From Fedora Project Wiki
m (→Agenda) |
(→Agenda) |
||
| Line 18: | Line 18: | ||
*** Ken Evensen lead developer | *** Ken Evensen lead developer | ||
*** Quick description and update | *** Quick description and update | ||
*** Exploit curation crowdsourcing ([https:// | *** Exploit curation crowdsourcing ([https://trello.com/b/1fbRYkiQ/exploit-curation Trello board]) | ||
** FCTL | ** FCTL | ||
*** Replication of Cyber-ITL methodology and results in an open source and repeatable way | *** Replication of Cyber-ITL methodology and results in an open source and repeatable way | ||
Revision as of 13:33, 6 October 2017
Fedora Red Team meeting 6 October 2017
Time: 1400 UTC
Location: Freenode IRC #fedora-security
Agenda
- State of the SIG
- SIG page at https://fedoraproject.org/wiki/SIGs/Red_Team
- GitHub project at https://github.com/fedoraredteam
- Currently using #fedora-security and security@lists.fedoraproject.org for comms
- Blog posts being reblogged by Planet Fedora security Subplanet
- Two projects active, others on the roadmap
- Active projects
- ELEM
- Enterprise Linux Exploit Mapper
- Ken Evensen lead developer
- Quick description and update
- Exploit curation crowdsourcing (Trello board)
- FCTL
- Replication of Cyber-ITL methodology and results in an open source and repeatable way
- Using a handful of open source tools to analyze binaries
- Radare2
- Capstone Engine
- hardening-check
- Results currently go into Mongo
- Looking to transition to ELK for better vis layer
- Plan to analyze RHEL, CentOS, and Fedora
- Would love community contributions for other OSes
- ELEM
- Roadmap projects
- Fedora Security Data API
- Red Container
- Kali is great, the world doesn’t need another security distro
- OCI makes packaging efforts obsolete
- PTES
- Spoke with David Kennedy (cofounder), who keynoted our Defense in Depth event this week
- We’re going to work with the project, no need to fork
- Plan to migrate to GitHub / RTD interface
- Next touchpoint is late October, should have an update by next SIG meeting
- Reference Architectures
- Two planned
- Using GitHub / RTD for this as well to support collaboration
- Definition of Cyber Range
- About 50% complete
- Much of the diagrams and copy can be taken from proposals we’ve written
- Next-Generation Malware Analysis
- Also about 50% complete
- Can re-use proposal work
- For each, targeting similar structure to NIST SP800-145
- Essential characteristics
- Deployment models
- Service models
- Should be active by next SIG meeting
- Pen tests
- Eclipse Foundation
- Partner closely with them on other topics, JEE, Geospatial
- Started coordination with Eclipse for a pro bono pen test
- Need to pick this back up
- Plan to use this to flesh out PTES needed updates
- Will open source pen test report after findings are remediated
- Looking for other clients who would like a pen test so we can better update PTES
- Eclipse Foundation
- Team to-do
- Order swag, looking for recommendations, probably hats
- Need to get team calendar set up
Minutes
TBD