monitoring Archives - Page 2 of 3

Source Code Analysis Tools

Source code analysis tools, also referred to as Static Application Security Testing (SAST) Tools, are designed to analyse source code and/or compiled versions of code to help find security flaws.

Some tools are starting to move into the IDE

For the types of problems that can be detected during the software development phase itself, this is a powerful phase within the development life cycle to employ such tools, as it provides immediate feedback to the developer on issues they might be introducing into the code during code development itself. This immediate feedback is very useful, especially when compared to finding vulnerabilities much later in the development cycle.

Strengths and Weaknesses

Strengths

Scales well — can be run on lots of software, and can be run repeatedly (as with nightly builds or continuous integration)
Useful for things that such tools can automatically find with high confidence, such as buffer overflows, SQL Injection Flaws, and so forth
Output is good for developers — highlights the precise source files, line numbers, and even subsections of lines that are affected

Weaknesses

Many types of security vulnerabilities are difficult to find automatically, such as authentication problems, access control issues, insecure use of cryptography, etc. The current state of the art only allows such tools to automatically find a relatively small percentage of application security flaws. However, tools of this type are getting better.
High numbers of false positives.
Frequently can’t find configuration issues, since they are not represented in the code.
Difficult to ‘prove’ that an identified security issue is an actual vulnerability.
Many of these tools have difficulty analyzing code that can’t be compiled. Analysts frequently can’t compile code because they don’t have the right libraries, all the compilation instructions, all the code, etc.

Open Source or Free Tools Of This Type

Bandit – bandit is a comprehensive source vulnerability scanner for Python
Brakeman – Brakeman is an open source vulnerability scanner specifically designed for Ruby on Rails applications
Codesake Dawn – Codesake Dawn is an open source security source code analyzer designed for Sinatra, Padrino for Ruby on Rails applications. It also works on non-web applications written in Ruby
FindBugs – (Legacy – NOT Maintained – Use SpotBugs (see below) instead) – Find bugs (including a few security flaws) in Java programs
FindSecBugs – A security specific plugin for SpotBugs that significantly improves SpotBugs’s ability to find security vulnerabilities in Java programs. Works with the old FindBugs too,
Flawfinder Flawfinder – Scans C and C++
Google CodeSearchDiggity – Uses Google Code Search to identifies vulnerabilities in open source code projects hosted by Google Code, MS CodePlex, SourceForge, Github, and more. The tool comes with over 130 default searches that identify SQL injection, cross-site scripting (XSS), insecure remote and local file includes, hard-coded passwords, and much more. Essentially, Google CodeSearchDiggity provides a source code security analysis of nearly every single open source code project in existence – simultaneously.
Graudit – Scans multiple languages for various security flaws.
LGTM – A free for open source static analysis service that automatically monitors commits to publicly accessible code in: Bitbucket Cloud, GitHub, or GitLab. Supports C/C++, C#, COBOL (in beta), Java, JavaScript/TypeScript, Python
PMD – PMD scans Java source code and looks for potential code problems (this is a code quality tool that does not focus on security issues)
Progpilot – Progpilot is a static analyzer tool for PHP that detects security vulnerabilities such as XSS and SQL Injection.
PreFast (Microsoft) – PREfast is a static analysis tool that identifies defects in C/C++ programs. Last update 2006.
Puma Scan – Puma Scan is a .NET C# open source static source code analyzer that runs as an IDE plugin for Visual Studio and via MSBuild in CI pipelines.
.NET Security Guard – Roslyn analyzers that aim to help security audits on .NET applications. It will find SQL injections, LDAP injections, XXE, cryptography weakness, XSS and more.
RIPS – RIPS is a static source code analyzer for vulnerabilities in PHP web applications. Please see notes on the sourceforge.net site.
phpcs-security-audit – phpcs-security-audit is a set of PHP_CodeSniffer rules that finds flaws or weaknesses related to security in PHP and its popular CMS or frameworks. It currently has core PHP rules as well as Drupal 7 specific rules.
SonarQube – Scans source code for more than 20 languages for Bugs, Vulnerabilities, and Code Smells. SonarQube IDE plugins for Eclipse, Visual Studio, and IntelliJ provided by SonarLint.
SpotBugs – This is the active fork replacement for FindBugs, which is not maintained anymore.
VisualCodeGrepper (VCG) – Scans C/C++, C#, VB, PHP, Java, and PL/SQL for security issues and for comments which may indicate defective code. The config files can be used to carry out additional checks for banned functions or functions which commonly cause security issues.

