Roberto Polli
Roberto Polli
## I expect EncryptedTunnel to reference https://datatracker.ietf.org/doc/html/rfc4301 ## instead references https://datatracker.ietf.org/doc/html/rfc1825
## I expect SoftwareElimination technique. This extends the concept of DeadCodeElimination to platforms and container image. ## Note imho when a software artifact is containerized, the deliverable is the whole...
## Question Can https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/ be used as a reference for techniques?
## I expect - ContainerProcess -->|runs| ContainerImage (in some way) - ContainerImage < SoftwarePackage (e.g. ContainerImage < SoftwarePackage < File ) ## Notes - associating ContainerProcess and ContainerImage is not...
## I expect - a Configuration Manager class (e.g. ansible, puppet, argocd, terraform, ...) ## Note is there something yet? It's not necessarily an OrchestrationController nor an Orchestrating tool
## I expect - to correlate PrivilegedUserAccount (PUA), AdministrativeNetworkTraffic(ANT) - the concept of bastion host or administration host - SSHService or SSHServer to be an artifact, now SSH is just...
## I Expect - to align concepts with RFC9110 - to add missing concepts from RFC9110 (e.g. HTTP Intermediary, including HTTP gateways, HTTP reverse proxies & co) ## Question Feel...
## Questions 1- d3f:M1013 says "A future release of D3FEND will define a taxonomy of Source Code Hardening Techniques." 2- Detect tactic "is used to identify adversary access to or...
## I expect - a new artifact for Container Registry. - when there's agreement on that I could provide a PR.
## I expect - to define a max-line-length policy in protege, especially for kb articles ## Notes - shorter lines improve readability and reduce PR sizes - since kb-article is...