From 5fc364df4deb1a129d2173e246ca97a477cd7ce4 Mon Sep 17 00:00:00 2001 From: "daniel.wittich" Date: Tue, 5 Nov 2019 21:25:48 +0100 Subject: [PATCH 1/7] Add BeyondCorp to assess --- radar/2019-11-01/beyondcorp.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 radar/2019-11-01/beyondcorp.md diff --git a/radar/2019-11-01/beyondcorp.md b/radar/2019-11-01/beyondcorp.md new file mode 100644 index 0000000..bb23ed1 --- /dev/null +++ b/radar/2019-11-01/beyondcorp.md @@ -0,0 +1,12 @@ +--- +title: "BeyondCorp" +ring: assess +quadrant: methods-and-patterns + +--- + +BeyondCorp is a Zero Trust framework that evolved at Google. +With the surge of cloud technologies and micro services the network perimeter is ever disappearing. +This provides challenges for authentication of subjects that used to heavily rely on network segments. +With Zero Trust no assumption is made about how far something can be trusted, everything is untrusted by default and authentication and authorisation happens all the time, not just once. +While network segments and VPN connections may still have relevance in specific areas AOE is increasingly implementing BeyondCorp in all its components and services with implementing OAuth and OpenID Connect. \ No newline at end of file From 784cb095a43d386e68ccf0bad94a143add8f800b Mon Sep 17 00:00:00 2001 From: "daniel.wittich" Date: Tue, 5 Nov 2019 21:26:14 +0100 Subject: [PATCH 2/7] Add Falco to assess --- radar/2019-11-01/falco.md | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 radar/2019-11-01/falco.md diff --git a/radar/2019-11-01/falco.md b/radar/2019-11-01/falco.md new file mode 100644 index 0000000..5bd55c7 --- /dev/null +++ b/radar/2019-11-01/falco.md @@ -0,0 +1,11 @@ +--- +title: "Falco" +ring: assess +quadrant: tools + +--- + +Falco is an open source project for intrusion and abnormality detection for Cloud Native platforms such as Kubernetes. +It detects abnormal application behavior and sends alerts via Slack, Fluentd, NATS, and more. + +We are assessing Falco to add another angle to host based intrusion detection and alerting. \ No newline at end of file From 347ba379b7efd828642d5137c3c36f4845400fff Mon Sep 17 00:00:00 2001 From: "daniel.wittich" Date: Tue, 5 Nov 2019 21:26:55 +0100 Subject: [PATCH 3/7] Amend SonarQube description --- radar/2019-11-01/sonarqube.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/radar/2019-11-01/sonarqube.md b/radar/2019-11-01/sonarqube.md index 35e9642..85adb74 100644 --- a/radar/2019-11-01/sonarqube.md +++ b/radar/2019-11-01/sonarqube.md @@ -4,3 +4,6 @@ ring: trial quadrant: tools --- + +At AOE, we are using SonarQube to get a historical overview of the code quality in our Projects. With SonarQube, you can get a quick insight into the condition of your code. It analyzes many languages and provides numerous static analysis rules. +SonarQube is also being used for Static Application Security Testing (SAST) which scans our code for potential security vulnerabilities and is an essential element of our Secure Software Development Lifecycle. \ No newline at end of file From 0a8574856cfe020e9fb1a0c9f879386fa7ebb769 Mon Sep 17 00:00:00 2001 From: "daniel.wittich" Date: Tue, 5 Nov 2019 21:27:24 +0100 Subject: [PATCH 4/7] Amend STRIDE Threat Modeling to assess --- radar/2019-11-01/stride-threat-modeling.