Thursday, June 20, 2024

BDBA (Blackduck Binary Analysis)

 BDBA (Blackduck Binary Analysis)


Black Duck Binary Analysis (previously known as Protecode) is an Open Source Vulnerability Scan tool which provides the composition of Open Source components in a product along with Security information (no license info is provided).

BDBA (Protecode) uses a combination of static binary analysis techniques to X-ray the provided software package to identify third-party software components and their exact versions with a high level of confidence. Methods range from simple string matching to proprietary patent-pending techniques.

When to use BDBA?

BDBA should be used to analyze:

- 3rd party software supplied in binary form, for example, in a software supply chain scenario

- Software in binary form where you do not have access to the source used to build it

Monday, April 15, 2024

OWASP Top 10

 OWASP Top 10


  1. Broken Access Control : Occurs when unauthorized access to resources is mistakenly allowed .
    1. Common causes include human error such as 
      1. unprotected sensitive data, 
      2. lack of system isolation, 
      3. Misconfigured systems
    2. To avoid this risk, implement:
      1. Formal threat modeling
      2. Cover access control in use case testing
      3. Use secure configuration for deployment 
      4. Design for error by anticipating mistake and reducing their impact.
  2. Cryptographic failures : Can compromise confidentiality and integrity of data.
    1. Common Causes :
      1. Misconfigured system
      2. Use of insecure protocol
      3. Leaking cryptographic secrets
      4. Using outdated or weak cryptographic algorithms.
    2. To prevent this:
      1. Implement Threat modeling
      2. Safeguard private keys
      3. Use encryption for data at rest and in transit
      4. Use only approved cryptographic libraries and configurations.
  3. Injection: is the misuse of external inputs that manipulates the application to behave insecurely.
    1. Causes :
      1. Insufficient human input validation
      2. Failure to identify potential injection sources
    2. To avoid:
      1. Perform threat modeling
      2. Treat all external applications/inputs data as harmful.
      3. Perform regular penitent including fuzzing techniques.



  1. Insecure Design: is the failure to incorporate Security in all stages of a project.
    1. Common Causes:
      1. Neglecting security considerations at various point of development process.
      2. Inadequate security awareness.
    2. Risk
      1. Inability to pass security standards and expensive rework
    3. To avoid this
      1. Implement formal threat modeling
      2. Develop a security mindset
      3. Continuously learning and apply security knowledge 
  2. Security misconfiguration: occurs when security measures are rendered ineffective due to incorrect deployment.
    1. Common causes:
      1. Failing to use secure configuration
      2. Not reviewing configuration defaults
      3. Assuming hidden applications as secure.
    2. To mitigate this:
      1. Conduct authorized penetration test against production deployments
      2. Follow a consistent security review process
      3. Use only third party components that have independent security validations
  3. Vulnerable and outdated Components : can expose systems to risk.
    1. Common causes
      1. Assuming someone else is taking security actions
      2. Underestimating the risk of unpatched systems 
      3. Lack of dependency and version management
    2. To avoid:
      1. Follow a continuous software update process
      2. Use well documented management processes
      3. Actively monitor for security vulnerabilities news bulletin 
      4. Perform regular pen test
  4. Identification and Authentication failure: occurs when system mis identifies an actor and grants improper privileges.
    1. Common causes:
      1. Misconfiguration
      2. Insecure session management 
      3. Using simple and spoofable authentication mechanisms 
    2. To avoid :
      1. Perform proper threat modeling
      2. At least Two factor Authentication 
      3. Use approved SSO integrations
  5. Software and data integrity Failure : occurs when unverified data and software are deemed trustworthy
    1. Common causes
      1. Trusting unverified data
      2. Failing to ensure limited access for personnel to change the data or code
      3. Related cryptographic failures
    2. To Prevent:
      1. Verify the Authenticity of all code and data
      2. Do not rely on implicit trust
      3. Use trusted public key infrastructure for data and code signing
  6. Security Logging and Monitoring Failures : can leave malicious attacks undetected 
    1. Common causes:
      1. Misunderstanding of sufficient details required for forensic investigations 
      2. Selective logging
      3. Insecure storage
      4. Transport of logs
    2. To avoid this:
      1. Log all accessed resources
      2. Map actions to data for better traceability 
  7. Server side request forgery: manipulating remote resources to make requests on behalf of an attacker
    1. Common causes:
      1. Processing data from insecured resources
      2. Misconfigured middleware
    2. To avoid:
      1. Sanitize all data inputs
      2. Use Strong authentication and Authorization for all endpoints 
      3. Scan middleware regularly for any mis configurations




