the defense rests: automation and apis for better security september 26, 2012 david mortman
TRANSCRIPT
![Page 1: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/1.jpg)
The Defense RESTs: Automation and APIs for Better Security
September 26, 2012
David Mortman
![Page 2: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/2.jpg)
Introduction
![Page 3: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/3.jpg)
Want to get better at security?
![Page 4: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/4.jpg)
Improve your operations
![Page 5: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/5.jpg)
Improve your developement
![Page 6: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/6.jpg)
The Problem
![Page 7: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/7.jpg)
Huge % of incidents revolve around
operational or coding issues
![Page 8: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/8.jpg)
Why?
![Page 9: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/9.jpg)
People Are Bad At Repeatable Tasks!
![Page 10: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/10.jpg)
Centralization, automation & testing can address this
![Page 11: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/11.jpg)
Use APIs and existing ops/dev tools!
![Page 12: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/12.jpg)
Chef, Puppet, etc
![Page 13: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/13.jpg)
Compliance
&
Change Control
![Page 14: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/14.jpg)
Configuration Drift
AKA
Variation is Evil
![Page 15: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/15.jpg)
Key Management
![Page 16: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/16.jpg)
Auto-Scaling
![Page 17: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/17.jpg)
Auto-scanning on VM launch
![Page 18: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/18.jpg)
INSTANCE=`ec2-run-instances $AMI -t $TYPE -k $KEY | grep i- | cut -f 2`; until [ $IP ]; do sleep 15; IP=`ec2-describe-instances $INSTANCE | grep i- | cut -f 17`; done ; curl -H "X-Requested-With: DM Automation" -u $USER:$PASS "https://qualysapi.qualys.com/msp/asset_ip.php?action=add&host_ips=$IP"; curl -H "X-Requested-With: DM Automation" -u $USER:$PASS "https://qualysapi.qualys.com/msp/scan.php?ip=$IP&save_report=yes"
![Page 19: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/19.jpg)
Jenkins
![Page 20: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/20.jpg)
Findbugs et al.
http://findbugs.sourceforge.net/
![Page 21: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/21.jpg)
Functional and Unit Testing
![Page 22: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/22.jpg)
Positive and Negative Testing
![Page 23: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/23.jpg)
Gauntlt
https://github.com/thegauntlet/gauntlt
![Page 24: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/24.jpg)
Auto-code/site scanning on commit
![Page 25: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/25.jpg)
PUT https://sentinel.whitehatsec.com/api/vuln/retest/<id>
![Page 26: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/26.jpg)
A Little DevOps
![Page 27: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/27.jpg)
Woodward:
Code Changes & Complexity
![Page 28: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/28.jpg)
APIs: REST vs SOAP
![Page 29: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/29.jpg)
Future Directions
& Resources
![Page 30: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/30.jpg)
iControl
&
Space
![Page 31: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/31.jpg)
IF-MAP
![Page 32: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/32.jpg)
Security Automation List
SecurityAutomata.Com
![Page 33: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/33.jpg)
IAM
SCIM/XACML
![Page 34: The Defense RESTs: Automation and APIs for Better Security September 26, 2012 David Mortman](https://reader037.vdocuments.us/reader037/viewer/2022110401/56649e025503460f94aed1ed/html5/thumbnails/34.jpg)
Conclusion