Updates on the Tsunami Security Scanning Engine
Several months ago, we open sourced the Tsunami security scanner: a false-positive-free infrastructure scanning engine focusing on high severity, actively exploited vulnerabilities. Today, we are releasing the first major update for Tsunami.
In the last few months, we have done a lot of work in the background to prepare Tsunami for the next step and focused on the following:
- Vulnerability research: In order to keep Tsunami’s detection capabilities up-to-date, we kicked-off various projects to research the exploitation of vulnerabilities in the wild. We will soon publish more information about our initiatives in this space—stay tuned.
- New detection capabilities: Based on our research, we have added 15 new detector plugins to Tsunami for actively exploited vulnerabilities.
- Continuous Integration pipeline for our open-source builds: We set up a CI/CD pipeline that automatically mirrors and tests changes between our internal version management system and the open source repository. This will enable us to easily merge internal and external contributions.
- Test bed for end-to-end testing: This summer we hosted an intern (Yuxin Wu), who built and open-sourced a test bed for Tsunami. The test bed can automatically deploy arbitrary versions of off-the-shelf software based on docker images. We are using the test bed to automatically check whether a Tsunami detector is working for all vulnerable versions of a software and keeps functioning for future versions.
- Web application fingerprinting: We added Web application fingerprinting capabilities to Tsunami. Tsunami, now detects popular off-the-shelve Web applications. This information can be used by Tsunami for more precise and less intrusive vulnerability verification. Furthermore, it enables security teams to build a software inventory based on Tsunami scans. We’ll keep working on refining our fingerprinting approach and extending our fingerprinting database.
Today, we are releasing the new detectors and the fingerprinting capabilities. You can find the new detectors and the web fingerprinter in our plugin repository.
If you are adopting Tsunami within your organization and if you have questions or would like to contribute, feel free to contact us at any time at email@example.com.
Related Google News:
- Google Workspace Updates Weekly Recap - February 19, 2021 February 19, 2021
- Benchmarking rendering software on Compute Engine February 18, 2021
- New in Google Cloud VMware Engine: improved reach, networking and scale February 18, 2021
- New private cloud networking whitepaper for Google Cloud VMware Engine February 17, 2021
- Helping users keep their organization secure with their phone's built-in security key February 16, 2021
- New whitepaper: CISO’s guide to Cloud Security Transformation February 16, 2021
- Google Workspace Updates Weekly Recap - February 12, 2021 February 12, 2021
- What you can learn in our Q1 2021 Google Cloud Security Talks February 10, 2021