Monday, June 8, 2020

Open Source Microservices Tool - Istio

Istio 

        is an open platform that provides a uniform way to connect, manage, and secure microservices.



Istio provides the underlying secure communication channel, and manages authentication, authorization, and encryption of service communication at scale. With Istio, service communications are secured by default, letting you enforce policies consistently across diverse protocols and runtimes – all with little or no application changes.




Istio lets you connect, secure, control, and observe services.



While Istio is platform independent, using it with Kubernetes (or infrastructure) network policies, the benefits are even greater, including the ability to secure pod-to-pod or service-to-service communication at the network and application layers.

Ref Link : 


Download Link :




Sunday, May 31, 2020

Docker / Containers- Security Analysis and Vulnerability Assessment Tools

DockerScan: 

            A Docker analysis tools to detect vulnerabilities in Docker images and Docker registries.


Very quick install

> python3.5 -m pip install -U pip
> python3.5 -m pip install dockerscan

Show options:

> dockerscan -h

Docker Demo

Available actions

Currently Docker Scan support these actions:

  • Scan: Scan a network trying to locate Docker Registries.

  • Registry
    • Delete: Delete remote image / tag
    • Info: Show info from remote registry
    • Push: Push an image (like Docker client)
    • Upload: Upload a random file

  • Image
    • Analyze: Looking for sensitive information in a Docker image.
      • Looking for passwords in environment vars.
      • Try to find any URL / IP in the environment vars.
      • Try to deduce the user used internally to run the software. This is not trivial. If the entry point is a .sh file. Read the file and try to find call to sudo-like: “sudo”, “gosu”, “sh -u”… And report the user found.

      • Extract: extract a docker image

      • Info: Get a image meta information

    • Modify:
      • entrypoint: change the entrypoint in a docker
      • trojanize: inject a reverser shell into a docker image
      • user: change running user in a docker image



Friday, May 15, 2020

DevSecOps Static Code Analysis Tool - Checkov

Checkov:

              It help to scans cloud infrastructure provisioned using Terraform, Cloudformation or kubernetes and detects security and compliance misconfigurations.




Simple and open-source


Checkov is written in Python and provides a simple method to write and manage codified, version-controlled policies.

Features

  • 100+ built-in policies cover security and compliance best practices for AWS, Azure & Google Cloud.
  • Scans Terraform and AWS CloudFormation configurations.
  • Scans for AWS credentials in EC2 Userdata, Lambda environment variables and Terrafrom providers
  • Policies support evaluation of variables to their optional default value.
  • Supports in-line suppression of accepted risks or false-positives to reduce recurring scan failures. Also supports global skip from using CLI.
  • Output currently available as CLI, JSON or JUnit XML.



                                         Image Source : https://www.checkov.io/