Skip to content

Latest commit

 

History

History
81 lines (62 loc) · 7.05 KB

mitigations.md

File metadata and controls

81 lines (62 loc) · 7.05 KB

Mitigation Strategies Analysis for netflix/asgard

Mitigation Strategy: Principle of Least Privilege (Within Asgard) and MFA

  • Description:

    1. Review Asgard Roles: Examine the built-in roles and permissions within Asgard. Understand the capabilities associated with each role.
    2. Restrict User Permissions: Assign users the minimum necessary Asgard roles to perform their tasks. Avoid granting broad administrative access unless absolutely required. Specifically, limit permissions related to:
      • Launching instances.
      • Modifying security groups.
      • Creating/Deleting AMIs.
      • Modifying Asgard's configuration.
    3. Enforce MFA: Enable and enforce Multi-Factor Authentication (MFA) for all Asgard user accounts. This is a critical control within Asgard itself. Configure Asgard to require MFA for login.
    4. Regular Permission Review: Periodically review user permissions within Asgard to ensure they remain appropriate and haven't become overly permissive over time.

  • Threats Mitigated:

    • Over-Reliance on Asgard UI (Severity: High): While not eliminating reliance, it limits the damage an attacker can do if they compromise an Asgard account.
    • Insider Threats (Severity: Medium): Restricts the ability of malicious insiders with Asgard access to cause significant damage.
    • Credential Compromise (Severity: High): MFA significantly reduces the risk of compromised Asgard credentials being used for unauthorized access.
    • Privilege Escalation (Severity: Medium): Limits the potential for attackers to escalate privileges within Asgard.

  • Impact:

    • Over-Reliance on Asgard UI: Risk reduction: Medium. Reduces the impact of a compromised account.
    • Insider Threats: Risk reduction: Medium. Limits the scope of potential damage.
    • Credential Compromise: Risk reduction: High. MFA is a very effective control.
    • Privilege Escalation: Risk reduction: Medium. Makes it harder for attackers to gain higher privileges.

  • Currently Implemented: [ Example: Basic Asgard roles are used, but some users have more permissions than needed. MFA is not enabled. ]

  • Missing Implementation: [ Example: Need to conduct a thorough review of Asgard user roles and permissions, and re-assign users to the least-privilege roles. Need to enable and enforce MFA for all Asgard users. ]

Mitigation Strategy: Enable and Configure Asgard's Audit Logging

  • Description:

    1. Access Asgard's Configuration: Locate the configuration settings for Asgard's audit logging (this may be in a configuration file or through the Asgard UI).
    2. Enable Audit Logging: Ensure that audit logging is explicitly enabled.
    3. Configure Log Levels: Set the appropriate log level to capture all relevant actions. This should include, at a minimum:
      • User logins and logouts.
      • Instance launches and terminations.
      • Security group modifications.
      • AMI creation and deletion.
      • Changes to Asgard's configuration.
    4. Configure Log Destination (if applicable): If Asgard supports configuring a specific log destination (e.g., a file path or a remote syslog server), configure it appropriately. Ideally, logs should be sent to a secure, centralized location.
    5. Test Logging: After enabling and configuring logging, perform some test actions within Asgard (e.g., launch an instance, modify a security group) and verify that these actions are recorded in the audit logs.

  • Threats Mitigated:

    • Lack of Audit Trail (Severity: High): Provides a detailed record of actions performed within Asgard, essential for security investigations.
    • Insider Threats (Severity: Medium): Allows for detection and investigation of unauthorized or malicious actions by Asgard users.
    • Delayed Incident Response (Severity: Medium): Enables faster detection and response to security incidents by providing a clear record of events.

  • Impact:

    • Lack of Audit Trail: Risk reduction: High. Provides the necessary audit trail.
    • Insider Threats: Risk reduction: Medium. Facilitates detection and investigation.
    • Delayed Incident Response: Risk reduction: Medium. Improves response times.

  • Currently Implemented: [ Example: Audit logging is partially enabled, but not all actions are being logged, and the logs are stored locally on the Asgard instance. ]

  • Missing Implementation: [ Example: Need to configure Asgard to log all relevant actions. Need to configure a secure, centralized log destination (e.g., forwarding to AWS CloudTrail or a SIEM system). ]

Mitigation Strategy: Regular Updates of Asgard and its Dependencies

  • Description:

    1. Monitor for Updates: Regularly check for updates to Asgard itself and its dependencies. This includes monitoring the official Asgard repository, release notes, and security advisories.
    2. Establish an Update Process: Define a clear process for applying updates. This should include:
      • Testing updates in a non-production environment before deploying to production.
      • Having a rollback plan in case an update causes issues.
      • Documenting all updates.
    3. Automate Updates (if possible): If feasible, automate the update process for Asgard and its dependencies. This can reduce the risk of human error and ensure that updates are applied promptly. However, ensure proper testing and rollback mechanisms are in place.
    4. Dependency Scanning (Ideally, but less directly "within Asgard"): While ideally done as part of the build process before deploying Asgard, regularly scanning the running Asgard instance's dependencies for known vulnerabilities can provide an additional layer of defense. This is a borderline case for "directly involving Asgard."

  • Threats Mitigated:

    • Dependency Vulnerabilities (Severity: Medium to High): Reduces the risk of exploiting known vulnerabilities in Asgard or its dependencies.
    • Zero-Day Vulnerabilities (Severity: High): While not preventing zero-days, regular updates increase the likelihood of quickly addressing newly discovered vulnerabilities.

  • Impact:

    • Dependency Vulnerabilities: Risk reduction: Medium to High. Depends on the severity of the vulnerabilities and the speed of updates.
    • Zero-Day Vulnerabilities: Risk reduction: Low to Medium. Improves the chances of a quick response.

  • Currently Implemented: [ Example: Asgard is updated infrequently and manually. No formal update process exists. ]

  • Missing Implementation: [ Example: Need to establish a regular update schedule and a documented process for applying updates, including testing and rollback procedures. Explore options for automating updates. ]