Kune akati wandei anobatsira akavhurika sosi dzimwe nzira mukuwedzera kune yemuno kuchengetedza mhinduro dzinopihwa nemakambani emakore.
Heino muenzaniso wemasere akatanhamara akavhurika sosi Cloud kuchengetedza matekinoroji.
AWS, Microsoft, uye Google angori mashoma makore makambani anopa akasiyana siyana ekuchengetedza maficha. Kunyange zvazvo matekinoroji aya achibatsira pasina mubvunzo, haakwanisi kugutsa zvinodiwa nemunhu wese. Zvikwata zveIT zvinowanzo tsvaga mapeji mukukwanisa kwavo kugadzira zvakachengeteka uye kuchengetedza mitoro yebasa pamapuratifomu ese aya sekufambira mberi kwegore. Pakupedzisira, zviri kumushandisi kuvhara mapeji aya. Open source Cloud kuchengetedza matekinoroji anobatsira mumamiriro ezvinhu akadai.
Inoshandiswa zvakanyanya yakavhurika sosi Cloud kuchengetedza matekinoroji anowanzo kugadzirwa nemasangano akaita seNetflix, Capital One, uye Lyft ane akakurisa IT zvikwata zvine hunyanzvi hwemakore. Zvikwata zvinotanga mapurojekiti aya kugadzirisa zvimwe zvidikanwi zvisiri kuitwa nemidziyo nemasevhisi atovepo, uye anovhura sosi software yakadaro netarisiro yekuti ichabatsirawo kune mamwe mabhizinesi. Kunyangwe isiri yese-inosanganisirwa, iyi rondedzero yeanonyanya kufarirwa yakavhurika sosi yefu kuchengetedza mhinduro paGitHub inzvimbo yakanaka yekutanga. Mazhinji acho anowirirana nemamwe magadzirirwo emakore, nepo mamwe akavakwa zvakajeka kuti ashande neAWS, iro rinonyanya kufarirwa gore reruzhinji. Tarisa kune aya ekuchengetedza matekinoroji emhinduro yechiitiko, kuyedza uye kuoneka.
Cloud Custodian
Kutungamira kweAWS, Microsoft Azure, uye Google Cloud Platform (GCP) nharaunda kunoitwa nerubatsiro rweCloud Custodian, injini yemitemo isingaverengeki. Nekubatanidzwa kwekuzivisa uye analytics, inosanganisa akati wandei emaitiro ekuteerera ayo mabhizinesi anoshandisa mupuratifomu imwe chete. Unogona kumisa mitemo uchishandisa Cloud Custodian inofananidza nharaunda nekuchengetedza uye kutevedzera zvinodiwa pamwe nemaitiro ekugadzirisa mutengo. Rudzi uye boka rezviwanikwa zvekutarisa, pamwe nezviito zvinotorwa pane izvi zviwanikwa, zvinoratidzwa muCloud Custodian marongero, ayo anotsanangurwa muYAML. Iwe unogona, semuenzaniso, kumisa mutemo unogadzira bhaketi encryption kuwanikwa kune ese Amazon S3 mabhakiti. Kuti ugadzirise otomatiki mitemo, unogona kubatanidza Cloud Custodian ine serverless runtimes uye ekuzvarwa makore masevhisi. Pakutanga yakagadzirwa uye yakaitwa kuti iwanikwe semahara sosi na
Cartography
Iyo yakanyanya kudhirowa pano ndeye Infrastructure mepu inogadzirwa necartography. Ichi otomatiki graphing chishandiso chinopa inomiririra inomiririra yekubatana pakati peiyo cloud infrastructure zvikamu. Izvi zvinogona kuwedzera kutaridzika kwekuchengetedza kwechikwata. Shandisa chishandiso ichi kugadzira mishumo yeasset, tsvaga anogona kurwisa mavector, uye kunongedza mikana yekuvandudza kuchengetedza. Mainjiniya kuLyft vakagadzira katutu, iyo inoshandisa Neo4j dhatabhesi. Inotsigira akasiyana siyana eAWS, G Suite, uye Google Cloud Platform masevhisi.
Diffy
Chishandiso chakanyanya kufarirwa chekushandisa chedigital forensics uye mhinduro yechiitiko inonzi Diffy (DFIR). Basa rechikwata chako cheDFIR ndere kutsvaga zvinhu zvako kuti uwane humbowo hupi hupi humbowo hwakasiyiwa mushure mekunge nharaunda yako yatorwiswa kana kubiwa. Izvi zvingada kushanda nesimba nemaoko. Injini inosiyanisa inopihwa naDiffy inoratidza zvisinganzwisisike zviitiko, chaiwo michina, uye zvimwe zviwanikwa zvekushandisa. Kuti ubatsire timu yeDFIR kuona nzvimbo dzevanorwisa, Diffy anovazivisa kuti ndezvipi zviwanikwa zviri kuita zvisinganzwisisike. Diffy ichiri mumatanho ekutanga ebudiriro uye ikozvino inongotsigira maLinux zviitiko paAWS, zvisinei plugin yayo yekuvaka inogona kugonesa mamwe makore. Iyo Security Intelligence uye Response Team yeNetflix yakagadzira Diffy, iyo yakanyorwa muPython.
