Skip to main content

One post tagged with "defcamp"

View All Tags

· 2 min read

The last two days, our team was present at DefCamp, the largest cybersecurity conference from Central and Eastern Europe.

Presentation

Beside talking to (and drinking beers with) awesome hackers, we had the opportunity to showcase our open-source project in a presentation called "MutableSecurity: Life's too short. Automate everything!".

The following subjects we're discussed:

  • The economic perspective on the cybersecurity context;
  • How MutableSecurity can be of assistance;
  • A demonstration; and
  • The integration of security mechanisms to our codebase.

Demo

The presentation was accompanied by a scenario taking into account a small IT outsourcing company's production infrastructure, which consisted of an nginx web server with enabled remote access through password-based SSH.

Two separate viewpoints are presented in the video below. The first is designated with a red border, which is the hacker one. Its objectives are to scan the server ports, bruteforce the SSH credentials using a known username, and exploit of the local file inclusion vulnerability. A Python 3 script is used to automate the final two steps.

The second viewpoint has purple borders and shows how the company's IT or security engineer can use MutableSecurity to protect its server. The following security solutions were configured, installed, and tested:

  • teler to detect web attacks;
  • Fail2ban to detect SSH bruteforce and block it in addition to the web attacks; and
  • Vector to send logs from teler and Fail2ban to a cloud-based Loki instance.