Fuel to interact with external vulnerability scanner (Nessus)

Registered by Adam Heczko

Currently Fuel cannot interact with any external vulnerability scanner. Security wise customers would like to integrate their corporate Nessus instances with OpenStack environments to provide appropriate security assessment mechanisms. Since Fuel knows all the details of provisioned clouds, it is ideal candidate to orchestrate external security assessment tools like Nessus.
In scope of plugin development is:
- appropriate scan policy configuration of external security assessment tool (we assume Nessus), we assume definition of two policies: 'Credentialed Patch Audit' (CPA) and 'Advanced Scan' (AS). Advanced Scan should be defined against external network segment.
- appropriate scan definition: OpenStack network address ranges, authentication data required to implement Nessus scanning
- other details discovered during the implementation phase

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
Adam Heczko
Direction:
Needs approval
Assignee:
None
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.