hi!
How do you investigate of your security of instance proactively?
I see in many companies use the different security scanners for analysis (https://owasp.org/www-community/Vulnerability_Scanning_Tools) e.g. Jira.
Just curious how often do you do ? What kind methods do you use ?
is this for compliance and checklist?
Cheers,
Gonchik Tsymzhitov
From previous experience this is a lengthy topic (beg my pardon I touched some more aspects than just the security scanners) where many details can be unfold - but in general, I suppose, overall they just repeat best practises for IT which are documented for many, many years.
I'd like just to name a few - all of them, like I said, supposedly are repetitions:
One topic that I have seen in discussions lately is the preservation of logs (catalina.out/atlassian-jira.log and probably atlassian-jira-security.log) in a separated logging-system to detect irregularities or if the server was already compromised and the original system cannot be trusted anymore.
The list can be continued (I heard of implementations that scan the attachment directory for viruses and other malicious contents) and is by no means complete (one could start with discussing the presence of a correctly configured firewall and end up with the statement that only trusted admins should be act on basic system levels and so on). So please consider all of the said above as some basic idea that came to my mind and what seems to be common with Jira-admins I recently spoke with.
Thank you ,
I am also interested to the tooling.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Regarding how often you scan a system, depends on several factors:
I also suggest cross-posting this in Trust & Security. 💪
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.