SlideShare a Scribd company logo

Monitoramento de Vulnerabilidades com Zabbix, RHEL e Yum Security Plugin

Alessandro Silva
Alessandro Silva

Vulnerabilidade é uma falha no desenvolvimento de software que pode ser explorada por um potencial atacante para ganhar acesso à sua rede ou sistema. O uso de serviços mal configurados, senhas fracas e a presença de pacotes que contenham bugs ou falhas de segurança são brechas que podem ser exploradas a qualquer momento. O Zabbix Security Insights é uma solução que implementa o monitoramento de vulnerabilidades usando o Zabbix, o recurso nativo conhecido como UserParameter e o plugin de segurança do Yum, disponível no Red Hat Enterprise Linux/CentOS/Fedora e distribuições derivadas, para coletar informações sobre as vulnerabilidades e posteriormente gerar um dashboard com visões de segurança, para o melhor gerenciamento e conformidade. Através de uma apresentação e posteriormente uma demo, Administradores de Sistemas e Gestores de TI serão capazes de entender como usar a solução Zabbix Security Insights para monitorar proativamente as vulnerabilidades e minimizar o risco de possíveis invasões por falhas de segurança já conhecidas.

Technology
1 of 21
Zabbix Conference Latam 2016 Monitoring Vulnerabilities with Zabbix, RHEL and Yum Security Plugin Alessandro Silva Technical Account Manager, Red Hat alsilva@redhat.com Twitter: @alessssilva
Zabbix Conference Latam 2016 $ Who am I • Pós-graduando em Segurança da Informação – NCE/UFRJ • Mais de 12 anos na indústria de TI e 10 somente com Linux. • Certificações: • RHCE - Red Hat Certified Engineer • RHCSA em Openstack • LPIC-3 Core • LPIC-303 Security Specialist • Zabbix Certified Specialist • Desde 2011 trabalhando com Zabbix • Technical Account Manager na Red Hat • “Zabbix guy” na Red Hat
Zabbix Conference Latam 2016 Agenda • Vulnerabilidades, impactos e contramedidas • Por que monitorar vulnerabilidades? • Segurança do Produto • Como Zabbix pode nos ajudar? • A solução Enterprise e Open Source • Demo
Mas, afinal, o que é uma vulnerabilidade?
Zabbix Conference Latam 2016 CVE Common Vulnerabilities and Exposures • Formato padronizado para notificação e acompanhamento de questões de segurança relacionadas a software • Mantido pela empresa MITRE Corporation • Common Vulnerability Scoring System (CVSS) • Severidades: Crítica, Importante, Moderada e Baixa Vulnerabilidades 0 1000 2000 3000 4000 5000 6000 7000 8000 Número de Vulnerabilidades | Desde 1999 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 cve.mitre.org
Zabbix Conference Latam 2016 Resposta a Incidentes de Segurança • ERISI/CSIRT - Computer Security Incident Response Team ✔ Investiga e analisa questões relacionadas a segurança de software ✔ Analisa quais produtos são afetados, impactos e contramedidas • Publicação de erratas ✔ Severidades ✔ Impactos ✔ CVE
Zabbix Conference Latam 2016 Segurança do Produto • Red Hat Security Advisory (RHSA) • Red Hat Bug Fix Advisory (RHBA) • Red Hat Enhancement Advisory (RHEA) RHEL 6.0 RHEL 6.1 RHEL 6.2 RHEL 6.3 RHEL 6.4 0,0 1,0 2,0 3,0 4,0 5,0 6,0 7,0 8,0 9,0 Erratas de Segurança por mês Red Hat Enterprise Linux - Instalação default do Servidor Critica Importante Baixa/Moderada Sistema Operacional Errataspormês
Zabbix Conference Latam 2016 Segurança do Produto Red Hat Enterprise Linux 5 98% Das vulnerabilidades Críticas são corrigidos em 1 dia Red Hat Enterprise Linux 6 92% Das vulnerabilidades Críticas são corrigidos em 1 dia Red Hat Enterprise Linux 7 97% Das vulnerabilidades Críticas são corrigidos em 1 dia
Zabbix Conference Latam 2016 Mas, o que iremos monitorar? Servidores Físicos Eles ainda existem e precisam ser monitorados Servidores Virtuais Monitore servidores virtuais em qualquer hypervisor Monitore instâncias da nuvem Cloud servers, contêiners,...
Zabbix Conference Latam 2016 Por que Monitorar? Gerenciamento e compliance Manutenção do ciclo de vida Manter a vigilância na infraestrutura
Como o Zabbix pode ajudar?
Zabbix Conference Latam 2016 Usando o Zabbix para monitorar Notificações Controle Centralizado Configuração Status Checagens Monitoração SNMP Monitoração com agente Monitoração com ping e porta Dispositivos monitorados Dispositivos de rede Servidores com Agente Zabbix Servidores sem Agente Zabbix
Zabbix Conference Latam 2016 Zabbix + RHEL + Yum Security Plugin YUMYUM Security Plugin + +
Zabbix Conference Latam 2016 Implementação • Instalação do YUM security plugin • Agendar os relatórios de segurança no Cron • Estender o agente Zabbix via UserParameter • Criar o template RHN Security ✔ itens, triggers, gráficos, telas ... • Criar o script de checagem de vulnerabilidades
Zabbix Conference Latam 2016 YUM Security Plugin # yum install -y yum-plugin-security # yum updateinfo Loaded plugins: product-id, refresh-packagekit, rhnplugin, security, subscription-manager Updates Information Summary: available 42 Security notice(s) 5 Critical Security notice(s) 15 Important Security notice(s) 7 Low Security notice(s) 15 Moderate Security notice(s) 143 Bugfix notice(s) 13 Enhancement notice(s) updateinfo summary done # yum install -y yum-plugin-security # yum updateinfo Loaded plugins: product-id, refresh-packagekit, rhnplugin, security, subscription-manager Updates Information Summary: available 42 Security notice(s) 5 Critical Security notice(s) 15 Important Security notice(s) 7 Low Security notice(s) 15 Moderate Security notice(s) 143 Bugfix notice(s) 13 Enhancement notice(s) updateinfo summary done YUMYUM Security Plugin Gerando o Relatório de Segurança # crontab -e * 0 * * * yum updateinfo > $zbxlogdir/security-reports/sec-report
Zabbix Conference Latam 2016 Agente Zabbix Estendendo com UserParameter UserParameter=rhn.security,grep -m 1 "Security notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print"0"}' UserParameter=rhn.security.critical,grep "Critical Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.security.important,grep "Important Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.low,grep "Low Security" /var/log/zabbix/security-reports/sec- report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.moderate,grep "Moderate Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.bugfix,grep "Bugfix notice" /var/log/zabbix/security-reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.enhancement,grep "Enhancement notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security,grep -m 1 "Security notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print"0"}' UserParameter=rhn.security.critical,grep "Critical Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.security.important,grep "Important Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.low,grep "Low Security" /var/log/zabbix/security-reports/sec- report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.moderate,grep "Moderate Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.bugfix,grep "Bugfix notice" /var/log/zabbix/security-reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.enhancement,grep "Enhancement notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' $DIR/etc/zabbix_agentd.conf.d/zabbix_agentd.userparams.conf
Zabbix Conference Latam 2016 Relatório de Vulnerabilidades Vulnerabilidade Severidade Fix ---------------------- -------------------- ------------- CVE-2015-1781 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-7423 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2015-1473 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-1753 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4616 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4650 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2015-3276 Moderate/Sec. openldap-2.4.40-8.el7.x86_64 CVE-2015-3194 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3196 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3195 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-7575 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.2.x86_64 CVE-2016-0797 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0702 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0705 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0800 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2015-3197 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 Vulnerabilidade Severidade Fix ---------------------- -------------------- ------------- CVE-2015-1781 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-7423 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2015-1473 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-1753 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4616 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4650 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2015-3276 Moderate/Sec. openldap-2.4.40-8.el7.x86_64 CVE-2015-3194 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3196 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3195 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-7575 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.2.x86_64 CVE-2016-0797 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0702 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0705 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0800 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2015-3197 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 Gerando o Relatório de Vulnerabilidades: # crontab -e * 0 * * * yum updateinfo list cve > $zbxlogdir/security-reports/vuln-report
Zabbix Conference Latam 2016 Projeto está disponível • Template • Arquivos de configuração • Scripts https://github.com/alessssilva/zabbix/tree/master/zabbix-security-insights It's better to SHARE Your mother was right
DEMO
Zabbix Conference Latam 2016 Referências • Product Security Overview ✔ https://access.redhat.com/site/security/team/ • Red Hat Security Center ✔ https://access.redhat.com/security/ • Documentação oficial do Zabbix ✔ http://zabbix.com/documentation • Common Vulnerabilities and Exposure ✔ http://cve.mitre.org/
22INSERT DESIGNATOR, IF NEEDED OBRIGADO! plus.google.com/+Red Hat linkedin.com/company/red-h at youtube.com/user/RedHatVide os facebook.com/redhati nc twitter.com/RedHatNe ws

