User login

Vulnerability scanning

Remote

Implement vulnerability scanning to help fulfill https://nvd.nist.gov/800-53/Rev4/control/RA-5">SSP Control RA-5 - Vulnerability Scanning.

This risk assessment control is considered the responsibility of the organization and so for the base one Docker compliance control reference https://docs.docker.com/compliance/reference/800-53/ra/#ra-5-risk-assessment">doesn't offer any help.

Employing a remote vulnerability scanning tool (in addition to code scanning as with https://github.com/openstack/bandit">Bandit) will help us meet our obligations under RA-5.

Choose https://www.openvas.org/">OpenVAS (Vulnerability Assessment System) and run it ourselves or have it hosted by a provider such as https://www.serverwat.ch/">ServerWat.ch ($20/month), or choose a proprietary provider such as https://www.tinfoilsecurity.com/">Tinfoil Security ($60/month) or https://sitecheck.sucuri.net/">Securi (free to $25/month).

anti-DDoS

https://deflect.ca/">Deflect - https://github.com/equalitie/autodeflect

Code analysis

Also known as static application security testing.

https://samate.nist.gov/index.php/Source_Code_Security_Analyzers.html">NIST has a long list of source code security analyzers.

They're missing some of the better tools, at least in Python.

Python

As far as system security plans, work here is also related to:

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • You may post code using <code>...</code> (generic) or <?php ... ?> (highlighted PHP) tags.
  • You can use Markdown syntax to format and style the text. Also see Markdown Extra for tables, footnotes, and more.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <blockquote> <small> <h2> <h3> <h4> <h5> <h6> <sub> <sup> <p> <br> <strike> <table> <tr> <td> <thead> <th> <tbody> <tt> <output>
  • Syntax highlight code surrounded by the {syntaxhighlighter SPEC}...{/syntaxhighlighter} tags, where SPEC is a Syntaxhighlighter options string or "class="OPTIONS" title="the title".
  • Lines and paragraphs break automatically.

More information about formatting options

By submitting this form, you accept the Mollom privacy policy.