Security scanning with Nessus
I want to perform vulnerability scanning of Mirantis OpenStack by using Nessus in a automated way.
Proposed scan scenario:
- deploy MOS cluster with 1 Fuel master, 3 HA controllers and 2 nova-compute nodes
- attach Nessus VM to all the MOS virtual networks
- download SSH private keys from Fuel master, at least 1 controller and at least 1 nova-compute to allow Nessus to connect it over the SSH
- using Nessus REST API, define IP addresses to scan
- using Nessus REST API, perform scan with policy "Network Services/HTTP"
- using Nessus REST API, perform scan with policy ""Local Security Checks", which connects over SSH and checks for security using - using Nessus REST API, download report from scans or send it to a specified email address
- download a repo
Blueprint information
- Status:
- Complete
- Approver:
- Adam Heczko
- Priority:
- High
- Drafter:
- Adam Heczko
- Direction:
- Approved
- Assignee:
- None
- Definition:
- Approved
- Series goal:
- Accepted for 7.0.x
- Implementation:
- Implemented
- Milestone target:
- 7.0
- Started by
- Adam Heczko
- Completed by
- Adam Heczko
Whiteboard
I want to have this feature delivered in Q2 or Q3 of 2015.
Probably in Q2 we will have basic test, in Q3 more advanced test scenarios.
Gerrit topic: https:/
Addressed by: https:/
Add system tests for security scans
Addressed by: https:/
Provide possibility to add nessus node to env