IT shops have trouble reliably doing the basics well:
- 30% of all break-ins come through systems not in inventory
- 30% of servers are doing nothing useful
- getting systems hardened is difficult
- 70% of people who get into compliance with PCI-DSS aren’t in compliance a year later
- remediation of known serious patches happens slowly if at all
- 90% of all sites have suffered from outages of services which aren’t monitored
- keeping a suite of helpful tools correctly configured over time is time-consuming and expensive
Then of course, there’s the problem of demonstrating to upper management that you’re actually making progress against a formidable task. These are the problems the OWASP Assimilation project addresses.
It compares security configuration against best practices, keeps network-facing checksums up to date, provides attack surface visualization, alerts on many kinds of events, and also improves availability through monitoring systems and services.
This talk gave an overview of the project and a live demo.
Video from this talk can be found here: http://assimilationsystems.com/videos/2016-bsides-las-vegas-automating-security-owasp-assimilation-project/