione a junit + integrazione con archibus

Shifting left - How to use Continuous Integration tools to bring security into the DevOps world In today's modern software factories, organizations are shifting security to the left. No longer just the purview of firewalls, security needs to be built in during development and deployment processes. By doing so, organizations can ensure they are limiting vulnerabilities getting into production while cutting costs of both downtime and code rework. Key Takeaways: ○ How to ensure that the use of open source doesn’t introduce vulnerabilities and other security risks ○ How to automate the delivery of trusted images using a policy-driven approach ○ Empowering developers to secure their applications, while maintaining segregation of duties ○ Ensuring the consistent flow of images through the pipeline, with no side-doors or introduction of unvetted images ○ Enforcing immutability of containers, preventing container-image drift

Embacing service-level-objectives of your microservices in your Cl/CD

Embacing service-level-objectives of your microservices in your Cl/CD

Embacing service-level-objectives of your microservices in your Cl/CD

Web Application Security: Introduction to common classes of security flaws an...

Web Application Security: Introduction to common classes of security flaws an...

Web Application Security: Introduction to common classes of security flaws an...

Tw noche geek quito webappsec

Tw noche geek quito webappsec

Tw noche geek quito webappsec

s its biggest bottleneck and security is becoming the most pervasive bottleneck in most DevOps practices. Teams are unable to come up with security practices that integrate into the DevOps lifecycle and ensure continuous and smooth delivery of applications to customers. In fact, security failures in DevOps amplify security flaws in production as they are delivered at scale. If DevOps should not be at odds with security, then we must find ways to achieve the following on priority: - Integrate effective threat modeling into Agile development practices - Introduce Security Automation into Continuous Integration - Integrate Security Automation into Continuous Deployment While there are other elements like SAST and Monitoring that are important to SecDevOps, my talk will essentially focus on these three elements with a higher level of focus on Security Automation. In my talk, I will explore the following, with reference to the topic: - The talk will be replete with anecdotes from personal consulting and penetration testing experiences. - I will briefly discuss Threat Modeling and its impact on DevOps. I will use examples to demonstrate practical ways that one can use threat modeling effectively to break down obstacles and create security automation that reduces the security bottleneck in the later stages of the DevOps cycle. - I firmly believe that Automated Web Vulnerability Assessment (using scanners) no matter how tuned, can only produce 30-40% of the actual results as opposed to a manual application penetration test. I find that scanning tools fail to identify most vulnerabilities with modern Web Services (REST. I will discuss examples and demonstrate how one can leverage automated vulnerability scanners (like ZAP, through its Python API) and simulate manual testing using a custom security automation suite. In Application Penetration Testing, its impossible to have a one size-fits all, but there’s no reason why we can’t deliver custom security automation to simulate most of the manual penetration testing to combine them into a custom security automation suite that integrates with CI tools like Jenkins and Travis. I intend to demonstrate the use a custom security test suite (written in Python that integrates with Jenkins), against an intentionally vulnerable e-commerce app. - My talk will also detail automation to identify vulnerabilities in software libraries and components, integrated with CI tools. - Finally, I will (with the use of examples and demos) explain how one can use “Infrastructure as Code” practice to perform pre and post deployment security checks, using tools like Chef, Puppet and Ansible.

OWASP AppSec EU - SecDevOps, a view from the trenches - Abhay Bhargav

OWASP AppSec EU - SecDevOps, a view from the trenches - Abhay Bhargav

OWASP AppSec EU - SecDevOps, a view from the trenches - Abhay Bhargav

OpenCV (Open source computer vision)

OpenCV (Open source computer vision)

OpenCV (Open source computer vision)