Recommended

Monitoramento de Aplicações Web Modernas com Zabbix
Monitoramento de Aplicações Web Modernas com ZabbixMonitoramento de Aplicações Web Modernas com Zabbix
Monitoramento de Aplicações Web Modernas com ZabbixAndré Déo
 
Active DirectoryでDHCPを使う ~DHCPサーバーとクライアントの設定~
Active DirectoryでDHCPを使う ~DHCPサーバーとクライアントの設定~Active DirectoryでDHCPを使う ~DHCPサーバーとクライアントの設定~
Active DirectoryでDHCPを使う ~DHCPサーバーとクライアントの設定~Michio Koyama
 
Workshop de Monitoramento com Zabbix e OCS
Workshop de Monitoramento com Zabbix e OCSWorkshop de Monitoramento com Zabbix e OCS
Workshop de Monitoramento com Zabbix e OCSLinux Solutions
 
SAN デザイン講座
SAN デザイン講座SAN デザイン講座
SAN デザイン講座Brocade
 
“見てわかる” ファイバーチャネルSAN基礎講座(第1弾)~まず理解しよう! 基本の “キ”~
“見てわかる” ファイバーチャネルSAN基礎講座(第1弾)~まず理解しよう! 基本の “キ”~“見てわかる” ファイバーチャネルSAN基礎講座(第1弾)~まず理解しよう! 基本の “キ”~
“見てわかる” ファイバーチャネルSAN基礎講座(第1弾)~まず理解しよう! 基本の “キ”~Brocade
 
【Zabbix2.0】snmpttによるトラップメッセージの編集 #Zabbix #自宅ラック勉強会
【Zabbix2.0】snmpttによるトラップメッセージの編集 #Zabbix #自宅ラック勉強会【Zabbix2.0】snmpttによるトラップメッセージの編集 #Zabbix #自宅ラック勉強会
【Zabbix2.0】snmpttによるトラップメッセージの編集 #Zabbix #自宅ラック勉強会真乙 九龍
 
How to migrate from Alfresco Search Services to Alfresco SearchEnterprise
How to migrate from Alfresco Search Services to Alfresco SearchEnterpriseHow to migrate from Alfresco Search Services to Alfresco SearchEnterprise
How to migrate from Alfresco Search Services to Alfresco SearchEnterpriseAngel Borroy López
 
“見てわかる” ファイバーチャネルSAN基礎講座(第3弾)~間違わない!FC SAN導入のヒントとコツ~
“見てわかる” ファイバーチャネルSAN基礎講座(第3弾)~間違わない!FC SAN導入のヒントとコツ~“見てわかる” ファイバーチャネルSAN基礎講座(第3弾)~間違わない!FC SAN導入のヒントとコツ~
“見てわかる” ファイバーチャネルSAN基礎講座(第3弾)~間違わない!FC SAN導入のヒントとコツ~Brocade
 

