Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Network Segmentation: Addresses Multiple intents #85

Open
nandhued opened this issue Mar 18, 2024 · 4 comments · May be fixed by #228
Open

Network Segmentation: Addresses Multiple intents #85

nandhued opened this issue Mar 18, 2024 · 4 comments · May be fixed by #228
Assignees
@anurag-rajawat
Labels
engine Adapters configure the security engines Intent Intents configure/driver adapters tactic: initialAccess
Milestone
31/07/2024

Comments

@nandhued
Copy link

nandhued commented Mar 18, 2024
edited by anurag-rajawat
Loading

Generate zero-trust policies generated by the discovery engine based on application behaviour

The attacks that can be mitigated are:

  • Exploit public-facing applications
  • Registration of malicious network functions
  • Software Deployment Tools
  • Malicious VNF installation

Techniques:

  1. Radio control manipulation via rogue xApps
  2. Trusted Relationship
  3. Registration of malicious network functions
  4. Software Deployment Tools
  5. gNodeB Component Manipulation
  6. Network Sniffing [Tactic: Credential Access]
  7. Adversary-in-the-Middle [Tactic: Credential Access]
  8. Network Sniffing [Tactic: Resource Development]
  9. Adversary-in-the-Middle [Tactic: Resource Development]

Parameters need to be provided such which container is to be isolated

The adapters that are involved are:

KubeArmor, Network Policy, Service Mesh

Design doc
@nandhued nandhued converted this from a draft issue Mar 18, 2024
@nandhued nandhued modified the milestone: Mar 30th, 2024 Mar 18, 2024
@shivaccuknox shivaccuknox added this to the 6/30/24 milestone Apr 26, 2024
@shivaccuknox shivaccuknox changed the title Network Segementation: Addresses Multiple intents Network Segmentation: Addresses Multiple intents May 21, 2024
@shivaccuknox shivaccuknox added the engine Adapters configure the security engines label May 21, 2024
@nandhued nandhued added the Intent Intents configure/driver adapters label May 28, 2024
@nandhued nandhued assigned shivaccuknox and unassigned VedRatan May 29, 2024
@nandhued nandhued moved this from 📋 Backlog to 🏗 In progress in NIMBUS Jun 28, 2024
@nandhued
Copy link
Author

nandhued commented Jul 1, 2024

Document WIP

@nandhued nandhued modified the milestones: 6/30/24, 31/07/2024 Jul 8, 2024
@nandhued nandhued moved this from 🏗 In progress to 📋 Backlog in NIMBUS Jul 9, 2024
@nandhued nandhued moved this from 📋 Backlog to 🏗 In progress in NIMBUS Jul 18, 2024
@anurag-rajawat anurag-rajawat linked a pull request Jul 19, 2024 that will close this issue
Open
7 tasks
@nandhued nandhued moved this from 🏗 In progress to 👀 In review in NIMBUS Jul 22, 2024
@nandhued
Copy link
Author

Detailed Design for API cataloging

@nandhued
Copy link
Author

Look into API clarity/Traceble
setup nginx ingress controller and visibility into north-south traffic.

@nandhued
Copy link
Author

PR in review

@nandhued nandhued moved this from 👀 In review to ❌ Blocked in NIMBUS Oct 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@anurag-rajawat anurag-rajawat

Labels
engine Adapters configure the security engines Intent Intents configure/driver adapters tactic: initialAccess
Projects
NIMBUS
Status: ❌ Blocked
Milestone
31/07/2024
Development

Successfully merging a pull request may close this issue.

feat: Add DiscoveredPolicy adapter anurag-rajawat/nimbus
4 participants
@nandhued @VedRatan @anurag-rajawat @shivaccuknox