Matt Oh, Microsoft We are seeing new technique used everyday by malware. But, it is very hard to find any impressive techniques used in the wild. Recently there was huge buzz about Detrahere malware which used internally known issues with certificate signing in Windows 10 kernel driver. Even though the certificate check bypass technique itself is very interesting, also I found that the tactics used by the malware is more impressive. Even though the malware is mainly focused on Ad-hijacking functionality through Netfilter driver installation, but it also has rootkit ability through file system driver hooking. This feels like old days coming back with various new arsenals. The rootkit detects kernel debugging settings and will destroy the system when it finds one. The unpacking process can be very challenging job, too as it uses kernel driver image hollowing technique (something similar to process hollowing) to deobfuscate itself and run unpacked code. Our patchguard doesn't seem like triggering on this action, because all the sections are pre-allocated with execute permission already. Through this talk, I want to present various techniques used by this malware focusing on the kernel level obfuscation and anti-analysis tactics. This will give us new insights on how new Windows rootkit malware might look like in the future and how detecting them from security systems and detonation systems can be a challenge.

BlueHat v18 || Return of the kernel rootkit malware (on windows 10)

BlueHat v18 || Return of the kernel rootkit malware (on windows 10)

BlueHat v18 || Return of the kernel rootkit malware (on windows 10)

BlueHat Security Conference

DeViL - Detect Virtual Machine in Linux by Sreelakshmi

DeViL - Detect Virtual Machine in Linux by Sreelakshmi

DeViL - Detect Virtual Machine in Linux by Sreelakshmi

Cysinfo Cyber Security Community

Failure is inevitable. In our modern world filled with continuously delivered and increasingly complex distributed architectures (looking at you micro-services), it is important to be able to test and improve our systems under a range of failure conditions. In this talk, Matt discusses these complexities and the forces they exert on development teams, presenting some simple strategies and practical advice to deal with them.

Antifragility and testing for distributed systems failure

Antifragility and testing for distributed systems failure

Antifragility and testing for distributed systems failure

Security Bootcamp 2013 - Difficulties of malware analysis - Nguyễn Chấn Việt

Security Bootcamp 2013 - Difficulties of malware analysis - Nguyễn Chấn Việt

Security Bootcamp 2013 - Difficulties of malware analysis - Nguyễn Chấn Việt

Security Bootcamp

LinuxCon 2011: OpenVZ and Linux Kernel Testing

LinuxCon 2011: OpenVZ and Linux Kernel Testing

LinuxCon 2011: OpenVZ and Linux Kernel Testing

Similar a Atomic CLI scan (20)

Ever Present Persistence - Established Footholds Seen in the Wild

Ever Present Persistence - Established Footholds Seen in the Wild

Ever Present Persistence - Established Footholds Seen in the Wild

AV Evasion with the Veil Framework

AV Evasion with the Veil Framework

AV Evasion with the Veil Framework

"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...

"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...

"Automated Malware Analysis" de Gabriel Negreira Barbosa, Malware Research an...

The Future of Security and Productivity in Our Newly Remote World

The Future of Security and Productivity in Our Newly Remote World

The Future of Security and Productivity in Our Newly Remote World

Higher Level Malware

Higher Level Malware

Higher Level Malware

IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies

IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies

IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies

IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies

IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies

IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies

DevSecOps: essential tooling to enable continuous security 2019-09-16

DevSecOps: essential tooling to enable continuous security 2019-09-16

DevSecOps: essential tooling to enable continuous security 2019-09-16

The State of the Veil Framework

The State of the Veil Framework

The State of the Veil Framework

Introduzione a junit + integrazione con archibus

Introduzione a junit + integrazione con archibus

Introduzione a junit + integrazione con archibus

Embacing service-level-objectives of your microservices in your Cl/CD

Embacing service-level-objectives of your microservices in your Cl/CD

Embacing service-level-objectives of your microservices in your Cl/CD

Web Application Security: Introduction to common classes of security flaws an...

Web Application Security: Introduction to common classes of security flaws an...

Web Application Security: Introduction to common classes of security flaws an...

