Adding info on syntribos and a trivial change
- Adding info on syntribos to the section on security tools - Rearranging sections for Bandit and Anchor in the alphabetical order. Change-Id: Ia68a02dffe95c4f22bd48fa5e84d00b8dba53ed1
This commit is contained in:
parent
b66d1a115d
commit
87d5728b67
|
@ -219,6 +219,20 @@ The Security project are constantly looking at ways to introduce tooling and
|
||||||
automation to improve the overall security of OpenStack projects. Some of these
|
automation to improve the overall security of OpenStack projects. Some of these
|
||||||
projects are outlined below.
|
projects are outlined below.
|
||||||
|
|
||||||
|
Anchor - ephemeral PKI
|
||||||
|
^^^^^^^^^^^^^^^^^^^^^^
|
||||||
|
|
||||||
|
Anchor is a lightweight, open source, Public Key Infrastructure (PKI), which
|
||||||
|
uses automated provisioning of short-term certificates to enable cryptographic
|
||||||
|
trust in OpenStack services. Certificates are typically valid for 12-24 hours
|
||||||
|
and are issued based on the result from a policy enforcing decision engine.
|
||||||
|
Short term certificates enable passive revocation, to bypass the issues with
|
||||||
|
the traditional revocation mechanisms used in most PKI deployments.
|
||||||
|
|
||||||
|
* `Anchor Git Repository <https://git.openstack.org/cgit/openstack/anchor>`_
|
||||||
|
* `Anchor Gerrit <https://review.openstack.org/#/q/anchor,n,z>`_
|
||||||
|
* `Anchor Launchpad <https://bugs.launchpad.net/anchor>`_
|
||||||
|
|
||||||
Bandit - static analysis for Python
|
Bandit - static analysis for Python
|
||||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||||
|
|
||||||
|
@ -243,16 +257,23 @@ and configuration.
|
||||||
* `Bandit Gerrit <https://review.openstack.org/#/q/bandit,n,z>`_
|
* `Bandit Gerrit <https://review.openstack.org/#/q/bandit,n,z>`_
|
||||||
* `Bandit Launchpad <https://bugs.launchpad.net/bandit>`_
|
* `Bandit Launchpad <https://bugs.launchpad.net/bandit>`_
|
||||||
|
|
||||||
Anchor - ephemeral PKI
|
Syntribos - Python API security testing tool
|
||||||
^^^^^^^^^^^^^^^^^^^^^^
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||||
|
|
||||||
Anchor is a lightweight, open source, Public Key Infrastructure (PKI), which
|
Syntribos is an open source automated API security testing tool that is
|
||||||
uses automated provisioning of short-term certificates to enable cryptographic
|
maintained by members of the `OpenStack Security Project <https://wiki.openstack.org/wiki/Security>`_.
|
||||||
trust in OpenStack services. Certificates are typically valid for 12-24 hours
|
|
||||||
and are issued based on the result from a policy enforcing decision engine.
|
|
||||||
Short term certificates enable passive revocation, to bypass the issues with
|
|
||||||
the traditional revocation mechanisms used in most PKI deployments.
|
|
||||||
|
|
||||||
* `Anchor Git Repository <https://git.openstack.org/cgit/openstack/anchor>`_
|
Given a simple configuration file and an example HTTP request, syntribos
|
||||||
* `Anchor Gerrit <https://review.openstack.org/#/q/anchor,n,z>`_
|
can replace any API URL, URL parameter, HTTP header and request body
|
||||||
* `Anchor Launchpad <https://bugs.launchpad.net/anchor>`_
|
field with a given set of strings. Syntribos iterates through each position
|
||||||
|
in the request automatically. The tool aims to automatically detect common
|
||||||
|
security defects such as SQL injection, LDAP injection, buffer overflow, etc.
|
||||||
|
In addition, it can be used to help identify new security defects
|
||||||
|
by automated fuzzing.
|
||||||
|
|
||||||
|
Syntribos can be installed directly from `pypi with pip <https://pypi.python.org/pypi/pip>`_.
|
||||||
|
|
||||||
|
* `Syntribos developer documentation <http://docs.openstack.org/developer/syntribos/>`_
|
||||||
|
* `Syntribos Git Repository <https://git.openstack.org/cgit/openstack/syntribos>`_
|
||||||
|
* `Syntribos Gerrit <https://review.openstack.org/#/q/syntribos,n,z>`_
|
||||||
|
* `Syntribos Launchpad <https://bugs.launchpad.net/syntribos>`_
|
||||||
|
|
Loading…
Reference in New Issue