Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Application Security Workflow Automation using ...

Abhisek Datta
November 07, 2019
Technology
0
510

Application Security Workflow Automation using Docker and Kubernetes

Slides from talk given at #AllDayDevOps 2019

https://www.alldaydevops.com/addo-speakers/abhisek-datta

Abhisek Datta

November 07, 2019
Tweet

More Decks by Abhisek Datta

See All by Abhisek Datta
Kubernetes from an Attacker's Perspective - fwd:CloudSec 2020
abhisek
0
390
Kubernetes 101 for Penetration Testers - null Mumbai
abhisek
6
3.8k
Securing Microservices at API Gateway using Cloud Native Solutions
abhisek
1
390
Kubernetes From an Attacker's Perspective
abhisek
4
7.1k
Application Security Workflow Automation using Docker and Kubernetes
abhisek
0
720
Towards Verifiable Infrastructure Security
abhisek
0
190
Your Internet Exposure the Makes You Vulnerable
abhisek
0
190
Towards Verifiable Infrastructure Security
abhisek
0
66
Mobile Appsec from an attacker's perspective
abhisek
0
500

Other Decks in Technology

See All in Technology
Making your applications cross-environment - OSCG 2024 NA
salaboy
0
190
なぜ今 AI Agent なのか _近藤憲児
kenjikondobai
4
1.4k
開発生産性を上げながらビジネスも30倍成長させてきたチームの姿
kamina_zzz
2
1.7k
エンジニア人生の拡張性を高める 「探索型キャリア設計」の提案
tenshoku_draft
1
130
Lambdaと地方とコミュニティ
miu_crescent
2
370
OCI Network Firewall 概要
oracle4engineer
PRO
0
4.2k
日経電子版のStoreKit2フルリニューアル
shimastripe
1
140
飲食店データの分析事例とそれを支えるデータ基盤
kimujun
0
160
Platform Engineering for Software Developers and Architects
syntasso
1
520
Flutterによる 効率的なAndroid・iOS・Webアプリケーション開発の事例
recruitengineers
PRO
0
120
[CV勉強会@関東 ECCV2024 読み会] オンラインマッピング x トラッキング MapTracker: Tracking with Strided Memory Fusion for Consistent Vector HD Mapping (Chen+, ECCV24)
abemii
0
230
アプリエンジニアのためのGraphQL入門.pdf
spycwolf
0
100

Featured

See All Featured
4 Signs Your Business is Dying
shpigford
180
21k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
27
4.3k
Bootstrapping a Software Product
garrettdimon
PRO
305
110k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
27
840
How GitHub (no longer) Works
holman
310
140k
The Pragmatic Product Professional
lauravandoore
31
6.3k
The Invisible Side of Design
smashingmag
298
50k
GraphQLとの向き合い方2022年版
quramy
43
13k
Writing Fast Ruby
sferik
627
61k
VelocityConf: Rendering Performance Case Studies
addyosmani
325
24k
Scaling GitHub
holman
458
140k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
44
2.2k

Transcript

  1. NOVEMBER 6, 2019 Using Docker and Kubernetes Application Security Workflow

    Automation Abhisek Datta, Appsecco

  2. About Me – Abhisek Datta • Head of Technology (appsecco.com)

    • A boutique security consulting company • TechWing @ null0x00 (null.co.in) • An Open Security Community • Security Researcher • Discovered vulnerabilities in MS Office, Internet Explorer, HP SiteScope etc. • Certified Kubernetes Application Developer (CKAD) :-P

  3. 1. How does an Application Security Workflow look like (Our

    opinion) 2. Our approach of security automation using Kubernetes native technologies 3. How to get started in automating Application Security Workflow using KubeSecO Key Take Away

  4. Application Security Workflow

  5. An Example AppSec Workflow Domain Hosts Subdomain Enumeration CIDR ASN

    Search DNS SPF, MX etc. Port and Service Scanning URLs Technologies Cloud Infrastructure Emails Public Breach DB Query Password Spraying Application Security Scan

  6. Data Collection Analysis Inference Further Actions How does it look

    like from Automation Perspective? Security Tools Human + Learning Systems Human + Learning Systems Feedback Loop

  7. Security Tool Workflow Rules Security Automation Automating AppSec Workflow

  8. KubeSecO Live in Action github.com/appsecco/kubeseco

  9. What's under the hood? github.com/appsecco/kubeseco

  10. How does the system look like?

  11. Driving the System – Events FTW! API Service HTTP POST

    NATS Write to NATS Message Queue Scanners (Client) Minio Object Storage Persist Output Output Analysis and Feedback Alerting and Notification Tool Output Event

  12. • 3rd Party Tools are not in our control •

    We need to be able to • Receive input from NATS • Run tool with tool specific command line • Receive output or check for error • Persist output to Minio The Tool Adapter (Pattern)

  13. 1. Package 3rd party tools as Docker containers 2. Add

    Tool Adapter binary and set as entrypoint 3. Write Kubernetes deployment spec (YAML) 4. Deploy to Kubernetes 5. Write YAML rules for Feedback Processing Adding a Security Tool (3rd Party)

  14. Security Tool Dockerfile

  15. Security Tool Kubernetes Spec (YAML)

  16. Match Transform Take Action Feedback Processor (Driving the System)

  17. Feedback Processor - Example

  18. • State management is difficult due to asynchronous nature of

    the system • NATS connection issue with preemptible nodes on GKE • Capacity planning and analysis • Cost analysis Challenges, Constraints and Things to do

  19. How to Contribute 1. Clone the repository from Github 2.

    Try out and report bugs 3. Add new security tools 4. Add feedback processor rules 5. Submit PR github.com/appsecco/kubeseco

  20. Questions? [email protected] That’s all for now.. https://appsecco.com @abh1sek github.com/abhisek github.com/appsecco/kubeseco