Tw noche geek quito webappsec

Tw noche geek quito webappsec

Tw noche geek quito webappsec

OWASP AppSec EU - SecDevOps, a view from the trenches - Abhay Bhargav

OWASP AppSec EU - SecDevOps, a view from the trenches - Abhay Bhargav

OWASP AppSec EU - SecDevOps, a view from the trenches - Abhay Bhargav

OpenCV (Open source computer vision)

OpenCV (Open source computer vision)

OpenCV (Open source computer vision)

BlueHat v18 || Return of the kernel rootkit malware (on windows 10)

BlueHat v18 || Return of the kernel rootkit malware (on windows 10)

BlueHat v18 || Return of the kernel rootkit malware (on windows 10)

DeViL - Detect Virtual Machine in Linux by Sreelakshmi

DeViL - Detect Virtual Machine in Linux by Sreelakshmi

DeViL - Detect Virtual Machine in Linux by Sreelakshmi

Antifragility and testing for distributed systems failure

Antifragility and testing for distributed systems failure

Antifragility and testing for distributed systems failure

Security Bootcamp 2013 - Difficulties of malware analysis - Nguyễn Chấn Việt

Security Bootcamp 2013 - Difficulties of malware analysis - Nguyễn Chấn Việt

Security Bootcamp 2013 - Difficulties of malware analysis - Nguyễn Chấn Việt

LinuxCon 2011: OpenVZ and Linux Kernel Testing

LinuxCon 2011: OpenVZ and Linux Kernel Testing

LinuxCon 2011: OpenVZ and Linux Kernel Testing

Más de Lalatendu Mohanty

Confident OpenShift Upgrades with the Update Graph.pdf

Confident OpenShift Upgrades with the Update Graph.pdf

Confident OpenShift Upgrades with the Update Graph.pdf

Lalatendu Mohanty

Reproducible development to live applications with Red Hat CDK and Red Hat Op...

Reproducible development to live applications with Red Hat CDK and Red Hat Op...

Reproducible development to live applications with Red Hat CDK and Red Hat Op...

Lalatendu Mohanty

OpenShift As A DevOps Platform

OpenShift As A DevOps Platform

OpenShift As A DevOps Platform

Lalatendu Mohanty

Contributing To CentOS SIGs

Contributing To CentOS SIGs

Contributing To CentOS SIGs

Lalatendu Mohanty

Red Hat Container Development Kit

Red Hat Container Development Kit

Red Hat Container Development Kit

Lalatendu Mohanty

Introduction to docker and docker compose

Introduction to docker and docker compose

Introduction to docker and docker compose

Lalatendu Mohanty

Developer workflow with docker

Developer workflow with docker

Developer workflow with docker

Lalatendu Mohanty

Vagrant For DevOps

Vagrant For DevOps

Vagrant For DevOps

Lalatendu Mohanty

GlusterFS And Big Data

GlusterFS And Big Data

GlusterFS And Big Data

Lalatendu Mohanty

Project Atomic-Nulecule

Project Atomic-Nulecule

Project Atomic-Nulecule

Lalatendu Mohanty

Bringing-it-all-together-overview-of-rpm-packaging-in-fedora

Bringing-it-all-together-overview-of-rpm-packaging-in-fedora

Bringing-it-all-together-overview-of-rpm-packaging-in-fedora

Lalatendu Mohanty

Running A SIG in CentOS @Devconf Brno 2014

Running A SIG in CentOS @Devconf Brno 2014

Running A SIG in CentOS @Devconf Brno 2014

Lalatendu Mohanty

Docker quick start

Docker quick start

Docker quick start

Lalatendu Mohanty

Introduction to Project atomic (CentOS Dojo Bangalore)

Introduction to Project atomic (CentOS Dojo Bangalore)

Introduction to Project atomic (CentOS Dojo Bangalore)

Lalatendu Mohanty

Más de Lalatendu Mohanty (14)

Confident OpenShift Upgrades with the Update Graph.pdf

Confident OpenShift Upgrades with the Update Graph.pdf

Confident OpenShift Upgrades with the Update Graph.pdf

Reproducible development to live applications with Red Hat CDK and Red Hat Op...

Reproducible development to live applications with Red Hat CDK and Red Hat Op...

Reproducible development to live applications with Red Hat CDK and Red Hat Op...

