Category: DevSecOps

[Vulnerability] CVE-2024-6387 – Critical vulnerability in OpenSSH

Posted on By nim No Comments on [Vulnerability] CVE-2024-6387 – Critical vulnerability in OpenSSH

CVE-2024-6387 is a critical vulnerability in OpenSSH that allows unauthenticated remote code execution, affecting millions of Linux systems. The flaw, named “regreSSHion,” is particularly dangerous because it can be exploited without authentication, making it a significant threat to affected systems.Affected Versions: 8.5p1 to 9.7p1. Stop and Remove Existing OpenSSH Service Install OpenSSH 9.8 Maybe you encounter…

Read More “[Vulnerability] CVE-2024-6387 – Critical vulnerability in OpenSSH” »

DevSecOps

[Security] Find vulnerabilities in your EC2 Linux instance

Posted on By nim No Comments on [Security] Find vulnerabilities in your EC2 Linux instance

To find vulnerabilities on your EC2 Linux instance, including ones related to OpenSSH and other software, you can use several open-source tools. Here are some recommended steps and tools: These tools will help you identify and mitigate vulnerabilities on your EC2 Linux instance. Be sure to regularly update these tools and your system to keep…

Read More “[Security] Find vulnerabilities in your EC2 Linux instance” »

DevSecOps

[Security] How to access S3 when you stay at any EC2!

Posted on By nim No Comments on [Security] How to access S3 when you stay at any EC2!

You already have limited access inside the AWS account with the credentials of a compromised IAM user. To find out the name of your IAM user, you have to execute aws iam get-user. There are 3 ways to give permissions to an IAM user: inline policies (aws iam list-user-policies), attached policies (aws iam list-attached-user-policies) and…

Read More “[Security] How to access S3 when you stay at any EC2!” »

DevSecOps

[DefectDojo] Vulnerability Management and Remediation by DefectDojo

Posted on By nim No Comments on [DefectDojo] Vulnerability Management and Remediation by DefectDojo

Generate Security Scanning Reports Hiện theo cách đơn giản là bạn có rất nhiều tool scanning và bạn cần 1 nơi centralize report of the scanning tool Khi bạn sử dụng 1 tool scan thì bạn config sao cho tool scan will create a report file.Và chúng ta sẽ lưu file đó vào artifact của…

Read More “[DefectDojo] Vulnerability Management and Remediation by DefectDojo” »

DevSecOps

[Gitleaks/njsscan/semgrep] Secure Your code by CAST and SAST tools

Posted on By nim No Comments on [Gitleaks/njsscan/semgrep] Secure Your code by CAST and SAST tools

Look into CAST tool Ở đây mình sẽ dụng Docker để run gitleaks Bạn sẽ cần replace: ${path_to_host_folder_to_scan} đây là folder chứa code của bạn.Và tiếp theo là phần [COMMAND]: Và bên dưới là phần chúng ta scan, mình sử dụng command detect. nếu bạn muốn output hiện thị chi tiết hơn thêm –verbose Để…

Read More “[Gitleaks/njsscan/semgrep] Secure Your code by CAST and SAST tools” »

CI/CD, DevSecOps

How do companies ship code to production?

Posted on By nim No Comments on How do companies ship code to production?

Tham khảo link:https://blog.bytebytego.com/p/ep81-how-companies-ship-code-to-production?ref=dailydev Step 1: The process starts with a product owner creating user stories based on requirements. Step 2: The dev team picks up the user stories from the backlog and puts them into a sprint for a two-week dev cycle. Step 3: The developers commit source code into the code repository Git. Step…

Read More “How do companies ship code to production?” »

Coding, DevSecOps

[DevSecOps] Use CrowdSec to detect the malicious behaviors in your system.

Posted on By nim No Comments on [DevSecOps] Use CrowdSec to detect the malicious behaviors in your system.

CrowdSec là một giải pháp mã nguồn mở được thiết kế để bảo vệ máy chủ và ứng dụng của bạn khỏi các cuộc tấn công độc hại. Nó hoạt động dựa trên cơ chế phát hiện và cấm IP dựa trên hành vi độc hại và sau đó chia sẻ các địa chỉ IP…

Read More “[DevSecOps] Use CrowdSec to detect the malicious behaviors in your system.” »

DevSecOps

[DevSecOps] Scan Terraform

Posted on By nim No Comments on [DevSecOps] Scan Terraform

Mình copy bài này:https://spacelift.io/blog/what-is-tfsec More and more organizations are adopting IaC to codify their infrastructure requirements and streamline the maintenance processes around it. While Terraform is one of the dominant technologies today in the space of Infrastructure as Code (IaC), there is still a lot of scope of improvement. One such opportunity is its SecOps…

Read More “[DevSecOps] Scan Terraform” »

DevSecOps, Terraform