Thursday, September 30, 2021

Debug Qurkus App in VS code

 Debug Qurkus App in VS code

Debug Qurkus App in VS code



1. ./gradlew quarkusDev -Dsuspend=true -Ddebug=true

2. Go to Run --> add configuration --> select Attach to Remote Program

    use these deteils:

{

            "type": "java",

            "name": "Attach to Remote Program",

            "request": "attach",

            "hostName": "localhost",

            "port": "5005"

        },


3. Click on run.

Friday, May 8, 2020

DevOps in a Nutshell

As per WikiDevOps is a set of practices that combines software development (Dev) and information-technology operations (Ops) which aims to shorten the systems development life cycle and provide continuous delivery with high software quality.

DevOps is the response to the “us vs. them” culture of development.

The goal is to bridge the gap between IT operations and development to improve communication and collaboration, create more seamless processes, and align strategy and objectives for faster and more efficient delivery


Benefits of DevOps :



Principles :


Automation: Automate everything, such as workflows, testing new code, and how your infrastructure is provisioned to cut down on waste and overwork.

Iteration: Write small chunks of code during a time-box sprint to support releases and sub-releases that increases the speed and frequency of deployments.

Continuous improvement: Continuously test, learn from failures, and act on feedback in order to optimize performance, cost, and time to deployment.


Collaboration: Unite teams, foster communication and breakdown silos between development, IT operations, and quality assurance.


Process Flow :

ToolChain:

A DevOps toolchain is a set or combination of tools that aid in the delivery, development, and management of software applications throughout the systems development life cycle, as coordinated by an organisation that uses DevOps practices.



Sunday, December 15, 2019

Kubernetes-know-how


Keywords

Node:
It is normal machine, it could be a physical computer or could be a computing instance like AWS EC2 instances.
Cluster:
The cluster is a collection of Nodes (computers) related to each other and work together.
Pod:
one or more docker containers, sharing the same network card .
you can think of them as two separate computers sharing the same network card, or two separate processes in one computer. The main goal of the pod is to separate processes and their dependencies while maintaining the same network identity.
pods are the basic unit of deployment in Kubernetes, they get deployed to the nodes of the cluster, and these nodes can have one or more pods on them, it’s up to Kubernetes to arrange the pods between the nodes.
Replica:
The replica is a clone of a pod, replicas are needed to distribute the load.
Service:
A service is a group of pods that running somewhere in the cluster and they provide the same functionality.
Deployment:
A Deployment provides declarative updates for Pods and ReplicaSets..

Monday, September 16, 2019

docker-commands-cheat-sheet

Docker Commands
Description
docker search searchterm
Search Docker Hub for images.
docker pull user/image
Downloads an image from Docker Hub.
docker login
Authenticate to Docker Hub
(or other Docker registry).
docker push user/image
Uploads an image to Docker Hub.
You must be authenticated to run this command.
docker ps
List all running containers.
docker ps -a
List all container instances, with their ID
and status.
docker images
Lists all images on the local machine.
docker history user/image
Lists the history of an image.
docker logs [container name or ID]
Displays the logs from a running container.
docker port [container name or ID]
Displays the exposed port of a running container.
docker diff [container name or ID]
Lists the changes made to a container.
docker run -it user/image
Runs an image, creating a container and
changing the terminal
to the terminal within the container.
docker run -p $HOSTPORT:$CONTAINERPORT -d user/image
Run an image in detached mode
with port forwarding.
ctrl+p then ctrl+q
From within the container’s command prompt,
detach and return to the host’s prompt.
docker attach [container name or ID]
Changes the command prompt
from the host to a running container.
docker start [container name or ID]
Start a container.
docker stop [container name or ID]
Stop a container.
docker rm -f [container name or ID]
Delete a container.
docker rmi
Delete an image.
docker tag user/image:tag user/image:newtag
Add a new tag to an image.
docker exec [container name or ID] shell command
Executes a command within a running container.
docker commit user/image
Save a container as an image.
docker save user/image
Save an image to a tar archive.
docker build -t sampleuser/ubuntu .
Builds a Docker image from a Dockerfile
in the current directory.
docker load
Loads an image from file.
docker info
Get information about the docker infra.
docker images
Get all the images in local docker repo.
docker rm $(docker ps -a -q)
Delete all containers
docker rmi $(docker images -q)
Delete all images---- use -f is needed for force