OpenShift As A DevOps Platform

OpenShift As A DevOps Platform

OpenShift As A DevOps Platform

Contributing To CentOS SIGs

Contributing To CentOS SIGs

Contributing To CentOS SIGs

Red Hat Container Development Kit

Red Hat Container Development Kit

Red Hat Container Development Kit

Introduction to docker and docker compose

Introduction to docker and docker compose

Introduction to docker and docker compose

Developer workflow with docker

Developer workflow with docker

Developer workflow with docker

Vagrant For DevOps

Vagrant For DevOps

Vagrant For DevOps

GlusterFS And Big Data

GlusterFS And Big Data

GlusterFS And Big Data

Project Atomic-Nulecule

Project Atomic-Nulecule

Project Atomic-Nulecule

Bringing-it-all-together-overview-of-rpm-packaging-in-fedora

Bringing-it-all-together-overview-of-rpm-packaging-in-fedora

Bringing-it-all-together-overview-of-rpm-packaging-in-fedora

Running A SIG in CentOS @Devconf Brno 2014

Running A SIG in CentOS @Devconf Brno 2014

Running A SIG in CentOS @Devconf Brno 2014

Docker quick start

Docker quick start

Docker quick start

Introduction to Project atomic (CentOS Dojo Bangalore)

Introduction to Project atomic (CentOS Dojo Bangalore)

Introduction to Project atomic (CentOS Dojo Bangalore)

Último

Architecting Cloud Native Applications

Architecting Cloud Native Applications

Architecting Cloud Native Applications

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

MINDCTI Revenue Release Quarter One 2024

MINDCTI Revenue Release Quarter One 2024

MINDCTI Revenue Release Quarter One 2024

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Manulife - Insurer Transformation Award 2024

Manulife - Insurer Transformation Award 2024

Manulife - Insurer Transformation Award 2024

The Digital Insurer

DBX First Quarter 2024 Investor Presentation

DBX First Quarter 2024 Investor Presentation

DBX First Quarter 2024 Investor Presentation

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

Accelerating FinTech Innovation: Unleashing API Economy and GenAI Vasa Krishnan, Chief Technology Officer - FinResults Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

The Good, the Bad and the Governed - Why is governance a dirty word? David O'Neill, Chief Operating Officer - APIContext Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Dubai, often portrayed as a shimmering oasis in the desert, faces its own set of challenges, including the occasional threat of flooding. Despite its reputation for opulence and modernity, the emirate is not immune to the forces of nature. In recent years, Dubai has experienced sporadic but significant floods, testing the resilience of its infrastructure and communities. Among the critical lifelines in this bustling metropolis is the Dubai International Airport, a bustling hub that connects the city to the world. This article explores the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

The microservices honeymoon is over. When starting a new project or revamping a legacy monolith, teams started looking for alternatives to microservices. The Modular Monolith, or 'Modulith', is an architecture that reaps the benefits of (vertical) functional decoupling without the high costs associated with separate deployments. This talk will delve into the advantages and challenges of this progressive architecture, beginning with exploring the concept of a 'module', its internal structure, public API, and inter-module communication patterns. Supported by spring-modulith, the talk provides practical guidance on addressing the main challenges of a Modultith Architecture: finding and guarding module boundaries, data decoupling, and integration module-testing. You should not miss this talk if you are a software architect or tech lead seeking practical, scalable solutions. About the author With two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

AXA XL - Insurer Innovation Award Americas 2024

AXA XL - Insurer Innovation Award Americas 2024

AXA XL - Insurer Innovation Award Americas 2024

The Digital Insurer

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

When you’re building (micro)services, you have lots of framework options. Spring Boot is no doubt a popular choice. But there’s more! Take Quarkus, a framework that’s considered the rising star for Kubernetes-native Java. It always depends on what's best for your situation, but how to choose the best solution if you're comparing 2 frameworks? Both Spring Boot and Quarkus have their positives and negatives. Let us compare the two by live coding a couple of common use cases in Spring Boot and Quarkus. After this talk, you’ll be ready to get started with Quarkus yourself, and know when to select Quarkus or Spring Boot.

