ES Episode53

From Paul's Security Weekly
Jump to: navigation, search

Enterprise Security Weekly #53

Recorded on July 13, 2017 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Enterprise News

    1. New OneLogin Study finds Businesses Knowingly Leave Themselves Vulnerable to Data Breaches from Former Employees
    2. Flexera & Microsoft Join Forces to Increase Software Supply Chain Transparency & Strengthen Customer Relationships
    3. Tanium Announces Threat Response: A New Way to Ease the Pain of EDR Investigations :: ITbriefing.net ::
    4. Eastern Institute of Technology, NZ publishes Case Study on Web Vulnerability Scanners - Acunetix
    5. Powerbroker for Windows 7.3: More Flexibility with Rules and Access Control - BeyondTrust
    6. Reduce Development Cost with Increased Defect Removal Rates
    7. Security Hygiene Tips to Prevent Malware Infection & Stop Lateral Movement
    8. Coalfire to Conduct Adaptive Penetration Testing Training at Black Hat USA 2017 :: ITbriefing.net ::
    9. SANS Incident Response Survey Results- Part 1
    10. Are You Part of the 72% that Believe Cybersecurity is Getting Harder?

    Interview: CI Level Automated Web Security with Ferruh Mavituna, Netsparker

    Ferruh Mavituna from Netsparker[1]


    Ferruh Mavituna is the Founder and Product Manager of Netsparker. He developed the first and only proof-based web security scanner with state-of-the-art, accurate vulnerability detection and exploitation features, used by thousands companies around the world today. From 2002-2006, he worked for Turkish Army and Police. Ferruh is a frequent speaker at several conferences about Web Application Security and has released several research papers and tools. Netsparker Hawk: https://www.netsparker.com/blog/docs-and-faqs/netsparker-hawk-detects-ssrf-out-of-band-vulnerabilities/

    Tech Segment: The Opportunity For Hardening Docker Containers

    
    ############################################################
    # Dockerfile to build Nginx Installed Containers
    # Based on Debian
    ############################################################
    
    # Set the base image to Ubuntu
    FROM debian:jessie
    
    # File Author / Maintainer
    MAINTAINER Paul Asadoorian
    
    # Update the repository
    RUN apt-get update
    
    # Install necessary tools
    RUN apt-get -q install -y wget net-tools vim supervisor
    
    ## Install nginx
    RUN echo "INFO: Installing nginx..."
    
    # install nginx, whatever is in Debian will work just fine
    RUN apt-get -q install -y nginx
    
    # copy over configs, restart
    ADD ./config/nginx/default /etc/nginx/sites-enabled/
    ADD ./config/nginx/myconfig /etc/nginx/sites-enabled/
    ADD ./config/nginx/key.* /etc/ssl/
    
    # Expose ports
    EXPOSE 80
    EXPOSE 8080
    EXPOSE 443
    
    # Set the default command to execute
    # when creating a new container
    
    RUN service nginx stop
    
    # Custom Supervisord config
    COPY config/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
    
    CMD ["/usr/bin/supervisord"]
    
    
    docker run --name nginx --net=macvlan_bridge --ip=10.10.1.2 --mac-address 00:50:56:xx:xx:xx \ 
    --privileged=true -p 80:80 -p 8080:8080 -p 443:443 --link myappcontainer \
    -v /storage/docker/uploads:/uploads -t -d nginx:ver1
    docker network connect --ip 10.1.1.10 myapp_nw nginx