Woman looking at security best practices -as code

Security Best Practices as Code – Talk at Boulder DevOps

One of the big challenges with system management is keeping servers in compliance with security best practices. Commonly it’s done annually or quarterly through an audit process. These processes are incredibly time-consuming, can be confrontational, are often done by a sampling process, and can leave servers in a vulnerable state for months at a time. As organizations move to a continuous deployment model, security teams fall further and further behind. What if you could know immediately that a server was out of compliance, so you could correct it right away, and reduce the window of opportunity for attackers?

What if you could know immediately that a server was out of compliance, so you could correct it right away, and reduce the window of opportunity for attackers?

This talk will tell describe in detail how the Assimilation System Management Suite  is implementing this capability.

The Assimilation System Management Suite collects configuration information and incrementally keeps its configuration management database (CMDB) continually up to date. A good bit of this information is security-related. The next step in the evolution of the Assimilation Cybersecurity component is to automatically trigger comparisons of changed information in the CMDB against best practice rules – particularly security best practices. We will translate security best practices to code, and incrementally verify compliance in near-real-time. Because of the Assimilation architecture, this is remarkably easy to do efficiently.

The result of this will be that once you get systems into compliance they will tend to stay in compliance.

One of of the challenges is to collect best practice rules.  We’ve started that process by looking both at the NIST rules (courtesy of Leam Hall) and those from the Lynis open source project, and will be giving a talk on this process at OSCON 2015.

This talk will give an overview of the Assimilation Suite along with a few specific examples of a few best practice rules, a little about the rule collection process, and a couple of quick demos of the technology at work, and current status.

Slides from this talk are here: https://speakerdeck.com/ossalanr/security-best-practices-as-code-boulder-devops-april-2015

Date: April 20, 2015
Time: 18:30-20:00
Event: Security Best Practices as Code - Boulder DevOps
Topic: Security Best Practices As Code
Venue: Applied Trust
303-245-4545
Location: 1033 Walnut Street
Suite 300 Boulder, Colorado 80302
USA
Public: Public
Registration: Click here to register.

Please note: I reserve the right to delete comments that are offensive or off-topic.

Leave a Reply

You have to agree to the comment policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.