Confirmed users
529
edits
Security/InfoSec/Test Driven Security: Difference between revisions
Jump to navigation
Jump to search
Security/InfoSec/Test Driven Security (view source)
Revision as of 14:46, 12 August 2014
, 12 August 2014no edit summary
(Created page with "=Test Driven Security in Mozilla’s infrastructures= Test Driven Security (TDS) is the process of verifying the compliance of systems, networks and services against security...") |
No edit summary |
||
| Line 17: | Line 17: | ||
[[File:TDS_Architecture.png]] | [[File:TDS_Architecture.png]] | ||
Security tests, also called compliance checks, verify that the configuration of a system matches the requirements of a security assurance level. A simple test would be to verify that SSH root login is disabled, which can be expressed into a MIG Action using the following JSON: | |||
<source lang="json"> | |||
{ | |||
"name": "compliance check for openssh", | |||
"target": "linux", | |||
"threat": { | |||
"level": "medium", | |||
"family": "compliance", | |||
"type": "system", | |||
"ref": "sysmediumssh1" | |||
}, | |||
"operations": [ | |||
{ | |||
"module": "filechecker", | |||
"parameters": { | |||
"/etc/ssh/sshd_config": { | |||
"regex": { | |||
"check root login is off": [ | |||
"(?i)^permitrootlogin no$" | |||
] | |||
} | |||
} | |||
} | |||
} | |||
], | |||
"syntaxversion": 1 | |||
} | |||
</source> | |||