Recommended

Monitoramento de Aplicações Web Modernas com Zabbix
Monitoramento de Aplicações Web Modernas com ZabbixMonitoramento de Aplicações Web Modernas com Zabbix
Monitoramento de Aplicações Web Modernas com ZabbixAndré Déo
 
Active DirectoryでDHCPを使う ~DHCPサーバーとクライアントの設定~
Active DirectoryでDHCPを使う ~DHCPサーバーとクライアントの設定~Active DirectoryでDHCPを使う ~DHCPサーバーとクライアントの設定~
Active DirectoryでDHCPを使う ~DHCPサーバーとクライアントの設定~Michio Koyama
 
Workshop de Monitoramento com Zabbix e OCS
Workshop de Monitoramento com Zabbix e OCSWorkshop de Monitoramento com Zabbix e OCS
Workshop de Monitoramento com Zabbix e OCSLinux Solutions
 
SAN デザイン講座
SAN デザイン講座SAN デザイン講座
SAN デザイン講座Brocade
 
“見てわかる” ファイバーチャネルSAN基礎講座(第1弾)~まず理解しよう! 基本の “キ”~
“見てわかる” ファイバーチャネルSAN基礎講座(第1弾)~まず理解しよう! 基本の “キ”~“見てわかる” ファイバーチャネルSAN基礎講座(第1弾)~まず理解しよう! 基本の “キ”~
“見てわかる” ファイバーチャネルSAN基礎講座(第1弾)~まず理解しよう! 基本の “キ”~Brocade
 
【Zabbix2.0】snmpttによるトラップメッセージの編集 #Zabbix #自宅ラック勉強会
【Zabbix2.0】snmpttによるトラップメッセージの編集 #Zabbix #自宅ラック勉強会【Zabbix2.0】snmpttによるトラップメッセージの編集 #Zabbix #自宅ラック勉強会
【Zabbix2.0】snmpttによるトラップメッセージの編集 #Zabbix #自宅ラック勉強会真乙 九龍
 
How to migrate from Alfresco Search Services to Alfresco SearchEnterprise
How to migrate from Alfresco Search Services to Alfresco SearchEnterpriseHow to migrate from Alfresco Search Services to Alfresco SearchEnterprise
How to migrate from Alfresco Search Services to Alfresco SearchEnterpriseAngel Borroy López
 
“見てわかる” ファイバーチャネルSAN基礎講座(第3弾)~間違わない!FC SAN導入のヒントとコツ~
“見てわかる” ファイバーチャネルSAN基礎講座(第3弾)~間違わない!FC SAN導入のヒントとコツ~“見てわかる” ファイバーチャネルSAN基礎講座(第3弾)~間違わない!FC SAN導入のヒントとコツ~
“見てわかる” ファイバーチャネルSAN基礎講座(第3弾)~間違わない!FC SAN導入のヒントとコツ~Brocade
 
FCスイッチゾーニング設定ガイド
FCスイッチゾーニング設定ガイドFCスイッチゾーニング設定ガイド
FCスイッチゾーニング設定ガイドBrocade
 
Zabbix Performance Tuning
Zabbix Performance TuningZabbix Performance Tuning
Zabbix Performance TuningAlessandro Silva
 
“見てわかる” ファイバーチャネルSAN基礎講座(第5弾)~さあ、いよいよ、運用です!~
“見てわかる” ファイバーチャネルSAN基礎講座(第5弾)~さあ、いよいよ、運用です!~“見てわかる” ファイバーチャネルSAN基礎講座(第5弾)~さあ、いよいよ、運用です!~
“見てわかる” ファイバーチャネルSAN基礎講座(第5弾)~さあ、いよいよ、運用です!~Brocade
 
Next Generation Nexus 9000 Architecture
Next Generation Nexus 9000 ArchitectureNext Generation Nexus 9000 Architecture
Next Generation Nexus 9000 ArchitectureCisco Canada
 
“見てわかる”ファイバーチャネルSAN基礎講座(第6弾: 最終回)~困った時もこれで安心(?)、FC SANにおけるトラブルシューティングのコツとは??~
“見てわかる”ファイバーチャネルSAN基礎講座(第6弾: 最終回)~困った時もこれで安心(?)、FC SANにおけるトラブルシューティングのコツとは??~“見てわかる”ファイバーチャネルSAN基礎講座(第6弾: 最終回)~困った時もこれで安心(?)、FC SANにおけるトラブルシューティングのコツとは??~
“見てわかる”ファイバーチャネルSAN基礎講座(第6弾: 最終回)~困った時もこれで安心(?)、FC SANにおけるトラブルシューティングのコツとは??~Brocade
 
Monitoramento de Bancos de Dados MS SQL Server com Zabbix - SQL Technology Da...
Monitoramento de Bancos de Dados MS SQL Server com Zabbix - SQL Technology Da...Monitoramento de Bancos de Dados MS SQL Server com Zabbix - SQL Technology Da...
Monitoramento de Bancos de Dados MS SQL Server com Zabbix - SQL Technology Da...Patricia Ladislau Silva
 
“見てわかる” ファイバーチャネルSAN基礎講座(第2弾)~FC SAN設計における勘所とは?~
“見てわかる” ファイバーチャネルSAN基礎講座(第2弾)~FC SAN設計における勘所とは?~“見てわかる” ファイバーチャネルSAN基礎講座(第2弾)~FC SAN設計における勘所とは?~
“見てわかる” ファイバーチャネルSAN基礎講座(第2弾)~FC SAN設計における勘所とは?~Brocade
 
EMEA Airheads ClearPass guest with MAC- caching using Time Source
EMEA Airheads ClearPass guest with MAC- caching using Time SourceEMEA Airheads ClearPass guest with MAC- caching using Time Source
EMEA Airheads ClearPass guest with MAC- caching using Time SourceAruba, a Hewlett Packard Enterprise company
 
FC SAN Fabric環境におけるパフォーマンストラブルの対処法
FC SAN Fabric環境におけるパフォーマンストラブルの対処法FC SAN Fabric環境におけるパフォーマンストラブルの対処法
FC SAN Fabric環境におけるパフォーマンストラブルの対処法Brocade
 
