nimbus
nimbus copied to clipboard
5GSEC
Intent driven security automation framework
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. Release notes Sourced from github/codeql-action's releases. CodeQL Bundle v2.17.3 Bundles CodeQL CLI v2.17.3 (changelog, release) Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.17.3: codeql/cpp-queries...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Mitigates these techniques - Unauthorized access to Network Exposure Function (NEF) via token fraud - Radio control manipulation via rogue xApps Implemented by the KubeArmor Adapter
Use turnip for suspicious IP detection This intent is fulfilled by dev2. So, we need an adapter to interface to dev2
An adversary can piggyback user data within DNS requests, so that the DNS server retrieves the user data for further processing. The detection technique involves logging the DNS requests The...
DS0022: is a FIle data source. Using this intent, following techniques are mitigated - Supply Chain compromise - Software Deployment tools - gNodeB component manipulation - Pre-OS Boot - Multiple...
This work item needs review from the NSF team as jaehyun is also working on eBPF based monitoring of HTTP: API Logging Intent can detect below techniques - Unauthorized access...
k8tls enhancements for FIPS compliance are work item in the API Security Project This Adapter will consume an intent - EnsureTLS - and create jobs to run the k8tls tool...
Techniques: 1. Exploit Public-Facing Application 2. Supply Chain Compromise Vulnerability Scanning This is a pre-deployment requirements.. Only scanned images can be loaded..
## Description The `nimbus-k8tls` adapter currently has overly broad permissions, including the ability to manage ClusterRole and ClusterRoleBinding resources. These permissions are considered highly privileged. We propose reducing these permissions...
