nimbus
nimbus copied to clipboard
5GSEC
Intent driven security automation framework
## Description Fixes #89 **Does this PR introduce a breaking change?** ## Checklist - [x] PR title follows the `: ` convention - [ ] I use [conventional commits](https://www.conventionalcommits.org/) in...
## Description This PR introduces the e2e tests for the separate adapters. Fixes #95 **Does this PR introduce a breaking change?** ## Checklist - [x] PR title follows the `:...
The following intents might be part of this: - WAF More details needed here..
Generate zero-trust policies generated by the discovery engine based on application behaviour The attacks that can be mitigated are: - Exploit public-facing applications - Registration of malicious network functions -...
More details needed here.. 2. Software Deployment Tools 3. Exploit Public-Facing Application 4. Compromise Software Supply Chain 5. Standard Application Layer Protocol 6. Adversary-in-the-Middle 7. Service Based Interface 8. Transmitted...
More clarity is needed on the CVE Adapter usecase for Exploit public facing applications. Also, a high level design needs to be provided so that the implementation can be taken...
M1051 is "Update Software Regularly". Virtual Patch is an intermediate step before the actual update. There is a set of annotations (CVEs) on the pods Nimbus can look at the...
We need to prepare bundles of intents based on Vertical - such as ORAN https://docs.google.com/document/d/14ospxaiiXTcyZ47aWfUt0_OW9jbqc2xQmyM17Q1zp9A/edit There are two work items here - Frontend, Backend. This backlog item is for the...
Ensure that DNS traffic is always forwarded to kube-dns-service
Data exfiltration can occur through malicious domain names Using CiliumNetworkPolicy we can specify a fqdn whitelist as a CRD. The destination DNS requests should be restricted to this whitelist This...