【EX/QFX】JUNOS ハンズオントレーニング資料 EX/QFX シリーズ サービス ゲートウェイ コース
【EX/QFX】JUNOS ハンズオントレーニング資料 EX/QFX シリーズ サービス ゲートウェイ コース 【EX/QFX】JUNOS ハンズオントレーニング資料 EX/QFX シリーズ サービス ゲートウェイ コース
【EX/QFX】JUNOS ハンズオントレーニング資料 EX/QFX シリーズ サービス ゲートウェイ コース Juniper Networks (日本)
 
Zabbix Performance Tuning
Zabbix Performance TuningZabbix Performance Tuning
Zabbix Performance TuningRicardo Santos
 
FCスイッチISL 追加削除時の考慮点
FCスイッチISL 追加削除時の考慮点FCスイッチISL 追加削除時の考慮点
FCスイッチISL 追加削除時の考慮点Brocade
 
Zabbixのパフォーマンスチューニング & インストール時の注意点
Zabbixのパフォーマンスチューニング & インストール時の注意点Zabbixのパフォーマンスチューニング & インストール時の注意点
Zabbixのパフォーマンスチューニング & インストール時の注意点Kodai Terashima
 
[AWSマイスターシリーズ] Amazon SQS / SNS
[AWSマイスターシリーズ] Amazon SQS / SNS[AWSマイスターシリーズ] Amazon SQS / SNS
[AWSマイスターシリーズ] Amazon SQS / SNSAmazon Web Services Japan
 
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for EveryoneAlexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for EveryoneZabbix
 
Cisco Modeling Labs (CML)を使ってネットワークを学ぼう!(応用編)
Cisco Modeling Labs (CML)を使ってネットワークを学ぼう!(応用編)Cisco Modeling Labs (CML)を使ってネットワークを学ぼう!(応用編)
Cisco Modeling Labs (CML)を使ってネットワークを学ぼう!(応用編)シスコシステムズ合同会社
 
ブロケード FC ファブリックスイッチオペレーション講座(前編)
ブロケード FC ファブリックスイッチオペレーション講座(前編)ブロケード FC ファブリックスイッチオペレーション講座(前編)
ブロケード FC ファブリックスイッチオペレーション講座(前編)Brocade
 
Palo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallPalo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallMundo Contact
 
今さら聞けない! Active Directoryドメインサービス入門
今さら聞けない! Active Directoryドメインサービス入門今さら聞けない! Active Directoryドメインサービス入門
今さら聞けない! Active Directoryドメインサービス入門Tetsuya Yokoyama
 
自宅ラック勉強会 2.2 夏のZabbix特別教室 ~構築編~
自宅ラック勉強会 2.2 夏のZabbix特別教室 ~構築編~自宅ラック勉強会 2.2 夏のZabbix特別教室 ~構築編~
自宅ラック勉強会 2.2 夏のZabbix特別教室 ~構築編~真乙 九龍
 
AppSec California 2016 - Making Security Agile
AppSec California 2016 - Making Security AgileAppSec California 2016 - Making Security Agile
AppSec California 2016 - Making Security AgileOleg Gryb
 
Pragmatic Pipeline Security
Pragmatic Pipeline SecurityPragmatic Pipeline Security
Pragmatic Pipeline SecurityJames Wickett
 

More Related Content

What's hot

FCスイッチゾーニング設定ガイド
FCスイッチゾーニング設定ガイドFCスイッチゾーニング設定ガイド
FCスイッチゾーニング設定ガイドBrocade
 
“見てわかる” ファイバーチャネルSAN基礎講座(第5弾)~さあ、いよいよ、運用です!~
“見てわかる” ファイバーチャネルSAN基礎講座(第5弾)~さあ、いよいよ、運用です!~“見てわかる” ファイバーチャネルSAN基礎講座(第5弾)~さあ、いよいよ、運用です!~
“見てわかる” ファイバーチャネルSAN基礎講座(第5弾)~さあ、いよいよ、運用です!~Brocade
 
Next Generation Nexus 9000 Architecture
Next Generation Nexus 9000 ArchitectureNext Generation Nexus 9000 Architecture
Next Generation Nexus 9000 ArchitectureCisco Canada
 
“見てわかる”ファイバーチャネルSAN基礎講座(第6弾: 最終回)~困った時もこれで安心(?)、FC SANにおけるトラブルシューティングのコツとは??~
“見てわかる”ファイバーチャネルSAN基礎講座(第6弾: 最終回)~困った時もこれで安心(?)、FC SANにおけるトラブルシューティングのコツとは??~“見てわかる”ファイバーチャネルSAN基礎講座(第6弾: 最終回)~困った時もこれで安心(?)、FC SANにおけるトラブルシューティングのコツとは??~
“見てわかる”ファイバーチャネルSAN基礎講座(第6弾: 最終回)~困った時もこれで安心(?)、FC SANにおけるトラブルシューティングのコツとは??~Brocade
 
Monitoramento de Bancos de Dados MS SQL Server com Zabbix - SQL Technology Da...
Monitoramento de Bancos de Dados MS SQL Server com Zabbix - SQL Technology Da...Monitoramento de Bancos de Dados MS SQL Server com Zabbix - SQL Technology Da...
Monitoramento de Bancos de Dados MS SQL Server com Zabbix - SQL Technology Da...Patricia Ladislau Silva
 
“見てわかる” ファイバーチャネルSAN基礎講座(第2弾)~FC SAN設計における勘所とは?~
“見てわかる” ファイバーチャネルSAN基礎講座(第2弾)~FC SAN設計における勘所とは?~“見てわかる” ファイバーチャネルSAN基礎講座(第2弾)~FC SAN設計における勘所とは?~
“見てわかる” ファイバーチャネルSAN基礎講座(第2弾)~FC SAN設計における勘所とは?~Brocade
 