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 radar/2019-11-01/stride-threat-modeling.md diff --git a/radar/2019-11-01/stride-threat-modeling.md b/radar/2019-11-01/stride-threat-modeling.md new file mode 100644 index 0000000..c7302c2 --- /dev/null +++ b/radar/2019-11-01/stride-threat-modeling.md @@ -0,0 +1,19 @@ +--- +title: "STRIDE Threat Modeling" +ring: assess +quadrant: methods-and-patterns + +--- + +STRIDE is a model of threat groups that helps to identify security threats to any application, component or infrastructure. + +The acronym stands for: + +* Spoofing +* Tampering +* Repudiation +* Information disclosure +* Denial of service +* Elevation of privilege + +AOE is applying the threat model in collaborative sessions using the [Elevation of Privilege Card Game](https://social.technet.microsoft.com/wiki/contents/articles/285.elevation-of-privilege-the-game.aspx) which helps to spark imagination and makes threats more tangible. \ No newline at end of file From fef695bbcb489b9ed58d10e2f0dfd8f66c8bdd4f Mon Sep 17 00:00:00 2001 From: "daniel.wittich" Date: Tue, 5 Nov 2019 21:47:03 +0100 Subject: [PATCH 5/7] add .iml to .gitignore --- .gitignore | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 2a7fb10..0ab6b1a 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,5 @@ dist node_modules npm-debug.log -yarn-error.log \ No newline at end of file +yarn-error.log +aoe_technology_radar.iml From 4ca92201b5ef7e2b7e4c46d5602df1814d31fb25 Mon Sep 17 00:00:00 2001 From: Daniel Wittich <45591101+danielvonwi@users.noreply.github.com> Date: Wed, 6 Nov 2019 08:23:44 +0100 Subject: [PATCH 6/7] move BeyondCorp to trial --- radar/2019-11-01/beyondcorp.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/radar/2019-11-01/beyondcorp.md b/radar/2019-11-01/beyondcorp.md index bb23ed1..4da10b2 100644 --- a/radar/2019-11-01/beyondcorp.md +++ b/radar/2019-11-01/beyondcorp.md @@ -1,6 +1,6 @@ --- title: "BeyondCorp" -ring: assess +ring: trial quadrant: methods-and-patterns --- @@ -9,4 +9,4 @@ BeyondCorp is a Zero Trust framework that evolved at Google. With the surge of cloud technologies and micro services the network perimeter is ever disappearing. This provides challenges for authentication of subjects that used to heavily rely on network segments. With Zero Trust no assumption is made about how far something can be trusted, everything is untrusted by default and authentication and authorisation happens all the time, not just once. -While network segments and VPN connections may still have relevance in specific areas AOE is increasingly implementing BeyondCorp in all its components and services with implementing OAuth and OpenID Connect. \ No newline at end of file +While network segments and VPN connections may still have relevance in specific areas AOE is increasingly implementing BeyondCorp in all its components and services with implementing OAuth and OpenID Connect. From ac317322345f3178736aa0dd7a5810808c7d9e3f Mon Sep 17 00:00:00 2001 From: Daniel Wittich <45591101+danielvonwi@users.noreply.github.com> Date: Wed, 6 Nov 2019 08:24:56 +0100 Subject: [PATCH 7/7] move STRIDE threat modelling to trial --- radar/2019-11-01/stride-threat-modeling.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/radar/2019-11-01/stride-threat-modeling.md b/radar/2019-11-01/stride-threat-modeling.md index c7302c2..cfb1f64 100644 --- a/radar/2019-11-01/stride-threat-modeling.md +++ b/radar/2019-11-01/stride-threat-modeling.md @@ -1,6 +1,6 @@ --- title: "STRIDE Threat Modeling" -ring: assess +ring: trial quadrant: methods-and-patterns --- @@ -16,4 +16,4 @@ The acronym stands for: * Denial of service * Elevation of privilege -AOE is applying the threat model in collaborative sessions using the [Elevation of Privilege Card Game](https://social.technet.microsoft.com/wiki/contents/articles/285.elevation-of-privilege-the-game.aspx) which helps to spark imagination and makes threats more tangible. \ No newline at end of file +AOE is applying the threat model in collaborative sessions using the [Elevation of Privilege Card Game](https://social.technet.microsoft.com/wiki/contents/articles/285.elevation-of-privilege-the-game.aspx) which helps to spark imagination and makes threats more tangible.