Task#3.2 Validating the generated rules by identifying insecure practices in sample GITHUB and GITLAB repositories

Question

Task#3.2 Validating the generated rules by identifying insecure practices in sample GITHUB and GITLAB repositories

Closed this issue 4 years ago · 1 comments

Initial RESULT from GITHUB sample dataset (51 repositories)

NO RBAC in 50 repositories out of 51
DEFAULT NAMESPACE COUNT---> 11
NO TLS --> 79
NO RESOURCE LIMIT ---> 15
USERNAME ---> 14 PASSWORD---> 12 KEY----> 342
PRIVILEGE ESCALATION--> 0 MISSING SECURITY CONTEXT 15 PRIVILEGED CONTAINER--> 1
ROOT PRIVILEGE --> 1
NO ROLLING UPDATE --> 6 out of 106 instances
NETWORK POLICY MISSING in 11 repositories out of 51
NETWORK EGRESS POLICY MISSING in 7 repositories out of 45
FOUND 43 INSECURE repositories out of 45 repositories
FOUND 238 INSECURE YAML files out of 1980 total files

Initial RESULT from GITLAB sample dataset (45 repositories)

NO RBAC in 36 repositories out of 45
DEFAULT NAMESPACE COUNT---> 15
NO TLS --> 256
NO RESOURCE LIMIT ---> 19
USERNAME ---> 95 PASSWORD---> 53 KEY----> 260
PRIVILEGE ESCALATION--> 0 MISSING SECURITY CONTEXT 11 PRIVILEGED CONTAINER--> 8
ROOT PRIVILEGE --> 24
NO ROLLING UPDATE --> 62 out of 118 instances
NETWORK POLICY MISSING in 7 repositories out of 45
NETWORK EGRESS POLICY MISSING in 7 repositories out of 45
FOUND 51 INSECURE repositories out of 51 repositories
FOUND 131 INSECURE YAML files out of 1086 total files

Answer 1 · 2020-11-10T04:29:28.000Z

Validate new rule for check_network_egress_policy() with other rules.