interés para la comunidad DevSecOps • 100% comunitario y vendorless. No participa, ni financia, ni se recomienda algún vendor en particular. El mantenimiento es en base al esfuerzo de tod@s! • Contenido: • Información general • Noticias • Webinars • Tutoriales • Lecturas • Cursos • Certificaciones disponibles • Tools • Etc… Proyecto DSOC-Hub [email protected] Si crees en la información libre y queres crecer y hacer crecer a otros…
de hoy se ha convertido en una muy completa plataforma de automatización open source PROVISIONING CONF MGMT ORCHESTRATION COMPLIANCE- AS-CODE TASK AUTOMATION IAM AUTOMATON
desvíos changed → la tarea corrió y se detectaron desvíos skipping → la tarea se excluyó debido a condicionales failed → la tarea no se ejecutó debido a errores Unreachable → el host no es alcanzable
Ansible con sus respectivos templates y variables para ser importadas en otros entornos. • Se pueden compartir y utilizar roles de terceros a través de Ansible Galaxy https://galaxy.ansible.com
v3.2.1 SWIFT CSP 2020 Protective Technology (PR.PT): PR.PT-1: Audit/log records are determined, documented, implemented, and reviewed in accordance with policy Anomalies and Events (DE.AE): DE.AE-2: Detected events are analysed to understand attack targets and methods Logging and monitoring (12.4) 12.4.1: Event logging Control 6. Maintenance, Monitoring and Analysis of Audit Logs Subcontrol(s): 6.2, 6.5 Requirement 10: Track and monitor all access to network resources and cardholder data Applicable Subsection(s): 10.2, 10.6 6.4 Logging and Monitoring Record security events and detect anomalous actions and operations within the local SWIFT environment.
v3.2.1 SWIFT CSP 2020 Information Protection Processes and Procedures (PR.IP) PR.IP-12: A vulnerability management plan is developed and implemented RS.AN-5: Processes are established to receive, analyze and respond to vulnerabilities disclosed to the organisation from internal and external sources (e.g. internal testing, security bulletins, or security researchers) Technical vulnerability management (12.6) 12.6.1: Management of technical vulnerabilities Control 3. Continuous Vulnerability Management Subcontrol(s): 3.4 Control 18. Application Software Security Subcontrol(s): 18.7 Requirement 6: Develop and maintain secure systems and applications Applicable Subsection(s): 6.2 2.2 Security Updates Minimize the occurrence of known technical vulnerabilities within the local SWIFT infrastructure by ensuring vendor support, applying mandatory software updates, and applying timely security updates aligned to the assessed risk.
PCI-DSS v3.2.1 SWIFT CSP 2020 Continuous Monitoring (DE.CM) DE.CM-8: Vulnerability scans are performed ID.RA-1: Asset vulnerabilities are identified and documented RS.AN-5: Processes are established to receive, analyze and respond to vulnerabilities disclosed to the organisation from internal and external sources Technical vulnerability management 12.6.1: Management of technical vulnerabilities Control 3. Continuous Vulnerability Management Subcontrol(s): 3.1, 3.2 Requirement 11: Regularly test security systems and processes Applicable Subsection(s): 11.2 2.7. Vulnerability Scanning Identify known vulnerabilities within the local SWIFT environment by implementing a regular vulnerability scanning process.
CIS v7.1 PCI-DSS v3.2.1 SWIFT CSP 2020 Information Protection Processes and Procedures (PR.IP) PR.IP-1: A baseline configuration of information technology/industrial control systems is created and maintained Security requirements of information systems (14.1) 14.1.1: Information security requirements analysis and specification Control 5. Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers Subcontrol(s): 5.1, 5.4, 5.5 Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters Applicable Subsection(s): 2.2, 2.5 2.3 System Hardening Reduce the cyber attack surface of SWIFT-related components by performing system hardening.
CIS v7.1 PCI-DSS v3.2.1 SWIFT CSP 2020 Access Control (PR.AC) PR.AC-1: Identities and credentials are managed for authorized devices and users PR.AC-4: Access permissions are managed, incorporating the principles of least privilege and separation of duties User access management (9.2) 9.2.3: Management of privileged access rights Control 16. Account Monitoring and Control Subcontrol(s): 16.7 Requirement 8: Identify and authenticate access to system components Applicable Subsection(s): 8.1, 8.5 1.2 Operating System Privileged Account Control Restrict and control the allocation and usage of administrator-level operating system accounts.