FC SAN Fabric環境におけるパフォーマンストラブルの対処法
FC SAN Fabric環境におけるパフォーマンストラブルの対処法FC SAN Fabric環境におけるパフォーマンストラブルの対処法
FC SAN Fabric環境におけるパフォーマンストラブルの対処法Brocade
 
【EX/QFX】JUNOS ハンズオントレーニング資料 EX/QFX シリーズ サービス ゲートウェイ コース
【EX/QFX】JUNOS ハンズオントレーニング資料 EX/QFX シリーズ サービス ゲートウェイ コース 【EX/QFX】JUNOS ハンズオントレーニング資料 EX/QFX シリーズ サービス ゲートウェイ コース
【EX/QFX】JUNOS ハンズオントレーニング資料 EX/QFX シリーズ サービス ゲートウェイ コース Juniper Networks (日本)
 
Zabbix Performance Tuning
Zabbix Performance TuningZabbix Performance Tuning
Zabbix Performance TuningRicardo Santos
 
FCスイッチISL 追加削除時の考慮点
FCスイッチISL 追加削除時の考慮点FCスイッチISL 追加削除時の考慮点
FCスイッチISL 追加削除時の考慮点Brocade
 
Zabbixのパフォーマンスチューニング & インストール時の注意点
Zabbixのパフォーマンスチューニング & インストール時の注意点Zabbixのパフォーマンスチューニング & インストール時の注意点
Zabbixのパフォーマンスチューニング & インストール時の注意点Kodai Terashima
 
[AWSマイスターシリーズ] Amazon SQS / SNS
[AWSマイスターシリーズ] Amazon SQS / SNS[AWSマイスターシリーズ] Amazon SQS / SNS
[AWSマイスターシリーズ] Amazon SQS / SNSAmazon Web Services Japan
 
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for EveryoneAlexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for EveryoneZabbix
 
Cisco Modeling Labs (CML)を使ってネットワークを学ぼう!(応用編)
Cisco Modeling Labs (CML)を使ってネットワークを学ぼう!(応用編)Cisco Modeling Labs (CML)を使ってネットワークを学ぼう!(応用編)
Cisco Modeling Labs (CML)を使ってネットワークを学ぼう!(応用編)シスコシステムズ合同会社
 
ブロケード FC ファブリックスイッチオペレーション講座(前編)
ブロケード FC ファブリックスイッチオペレーション講座(前編)ブロケード FC ファブリックスイッチオペレーション講座(前編)
ブロケード FC ファブリックスイッチオペレーション講座(前編)Brocade
 
Palo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallPalo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallMundo Contact
 
今さら聞けない! Active Directoryドメインサービス入門
今さら聞けない! Active Directoryドメインサービス入門今さら聞けない! Active Directoryドメインサービス入門
今さら聞けない! Active Directoryドメインサービス入門Tetsuya Yokoyama
 
自宅ラック勉強会 2.2 夏のZabbix特別教室 ~構築編~
自宅ラック勉強会 2.2 夏のZabbix特別教室 ~構築編~自宅ラック勉強会 2.2 夏のZabbix特別教室 ~構築編~
自宅ラック勉強会 2.2 夏のZabbix特別教室 ~構築編~真乙 九龍
 

What's hot (20)

FCスイッチゾーニング設定ガイド
FCスイッチゾーニング設定ガイドFCスイッチゾーニング設定ガイド
FCスイッチゾーニング設定ガイド
 
Zabbix Performance Tuning
Zabbix Performance TuningZabbix Performance Tuning
Zabbix Performance Tuning
 
“見てわかる” ファイバーチャネルSAN基礎講座(第5弾)~さあ、いよいよ、運用です!~
“見てわかる” ファイバーチャネルSAN基礎講座(第5弾)~さあ、いよいよ、運用です!~“見てわかる” ファイバーチャネルSAN基礎講座(第5弾)~さあ、いよいよ、運用です!~
“見てわかる” ファイバーチャネルSAN基礎講座(第5弾)~さあ、いよいよ、運用です!~
 
Next Generation Nexus 9000 Architecture
Next Generation Nexus 9000 ArchitectureNext Generation Nexus 9000 Architecture
Next Generation Nexus 9000 Architecture
 
“見てわかる”ファイバーチャネルSAN基礎講座(第6弾: 最終回)~困った時もこれで安心(?)、FC SANにおけるトラブルシューティングのコツとは??~
“見てわかる”ファイバーチャネルSAN基礎講座(第6弾: 最終回)~困った時もこれで安心(?)、FC SANにおけるトラブルシューティングのコツとは??~“見てわかる”ファイバーチャネルSAN基礎講座(第6弾: 最終回)~困った時もこれで安心(?)、FC SANにおけるトラブルシューティングのコツとは??~
“見てわかる”ファイバーチャネルSAN基礎講座(第6弾: 最終回)~困った時もこれで安心(?)、FC SANにおけるトラブルシューティングのコツとは??~
 
Monitoramento de Bancos de Dados MS SQL Server com Zabbix - SQL Technology Da...
Monitoramento de Bancos de Dados MS SQL Server com Zabbix - SQL Technology Da...Monitoramento de Bancos de Dados MS SQL Server com Zabbix - SQL Technology Da...
Monitoramento de Bancos de Dados MS SQL Server com Zabbix - SQL Technology Da...
 
