⽬录遍历 Apache ActiveMQ 未授权访问,5.12 之前的版本 fileserver存在 PUT任意写 CVE-2015-5254 Apache Solr CVE-2017-12629 CVE-2019-0193 [ Apache Solr 5.x - 8.2.0 ] Apache Zookeeper 未授权访问,敏感信息泄露 Apache Shiro

Product Ops  Product Management  Every technology under the sun  Solaris, Windows, Linux  Apache, IIS, TCServer, etc.  Oracle, DB2, SQL Server  How we got better  We read and we studied.

Factory using Cloud DevSecOps Services Sidecar Container Security Stack Sidecar Container Security Stack enables: correlated and centralized logs, container security, east/west traffic management, a zero-trust and container policy enforcement.The security stack in the security sidecar container will include: 1. A logging agent to push logs to a platform centralized logging service. 2. Container policy policy enforcement. This includes ensuring container hardening from DCAR containers are preserved and complies with the NIST 800-190 requirements [12]. 3. Runtime Defense, this can perform both signature-based

need… • a Container Management Platform, but to network it I need… • a Service Mesh, but to secure it I need… • an automated Certificate Authority, and for more security I need… • a Container scanning and

code (API calls from certain types of test code) 4. Ensure every CI process is in an isolated container 5. Make the version control credentials of the CI system read-only 3. Ch. 23 – Protecting the auditors traditional training of sampling with screenshot evidence doesn’t really work in cloud, container or similar environments with infrastructure-as-code and auto- scaling. Must create alternatives