An Easier Way to Multi cloud, Multi account Cloud Compliance (and Demo)

 

Compliance professionals understand the challenges of auditing modern cloud environments that span multiple accounts and multiple cloud providers.

Tools:

• OSQuery - https://osquery.io/
  
• CloudQuery - https://hub.cloudquery.io/
  

Leveraging OSQuery for Compliance - A Recovering Auditor’s Perspective

 

OSquery, developed by Facebook, is well known among DevSecOps practitioners as a great low-level operating system monitoring tool for endpoints and servers. In part 2 of our 3-part series on automating compliance, SANS Associate instructor AJ Yawn will discuss how compliance professionals can leverage OSQuery to collect technically accurate evidence for security audits in an efficient and streamlined manner.

See the previous blog post about QSquery here.

InsightVM: Vulnerability Assessment for Modern Environments

This webinar demo the following features for InsightVM:

• Remote credential scan
  
• Dynamic Discovery scan: vSphere, DHCP, cloud, LDAP, sonar
• Automation/Trigger: new CVE, new critical, new asset
  
• Agent-based assessment
• Policies scan
  
• Cloud and container scan
• Different views of vulnerability
• Asset criticality
• Dynamic asset group
• Dashboard and query
• Remediation project/plan with ticketing
• Goal: time-bound, SLA, continuous
• Automation: notification and workflow
• Container and registry scan, repository scan, build (CI/CD) scan
• Cloud configuration
  
• REST API access
  

Links:

• https://information.rapid7.com/insightvm-product-demo-august-2021-thanks..html
  

Analyzing Vulnerability Remediation Strategies

Prioritization to Prediction Volume 1: Analyzing Vulnerability Remediation Strategies

Effective remediation depends on quickly determining which vulnerabilities warrant action and which of those have highest priority, but prioritization remains one of the biggest challenges in vulnerability management. 

For the first time, Kenna Security and the Cyentia Institute took a quantitative look at the effectiveness of common remediation strategies and used that data as a baseline to compare against a cutting-edge predictive model.

The results of this research are detailed in the new report, Prioritization To Prediction: Analyzing Vulnerability Remediation Strategies.

1. Vulnerability Lifecycle
2. Vulnerability Prioritization
3. Exploitation Timeline
4. Exploit Prediction Model
   

 

Links:

• https://www.kennasecurity.com/resources/prioritization-to-prediction-report/
• https://website.kennasecurity.com/wp-content/uploads/2020/09/Kenna_Prioritization_to_Prediction_Vol1.pdf
  

vlookup with Python

VLOOKUP stands for 'Vertical Lookup'. It is an indispensible function that makes Excel search for a certain value in a 'table array', in order to return a value from a different column in the same row.

Here's a sample of Python script that can do the same thing like Excel. 

import pandas as pd
import numpy as np

workbook = 'data.xlsx'
excelfile = pd.ExcelFile(workbook)
sheets = excelfile.sheet_names

orders = pd.read_excel(workbook, sheet_name = 'Orders')
returns = pd.read_excel(workbook, sheet_name = 'Returns')

df1 = orders.merge(returns, left_on='Order ID', right_on='ID', how='left')

# Export to NEW excel workbook
output = 'output.xlsx'
df2.to_excel(output, sheet_name='Output', index=False)

Below are the 2 links where I learned from. 

Links:

• https://www.youtube.com/watch?v=cRELNmDpaks
• https://www.youtube.com/watch?v=AHS925L8JVk