“見てわかる” ファイバーチャネルSAN基礎講座(第2弾)~FC SAN設計における勘所とは?~
“見てわかる” ファイバーチャネルSAN基礎講座(第2弾)~FC SAN設計における勘所とは?~“見てわかる” ファイバーチャネルSAN基礎講座(第2弾)~FC SAN設計における勘所とは?~
“見てわかる” ファイバーチャネルSAN基礎講座(第2弾)~FC SAN設計における勘所とは?~
 
EMEA Airheads ClearPass guest with MAC- caching using Time Source
EMEA Airheads ClearPass guest with MAC- caching using Time SourceEMEA Airheads ClearPass guest with MAC- caching using Time Source
EMEA Airheads ClearPass guest with MAC- caching using Time Source
 
FC SAN Fabric環境におけるパフォーマンストラブルの対処法
FC SAN Fabric環境におけるパフォーマンストラブルの対処法FC SAN Fabric環境におけるパフォーマンストラブルの対処法
FC SAN Fabric環境におけるパフォーマンストラブルの対処法
 
【EX/QFX】JUNOS ハンズオントレーニング資料 EX/QFX シリーズ サービス ゲートウェイ コース
【EX/QFX】JUNOS ハンズオントレーニング資料 EX/QFX シリーズ サービス ゲートウェイ コース 【EX/QFX】JUNOS ハンズオントレーニング資料 EX/QFX シリーズ サービス ゲートウェイ コース
【EX/QFX】JUNOS ハンズオントレーニング資料 EX/QFX シリーズ サービス ゲートウェイ コース
 
Zabbix Performance Tuning
Zabbix Performance TuningZabbix Performance Tuning
Zabbix Performance Tuning
 
FCスイッチISL 追加削除時の考慮点
FCスイッチISL 追加削除時の考慮点FCスイッチISL 追加削除時の考慮点
FCスイッチISL 追加削除時の考慮点
 
Zabbixのパフォーマンスチューニング & インストール時の注意点
Zabbixのパフォーマンスチューニング & インストール時の注意点Zabbixのパフォーマンスチューニング & インストール時の注意点
Zabbixのパフォーマンスチューニング & インストール時の注意点
 
[AWSマイスターシリーズ] Amazon SQS / SNS
[AWSマイスターシリーズ] Amazon SQS / SNS[AWSマイスターシリーズ] Amazon SQS / SNS
[AWSマイスターシリーズ] Amazon SQS / SNS
 
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for EveryoneAlexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
 
Cisco Modeling Labs (CML)を使ってネットワークを学ぼう!(応用編)
Cisco Modeling Labs (CML)を使ってネットワークを学ぼう!(応用編)Cisco Modeling Labs (CML)を使ってネットワークを学ぼう!(応用編)
Cisco Modeling Labs (CML)を使ってネットワークを学ぼう!(応用編)
 
ブロケード FC ファブリックスイッチオペレーション講座(前編)
ブロケード FC ファブリックスイッチオペレーション講座(前編)ブロケード FC ファブリックスイッチオペレーション講座(前編)
ブロケード FC ファブリックスイッチオペレーション講座(前編)
 
Palo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallPalo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation Firewall
 
今さら聞けない! Active Directoryドメインサービス入門
今さら聞けない! Active Directoryドメインサービス入門今さら聞けない! Active Directoryドメインサービス入門
今さら聞けない! Active Directoryドメインサービス入門
 
自宅ラック勉強会 2.2 夏のZabbix特別教室 ~構築編~
自宅ラック勉強会 2.2 夏のZabbix特別教室 ~構築編~自宅ラック勉強会 2.2 夏のZabbix特別教室 ~構築編~
自宅ラック勉強会 2.2 夏のZabbix特別教室 ~構築編~
 

Similar to Monitoramento de Vulnerabilidades com Zabbix, RHEL e Yum Security Plugin

AppSec California 2016 - Making Security Agile
AppSec California 2016 - Making Security AgileAppSec California 2016 - Making Security Agile
AppSec California 2016 - Making Security AgileOleg Gryb
 
Pragmatic Pipeline Security
Pragmatic Pipeline SecurityPragmatic Pipeline Security
Pragmatic Pipeline SecurityJames Wickett
 
Alexey Kupriyanenko "Release Early, Often, Stable"
Alexey Kupriyanenko "Release Early, Often, Stable"Alexey Kupriyanenko "Release Early, Often, Stable"
Alexey Kupriyanenko "Release Early, Often, Stable"Fwdays
 
InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020Mandi Walls
 
Blue Teamin' on a Budget [of zero]
Blue Teamin' on a Budget [of zero]Blue Teamin' on a Budget [of zero]
Blue Teamin' on a Budget [of zero]Kyle Bubp
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Softwaredefconmoscow
 
Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration Amazon Web Services
 
2013-06-12 Compliance Made Easy, Red Hat Summit 2013
2013-06-12 Compliance Made Easy, Red Hat Summit 20132013-06-12 Compliance Made Easy, Red Hat Summit 2013
2013-06-12 Compliance Made Easy, Red Hat Summit 2013Shawn Wells
 
2015-06-25 Red Hat Summit 2015 - Security Compliance Made Easy
2015-06-25 Red Hat Summit 2015 - Security Compliance Made Easy2015-06-25 Red Hat Summit 2015 - Security Compliance Made Easy
2015-06-25 Red Hat Summit 2015 - Security Compliance Made EasyShawn Wells
 
Sensu and Sensibility - Puppetconf 2014
Sensu and Sensibility - Puppetconf 2014Sensu and Sensibility - Puppetconf 2014
Sensu and Sensibility - Puppetconf 2014Tomas Doran
 
AWS Loft Talk: Behind the Scenes with SignalFx
AWS Loft Talk: Behind the Scenes with SignalFxAWS Loft Talk: Behind the Scenes with SignalFx
AWS Loft Talk: Behind the Scenes with SignalFxSignalFx
 
Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Canturk Isci
 
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAPKontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAPQAware GmbH
 
2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...
2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...
2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...Lucy Huh Kerner
 
Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...
Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...
Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...QAware GmbH
 
SAP (in)security: New and best
SAP (in)security: New and bestSAP (in)security: New and best
SAP (in)security: New and bestERPScan
 
DevOpsDays Singapore - Continuous Auditing with Compliance as Code
DevOpsDays Singapore - Continuous Auditing with Compliance as CodeDevOpsDays Singapore - Continuous Auditing with Compliance as Code
DevOpsDays Singapore - Continuous Auditing with Compliance as CodeMatt Ray
 

Similar to Monitoramento de Vulnerabilidades com Zabbix, RHEL e Yum Security Plugin (20)

