amzn

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
amzn [2020/02/12 14:32] – [Ingress controller/friendly fire issue with vulnerability scans] mmuzeamzn [2020/02/13 13:01] (current) – [Programmatic UI manipulation] mmuze
Line 6: Line 6:
 ======sorcery, product configuration automation solution====== ======sorcery, product configuration automation solution======
   * The //sorcery// solution is a CLI tool that provides supplemental functionality that is not built into a product to provide ways of automating what would otherwise be onerous manual and error prone tasks carried out by an administrator.   * The //sorcery// solution is a CLI tool that provides supplemental functionality that is not built into a product to provide ways of automating what would otherwise be onerous manual and error prone tasks carried out by an administrator.
 +  * automates assigning agents to sensors
 +  * automates tagging agents to help with identifying and managing them
 +  * automates purging defunct agent configuration from the backend when VMs or hosts are terminated
   * **source code:** [[https://github.com/mgupton/sorcery]]   * **source code:** [[https://github.com/mgupton/sorcery]]
  
Line 22: Line 25:
   * This solution provides a way to programmatically manipulate a web UI to supplement the lack of an API for acquiring vulnerability data.   * This solution provides a way to programmatically manipulate a web UI to supplement the lack of an API for acquiring vulnerability data.
   * This solution was used to ingest vulnerability findings into an ITSM (e.g. ServiceNow) that was used for a partners workflow with their end customers.   * This solution was used to ingest vulnerability findings into an ITSM (e.g. ServiceNow) that was used for a partners workflow with their end customers.
 +  * The solution would authenticate with the UI and then fetch the latest scan results from a specified scan job and save the data as a CSV file that could be readily ingested into an ITSM.
   * **source code:** {{ :temp:aims-ui-access.py |}}   * **source code:** {{ :temp:aims-ui-access.py |}}
   * {{ :temp:customer-readme.pdf |}}   * {{ :temp:customer-readme.pdf |}}
   * [[https://www.youtube.com/watch?v=bCZ7yprk3Ig|Video demo of proof-of-concept]]   * [[https://www.youtube.com/watch?v=bCZ7yprk3Ig|Video demo of proof-of-concept]]
  
  • amzn.1581517933.txt.gz
  • Last modified: 2020/02/12 14:32
  • by mmuze