Table of Contents
HoneyPot Pipeline
1. Running a Cowrie ssh honeypot
2. Using Thug as a Javascript client honeypot
3. Running Snare/Tanner web honeypot
4. Running Opencanary a low interaction honeypot
Reference
- SecureStack – https://github.com/6mile/DevSecOps-Playbook
- Snyk – https://github.com/orgs/snyk/repositories
- Fortify
- Teraform, Ansible Jenkins, Gitlab, Altasan
- SANS DevSecOps Cheat sheet – https://sansorg.egnyte.com/dl/uDa5sqjDeH
- The Ultimate List of SANS Cheat Sheets https://sansorg.egnyte.com/dl/uDa5sqjDeH
- CISA and NSA Release Joint Guidance on Defending Continuous Integration/Continuous Delivery (CI/CD) Environments – https://www.cisa.gov/news-events/alerts/2023/06/28/cisa-and-nsa-release-joint-guidance-defending-continuous-integrationcontinuous-delivery-cicd