AppSec California 2016 - Making Security Agile
AppSec California 2016 - Making Security AgileAppSec California 2016 - Making Security Agile
AppSec California 2016 - Making Security Agile
 
Pragmatic Pipeline Security
Pragmatic Pipeline SecurityPragmatic Pipeline Security
Pragmatic Pipeline Security
 
Alexey Kupriyanenko "Release Early, Often, Stable"
Alexey Kupriyanenko "Release Early, Often, Stable"Alexey Kupriyanenko "Release Early, Often, Stable"
Alexey Kupriyanenko "Release Early, Often, Stable"
 
Effective DevSecOps
Effective DevSecOpsEffective DevSecOps
Effective DevSecOps
 
InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020
 
Blue Teamin' on a Budget [of zero]
Blue Teamin' on a Budget [of zero]Blue Teamin' on a Budget [of zero]
Blue Teamin' on a Budget [of zero]
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Software
 
Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration Continuous Delivery, Continuous Integration
Continuous Delivery, Continuous Integration
 
SAST Code Security Advisor for SAP [Webinar]
SAST Code Security Advisor for SAP [Webinar]SAST Code Security Advisor for SAP [Webinar]
SAST Code Security Advisor for SAP [Webinar]
 
2013-06-12 Compliance Made Easy, Red Hat Summit 2013
2013-06-12 Compliance Made Easy, Red Hat Summit 20132013-06-12 Compliance Made Easy, Red Hat Summit 2013
2013-06-12 Compliance Made Easy, Red Hat Summit 2013
 
2015-06-25 Red Hat Summit 2015 - Security Compliance Made Easy
2015-06-25 Red Hat Summit 2015 - Security Compliance Made Easy2015-06-25 Red Hat Summit 2015 - Security Compliance Made Easy
2015-06-25 Red Hat Summit 2015 - Security Compliance Made Easy
 
Sensu and Sensibility - Puppetconf 2014
Sensu and Sensibility - Puppetconf 2014Sensu and Sensibility - Puppetconf 2014
Sensu and Sensibility - Puppetconf 2014
 
AWS Loft Talk: Behind the Scenes with SignalFx
AWS Loft Talk: Behind the Scenes with SignalFxAWS Loft Talk: Behind the Scenes with SignalFx
AWS Loft Talk: Behind the Scenes with SignalFx
 
Security in open source projects
Security in open source projectsSecurity in open source projects
Security in open source projects
 
Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016Agentless System Crawler - InterConnect 2016
Agentless System Crawler - InterConnect 2016
 
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAPKontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
 
2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...
2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...
2017 Red Hat Summit Lab: Proactive security compliance automation with Red Ha...
 
Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...
Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...
Time to Shift Left - Unkomplizierte Security Tools und Technologien für den E...
 
SAP (in)security: New and best
SAP (in)security: New and bestSAP (in)security: New and best
SAP (in)security: New and best
 
DevOpsDays Singapore - Continuous Auditing with Compliance as Code
DevOpsDays Singapore - Continuous Auditing with Compliance as CodeDevOpsDays Singapore - Continuous Auditing with Compliance as Code
DevOpsDays Singapore - Continuous Auditing with Compliance as Code
 

Recently uploaded

Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 

Recently uploaded (20)

Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 

Monitoramento de Vulnerabilidades com Zabbix, RHEL e Yum Security Plugin

  • 1. Zabbix Conference Latam 2016 Monitoring Vulnerabilities with Zabbix, RHEL and Yum Security Plugin Alessandro Silva Technical Account Manager, Red Hat alsilva@redhat.com Twitter: @alessssilva
  • 2. Zabbix Conference Latam 2016 $ Who am I • Pós-graduando em Segurança da Informação – NCE/UFRJ • Mais de 12 anos na indústria de TI e 10 somente com Linux. • Certificações: • RHCE - Red Hat Certified Engineer • RHCSA em Openstack • LPIC-3 Core • LPIC-303 Security Specialist • Zabbix Certified Specialist • Desde 2011 trabalhando com Zabbix • Technical Account Manager na Red Hat • “Zabbix guy” na Red Hat
  • 3. Zabbix Conference Latam 2016 Agenda • Vulnerabilidades, impactos e contramedidas • Por que monitorar vulnerabilidades? • Segurança do Produto • Como Zabbix pode nos ajudar? • A solução Enterprise e Open Source • Demo
  • 4. Mas, afinal, o que é uma vulnerabilidade?
  • 5. Zabbix Conference Latam 2016 CVE Common Vulnerabilities and Exposures • Formato padronizado para notificação e acompanhamento de questões de segurança relacionadas a software • Mantido pela empresa MITRE Corporation • Common Vulnerability Scoring System (CVSS) • Severidades: Crítica, Importante, Moderada e Baixa Vulnerabilidades 0 1000 2000 3000 4000 5000 6000 7000 8000 Número de Vulnerabilidades | Desde 1999 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 cve.mitre.org
  • 6. Zabbix Conference Latam 2016 Resposta a Incidentes de Segurança • ERISI/CSIRT - Computer Security Incident Response Team ✔ Investiga e analisa questões relacionadas a segurança de software ✔ Analisa quais produtos são afetados, impactos e contramedidas • Publicação de erratas ✔ Severidades ✔ Impactos ✔ CVE
  • 7. Zabbix Conference Latam 2016 Segurança do Produto • Red Hat Security Advisory (RHSA) • Red Hat Bug Fix Advisory (RHBA) • Red Hat Enhancement Advisory (RHEA) RHEL 6.0 RHEL 6.1 RHEL 6.2 RHEL 6.3 RHEL 6.4 0,0 1,0 2,0 3,0 4,0 5,0 6,0 7,0 8,0 9,0 Erratas de Segurança por mês Red Hat Enterprise Linux - Instalação default do Servidor Critica Importante Baixa/Moderada Sistema Operacional Errataspormês
  • 8. Zabbix Conference Latam 2016 Segurança do Produto Red Hat Enterprise Linux 5 98% Das vulnerabilidades Críticas são corrigidos em 1 dia Red Hat Enterprise Linux 6 92% Das vulnerabilidades Críticas são corrigidos em 1 dia Red Hat Enterprise Linux 7 97% Das vulnerabilidades Críticas são corrigidos em 1 dia
  • 9. Zabbix Conference Latam 2016 Mas, o que iremos monitorar? Servidores Físicos Eles ainda existem e precisam ser monitorados Servidores Virtuais Monitore servidores virtuais em qualquer hypervisor Monitore instâncias da nuvem Cloud servers, contêiners,...
  • 10. Zabbix Conference Latam 2016 Por que Monitorar? Gerenciamento e compliance Manutenção do ciclo de vida Manter a vigilância na infraestrutura
  • 11. Como o Zabbix pode ajudar?
  • 12. Zabbix Conference Latam 2016 Usando o Zabbix para monitorar Notificações Controle Centralizado Configuração Status Checagens Monitoração SNMP Monitoração com agente Monitoração com ping e porta Dispositivos monitorados Dispositivos de rede Servidores com Agente Zabbix Servidores sem Agente Zabbix
  • 13. Zabbix Conference Latam 2016 Zabbix + RHEL + Yum Security Plugin YUMYUM Security Plugin + +
  • 14. Zabbix Conference Latam 2016 Implementação • Instalação do YUM security plugin • Agendar os relatórios de segurança no Cron • Estender o agente Zabbix via UserParameter • Criar o template RHN Security ✔ itens, triggers, gráficos, telas ... • Criar o script de checagem de vulnerabilidades
  • 15. Zabbix Conference Latam 2016 YUM Security Plugin # yum install -y yum-plugin-security # yum updateinfo Loaded plugins: product-id, refresh-packagekit, rhnplugin, security, subscription-manager Updates Information Summary: available 42 Security notice(s) 5 Critical Security notice(s) 15 Important Security notice(s) 7 Low Security notice(s) 15 Moderate Security notice(s) 143 Bugfix notice(s) 13 Enhancement notice(s) updateinfo summary done # yum install -y yum-plugin-security # yum updateinfo Loaded plugins: product-id, refresh-packagekit, rhnplugin, security, subscription-manager Updates Information Summary: available 42 Security notice(s) 5 Critical Security notice(s) 15 Important Security notice(s) 7 Low Security notice(s) 15 Moderate Security notice(s) 143 Bugfix notice(s) 13 Enhancement notice(s) updateinfo summary done YUMYUM Security Plugin Gerando o Relatório de Segurança # crontab -e * 0 * * * yum updateinfo > $zbxlogdir/security-reports/sec-report
  • 16. Zabbix Conference Latam 2016 Agente Zabbix Estendendo com UserParameter UserParameter=rhn.security,grep -m 1 "Security notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print"0"}' UserParameter=rhn.security.critical,grep "Critical Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.security.important,grep "Important Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.low,grep "Low Security" /var/log/zabbix/security-reports/sec- report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.moderate,grep "Moderate Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.bugfix,grep "Bugfix notice" /var/log/zabbix/security-reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.enhancement,grep "Enhancement notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security,grep -m 1 "Security notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print"0"}' UserParameter=rhn.security.critical,grep "Critical Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.security.important,grep "Important Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.low,grep "Low Security" /var/log/zabbix/security-reports/sec- report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.security.moderate,grep "Moderate Security" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR)print "0"}' UserParameter=rhn.bugfix,grep "Bugfix notice" /var/log/zabbix/security-reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' UserParameter=rhn.enhancement,grep "Enhancement notice" /var/log/zabbix/security- reports/sec-report | awk '{print $1} END { if (!NR) print "0"}' $DIR/etc/zabbix_agentd.conf.d/zabbix_agentd.userparams.conf
  • 17. Zabbix Conference Latam 2016 Relatório de Vulnerabilidades Vulnerabilidade Severidade Fix ---------------------- -------------------- ------------- CVE-2015-1781 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-7423 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2015-1473 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-1753 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4616 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4650 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2015-3276 Moderate/Sec. openldap-2.4.40-8.el7.x86_64 CVE-2015-3194 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3196 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3195 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-7575 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.2.x86_64 CVE-2016-0797 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0702 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0705 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0800 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2015-3197 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 Vulnerabilidade Severidade Fix ---------------------- -------------------- ------------- CVE-2015-1781 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-7423 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2015-1473 Moderate/Sec. glibc-2.17-105.el7.x86_64 CVE-2013-1753 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4616 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2014-4650 Moderate/Sec. python-2.7.5-34.el7.x86_64 CVE-2015-3276 Moderate/Sec. openldap-2.4.40-8.el7.x86_64 CVE-2015-3194 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3196 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-3195 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.1.x86_64 CVE-2015-7575 Moderate/Sec. openssl-libs-1:1.0.1e-51.el7_2.2.x86_64 CVE-2016-0797 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0702 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0705 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2016-0800 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 CVE-2015-3197 Important/Sec. openssl-libs-1:1.0.1e-51.el7_2.4.x86_64 Gerando o Relatório de Vulnerabilidades: # crontab -e * 0 * * * yum updateinfo list cve > $zbxlogdir/security-reports/vuln-report
  • 18. Zabbix Conference Latam 2016 Projeto está disponível • Template • Arquivos de configuração • Scripts https://github.com/alessssilva/zabbix/tree/master/zabbix-security-insights It's better to SHARE Your mother was right
  • 19. DEMO
  • 20. Zabbix Conference Latam 2016 Referências • Product Security Overview ✔ https://access.redhat.com/site/security/team/ • Red Hat Security Center ✔ https://access.redhat.com/security/ • Documentação oficial do Zabbix ✔ http://zabbix.com/documentation • Common Vulnerabilities and Exposure ✔ http://cve.mitre.org/
  • 21. 22INSERT DESIGNATOR, IF NEEDED OBRIGADO! plus.google.com/+Red Hat linkedin.com/company/red-h at youtube.com/user/RedHatVide os facebook.com/redhati nc twitter.com/RedHatNe ws