6. SSH Control
"SSH supports two different protocol
versions.The original version, SSHv1, was
subject to a number of security issues.
Please use SSHv2 instead to avoid
these."
8. Whip up a one-liner!
grep "^Protocol" /etc/ssh/sshd_config | sed 's/Protocol //'
9. Apache Server Information Leakage
âą Description
This Directive Controls wheather Server response field is sent back to clients includes a description of Generic OSType of the
Server.
This allows attackers to identify web servers details greatly and increases the efficiency of any attack,as security vulnerabilities are
dependent upon specific software versions.
âą How toTest
In order to test for ServerToken configuration, one should check the Apache configuration file.
âą Misconfiguration
ServerTokens Full
âą Remediation
Configure the ServerTokens directive in the Apache configuration to value of Prod or ProductOnly.This tells Apache to only
return "Apache" in the Server header, returned on every page request.
ServerTokens Prod
or
ServerTokens ProductOnly
https://www.owasp.org/index.php/SCG_WS_Apache
10. More grep and sed!
grep "^ServerTokens" /etc/httpd/conf/httpd.conf | sed 's/ServerTokens //'
19. Key Trends
âą While individual rule compliance
is up, testing of security systems
is down
âą Sustainability is low. Fewer than
a third of companies were found
to be still fully compliant less
than a year after successful
validation.
20.
21. Shell Scripts
grep "^Protocol" /etc/ssh/sshd_config | sed 's/Protocol //'
grep "^ServerTokens" /etc/httpd/conf/httpd.conf | sed 's/ServerTokens //'
47. InSpec
> inspec exec test.rb
Test a machine remotely via SSH
> inspec exec test.rb -i identity.key -t ssh://root@172.17.0.1
Test your machine locally
> inspec exec test.rb -t winrm://Admin@192.168.1.2 --password super
Test Docker Container
> inspec exec test.rb -t docker://5cc8837bb6a8
Test a machine remotely via WinRM
AGENTLESS
48. Operating System & Application Coverage
âą Microsoft Windows
âą Red Hat Enterprise Linux
âą Ubuntu Linux
âą SUSE Linux Enterprise Server
âą Oracle Enterprise Linux
âą AIX
âą HP-UX
âą Solaris
âą VMware ESXi
âą MySQL
âą Oracle
âą PostgreSQL
âą Tomcat
âą SQL Server
âą IIS
âą HTTP request
53. The Chef Automate Platform
Continuous Automation for High Velocity IT
Workflow âą Local development âą Integration âą Tooling (APIs & SDKs)
COLLABORATE
âȘ Package
âȘ Test
âȘ Approve
BUILD
âȘ Provision
âȘ Configure
âȘ Execute
âȘ Update
DEPLOY
âȘ Secure
âȘ Comply
âȘ Audit
âȘ Measure
âȘ Log
MANAGE
Infrastructure Automation Compliance AutomationApplication Automation
OSS AUTOMATION ENGINES
Increase Speed
âȘ Package infrastructure and app
configuration as code
âȘ Continuously automate
infrastructure and app updates
Improve Efficiency
âȘ Define and execute standard
workflows and automation
âȘ Audit and measure effectiveness of
automation
Decrease Risk
âȘ Define compliance rules as code
âȘ Deliver continuous compliance as
part of standard workflow
54. AWS OpsWorks for Chef Automate
Native Amazon Service
Managed Chef Server
âȘ Utilizes RDS and other native
services
âȘ May be externally accessible
AWS Native
âȘ Auto Scaling in your VPC
âȘ Automatic backups and upgrades
OpsWorks Stacks
âȘ New name for previous version of
OpsWorks
â Partnership between Amazon and Chef, jointly
developed and maintained
â Fully managed AWS service with frequent updates
â Fully compatible with open source Chef
â Amazon is your support and billing
â All Chef Automate features will be supported
â Visibility and Workflow today
â Compliance soon
â Currently Northern Virginia, Oregon & Ireland
with more planned