Git-secrets
Ichi chishandiso chekusimudzira chekuchengetedza chinonzi Git-zvakavanzika chinokurambidza kuchengetedza zvakavanzika pamwe neimwe data inonzwisisika mune yako Git repository. Chero ani anoita kana kuita mameseji anokodzera imwe yeako akafanotsanangurwa, akarambidzwa mataurirwo maitiro anorambwa mushure mekuongororwa. Git-secrets yakagadzirwa neAWS mupfungwa. Yakagadzirwa neAWS Labs, iyo ichiri basa rekugadzirisa chirongwa.
OSSEC
OSSEC ipuratifomu yekuchengetedza inobatanidza kutariswa kwelogi, chengetedzo ruzivo uye chiitiko manejimendi, uye host-based intrusion yekuona. Iwe unogona kushandisa izvi pane gore-based VMs kunyangwe yaive yakagadzirirwa kuchengetedzwa-panzvimbo. Kuchinjika kwePlatform ndeimwe yemabhenefiti ayo. Mamiriro ezvinhu paAWS, Azure, uye GCP anogona kuishandisa. Pamusoro pezvo, inotsigira akasiyana maOS, anosanganisira Windows, Linux, Mac OS X, uye Solaris. Pamusoro peajenti uye neagentless yekutarisa, OSSEC inopa yepakati manejimendi server yekuchengeta yemitemo pamapuratifomu akati wandei. Hunhu hweOSSEC hunosanganisira: Chero faira kana dhairekitori shanduko pane yako system inozoonekwa nefaira yekuvimbika yekutarisa, iyo inokuzivisa iwe. Logi yekutarisa inounganidza, inoongorora, uye inokuzivisa iwe kune chero maitiro asina kujairika kubva kune ese ematanda muhurongwa.
Rootkit yekuona, iyo inokuzivisa iwe kana system yako ikaita shanduko senge rootkit. Kana mamwe mapindiro awanikwa, OSSEC inogona kupindura zvine mutsindo uye kuita ipapo ipapo. Iyo OSSEC Foundation inotarisira kuchengetwa kweOSSEC.
GoPhish
For phish simulation kuyedza, Gophish chirongwa chakavhurika-sosi chinogonesa kutumira maemail, kuatevera, uye kuona kuti vangani vanogamuchira vakadzvanya zvinongedzo mumaemail ako enhema. Uye iwe unogona kutarisa ese manhamba avo. Inopa timu dzvuku nzira dzinoverengeka dzekurwisa dzinosanganisira maemail akajairwa, maemail ane zvakabatanidzwa, uye kunyange RubberDuckies yekuyedza kuchengetedzeka kwemuviri uye kwedhijitari. Parizvino pane 36 phishing matemplate anowanikwa kubva munharaunda. Iyo AWS-yakavakirwa kugovera pre-yakatakura matemplate uye yakachengetedzwa kune CIS zviyero inochengetwa neHailBytes. pano.
prowler
Prowler chishandiso chekuraira-mutsara cheAWS chinoongorora zvivakwa zvako tichienzanisa nezviyero zvakatemerwa AWS neCentre for Internet Security pamwe neGDPR neHIPAA ongororo. Iwe une sarudzo yekuongorora yako yakakwana zvivakwa kana chaiyo AWS mbiri kana dunhu. Prowler anokwanisa kuita ongororo dzakawanda kamwechete uye kuendesa mishumo mumafomati anosanganisira CSV, JSON, uye HTML. Uyezve, AWS Security Hub inosanganisirwa. Toni de la Fuente, nyanzvi yezvekuchengetedza yeAmazon uyo achiri kuita basa rekugadzirisa chirongwa, akagadzira Prowler.
Chengetedzo Tsoko
MuAWS, GCP, uye OpenStack marongero, Chengetedzo Tsoko chishandiso chemurindi chinochengeta ziso kunze kwekugadzirisa matongerwo enyika uye isina kusimba setups. Semuenzaniso, Chengetedzo Tsoko muAWS inokuzivisa iwe pese panogadzirwa S3 bhaketi pamwe neboka rekuchengetedza, inotarisisa makiyi ako eAWS Identity & Access Management, uye inoita mamwe mabasa akati wandei ekutarisa. Netflix yakagadzira Chengetedzo Monkey, kunyangwe ichingopa madiki ekugadzirisa nyaya kubva izvozvi. AWS Config uye Google Cloud Assets Inventory vatsivi vevatengesi.
Kuti uone mamwe makuru akavhurwa sosi maturusi paAWS, tarisa yedu HailBytes' AWS yemusika inopa pano.
