Security

Security Software & Tools Tips – November 2018

In this monthly post, we try to make you aware of five different security related products.

This month we have choosen for the following:
* Naxsi
* OSSEC
* Forseti Security
* Security Monkey
* OWASP Zed Attack Proxy

Naxi


Naxsi is a module that you can compile with nginx and it then provides “Anti XSS & SQL Injection” capabilities for nginx.

Information from the Naxsi GitHub page:

NAXSI means Nginx Anti XSS & SQL Injection.

Technically, it is a third party nginx module, available as a package for many UNIX-like platforms. This module, by default, reads a small subset of simple (and readable) rules containing 99% of known patterns involved in website vulnerabilities. For example, <, | or drop are not supposed to be part of a URI.

Website:

https://github.com/nbs-system/naxsi

OSSEC


This tools is a free open source host-based intrustion dectection system (HIDS) and it is easy to install, cool thing is that they are compliant with PCI-DSS

Information from the OSSEC website:

OSSEC watches it all, actively monitoring all aspects of system activity with file integrity monitoring, log monitoring, rootcheck, and process monitoring.

When attacks happen OSSEC lets you know through alert logs and email alerts sent to you and your IT staff so you can take quick actions. OSSEC also exports alerts to any SIEM system via Syslog so you can get real-time analytics and insights into your system security events.

Website:

https://www.ossec.net

Forseti Security


This are basically a bunch of tools that will help you improve the security of your GCP.

Information from the Forseti Security website:

A community-driven collection of open source tools to improve the security of your Google Cloud Platform environments.

Website:

https://forsetisecurity.org/

Security Monkey


This is a monitoring tool created by Netflix it checks your configuration, and or for policy changes then it can provide you with alerts.
It currently works both on AWS and on GCP.

Information from the Security Monkey GitHub page:

Security Monkey monitors your AWS and GCP accounts for policy changes and alerts on insecure configurations. Support is available for OpenStack public and private clouds. Security Monkey can also watch and monitor your GitHub organizations, teams, and repositories.

It provides a single UI to browse and search through all of your accounts, regions, and cloud services. The monkey remembers previous states and can show you exactly what changed, and when.

Security Monkey can be extended with custom account types, custom watchers, custom auditors, and custom alerters.

Website:

https://github.com/Netflix/security_monkey

OWASP Zed Attack Proxy (ZAP)

Information from the OWASP Zed Attack Proxy website:

The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.

Website:

https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project

Photo by arvin febry on Unsplash

Related posts

What GDPR means to cloud service providers

Sjir Bagmeijer

Internet of Medical Things: When Hacking becomes Life Threatening

Sjir Bagmeijer

Security Software & Tools Tips – October 2018

Sjir Bagmeijer