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

presentation ICT roal in 21st century education

presentation ICT roal in 21st century education

presentation ICT roal in 21st century education

MS Copilot expands with MS Graph connectors

MS Copilot expands with MS Graph connectors

MS Copilot expands with MS Graph connectors

Nanddeep Nachan

Último (20)

Architecting Cloud Native Applications

Architecting Cloud Native Applications

Architecting Cloud Native Applications

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

MINDCTI Revenue Release Quarter One 2024

MINDCTI Revenue Release Quarter One 2024

MINDCTI Revenue Release Quarter One 2024

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Manulife - Insurer Transformation Award 2024

Manulife - Insurer Transformation Award 2024

Manulife - Insurer Transformation Award 2024

DBX First Quarter 2024 Investor Presentation

DBX First Quarter 2024 Investor Presentation

DBX First Quarter 2024 Investor Presentation

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

AXA XL - Insurer Innovation Award Americas 2024

AXA XL - Insurer Innovation Award Americas 2024

AXA XL - Insurer Innovation Award Americas 2024

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

presentation ICT roal in 21st century education

presentation ICT roal in 21st century education

presentation ICT roal in 21st century education

MS Copilot expands with MS Graph connectors

MS Copilot expands with MS Graph connectors

MS Copilot expands with MS Graph connectors

Atomic CLI scan

1. Atomic scan With OpenSCAP

2. $whoami ● Lalatendu Mohanty ● Twitter: @lalatenduM ● lalatendu.org

3. System security (Software) ● Software vulnerabilities ● Configuration flaws

4. Configuration flaws ● Not following security policies ○ Example: Weak password settings ● Not using correct access control

5. Software vulnerabilities ● Undiscovered vulnerabilities ● Known vulnerabilities ○ Common Vulnerabilities and Exposures (CVE®)

6. Common Vulnerabilities and Exposures (CVE®) ● Publicly known cybersecurity vulnerabilities ● Example: ○ Heartbleed : CVE-2014-0160 ■ OpenSSL ○ Shellshock: CVE-2014-6271 ■ GNU Bash

7. atomic scan ● Scan a container or container image for CVEs. ● Can scan all images or containers at once. ● Plugin architecture for scan tool. From atomic CLI

8. How does this work? ● Detect the operating system ● Get the appropriate CVE feed from vendor ● Check the image or container with OpenSCAP ● Parse the results

9. atomic scan options

10. Demo $ atomic scan rhel

11. CVE® ● CVE List is maintained The MITRE Corporation (not for profit) ● Sponsored by United States Computer Emergency Readiness Team. ● National Vulnerability Database (NVD): ○ Superset of CVE list. ○ Contains additional analysis, database and fine-grained search engine ○ Maintained by US National Institute of Standards and Technology (NIST) ○ Data represented using Security Content Automation Protocol (SCAP)

12. Heartbleed CVE page ● https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160

13. Heartbleed CVE in NVD ● https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160

14. SCAP ● SCAP is a line of compliance standards managed by NIST. ● Provide a standardized approach to security e.g. ○ Automatically verifying the presence of patches ○ Checking system security configuration settings ○ Examining systems for signs of compromise

15. OpenSCAP ● Create a framework of libraries to improve the accessibility of SCAP and enhance the usability of the information it represents. ● Awarded the SCAP 1.2 certification by NIST in 2014.

16.

17. Demo SCAP Workbench On Fedora 23 ● $ sudo dnf install scap-security-guide ● $ sudo dnf install scap-workbench

18. References: ● http://developers.redhat.com/blog/2016/05/02/introducing-atomic-scan- container-vulnerability-detection/ ● https://access.redhat.com/documentation/en- US/Red_Hat_Network_Satellite/5.5/html/User_Guide/chap- Red_Hat_Network_Satellite-User_Guide-OpenSCAP.html ● https://cve.mitre.org/about/ ● https://www.youtube.com/watch?v=DxMd0T9_apo

19. Questions? Collaborate : https://github.com/projectatomic/atomic