GitLab has lashed a free SAST tool for a bunch of different languages natively into GitLab. So you might be able to use that, or at least identify a free SAST tool for the language you need from that list.

Source:
https://www.owasp.org/index.php/Source_Code_Analysis_Tools

Article analysis, bugs, monitoring, noc, sast, source code

Happy Easter Holidays

Our System Administrator team wish you Happy Easter Holidays, we are going to be 24/7 looking after our customers networks and systems, so their clients can enjoy a safe and very nice week.
THANK YOU to our customers.
We greatly value your trust and confidence and sincerely appreciate your loyalty to our business

Quality NOC

Article backwatch, DevOps, drift, driftsvakt, Managed NOC Services, monitoring, noc, noc service, on call duty, operations, outsourced NOC

End-to-End Infrastructure Monitoring & Management

Flexible Monitoring Solutions Tailored to Your Needs

We offer multiple monitoring options to suit your infrastructure:

Integrate your existing monitoring system
Deploy a new system with seamless host migration
Utilize our fully managed monitoring solution (ideal for smaller operations)

Comprehensive NOC Services

Our 24/7/365 NOC team provides expert support, including:

Website Monitoring
Application Performance Monitoring (APM)
Server Monitoring
Network Monitoring
Cloud Monitoring (Public, Private & Hybrid)

Trusted by Businesses of All Sizes

From large telecom enterprises (500+ hosts) to SMBs with minimal infrastructure, we deliver scalable solutions that:

Reduce operational costs – Free your engineers to focus on strategic projects
Enhance efficiency – Optimize workflows and minimize downtime
Ensure reliability – Proactive monitoring for maximum uptime

Your Customized Solution Awaits

NOC team 24 seven

Preparing for the summer? Our NOC is already working around the clock for leading telecoms and service providers

Join us!

Article, Press CentOS, cloud, host, hosts, linux server, monitoring, process, processes, Red Hat, router, services, switch, ubuntu, vpn, windows server

The Best Free Network Monitoring Tools

Open-source choices are good and can even match commercial tools, but you should know that using open-source monitoring requires a high level of involvement with the tool, which may not suit your needs. Open source requires a significant investment in time and resources to learn, install, configure, and use. Features may have to be built with the help of community support or an in-house IT team. The second consideration is security, which becomes an issue if your enterprise has strict security guidelines. Immediate custom fixes may not be available unless you spend time developing them. Or there could be instances when major security flaws aren’t discovered in the auditing process.

ICINGA2

Icinga 2 is an open source monitoring system which checks the availability of your network resources, notifies users of outages, and generates performance data for reporting.

Scalable and extensible, Icinga 2 can monitor large, complex environments across multiple locations.

If you have NAGIOS clients already in your systems, the migration is very easy you can continue using same NAGIOS clients as they are like Nagios NRPE, NSClient, etc.

Many companies used NAGIOS for years and now have migrated to Icinga2.

NAGIOS CORE

Nagios® is one of the most popular and widely used free network monitoring tools. Network admins like Nagios because it does everything. Whatever it doesn’t have can be built, or has been built by the Nagios community.

There are two versions of Nagios. Nagios Core is open source and free, and Nagios XI is a commercial tool based on the Nagios Core but with added features. Nagios is popular due to its active development community and external plug-in support. You can create and use external plugins in the form of executable files or Perl® and shell scripts to monitor and collect metrics from every hardware and software used in a network. There are plugins that provide an easier and better GUI, address many limitations in the Core®, and support features, such as auto discovery, extended graphing, notification escalation, and more. Nagios can be overwhelming for beginners and enterprises that do not have enough IT support staff, but it provides good monitoring powers. For support, users can always get help from the Nagios community, or opt for a commercial support package from Nagios Enterprise. Quality NOC can provide support for installation, configuration and development of new features to check software and hardware.

If you have the time to invest in learning and mastering this tool, Nagios Core offers good network monitoring capabilities.

CACTI

Cacti® is a network monitoring tool that allows you to collect data from almost any network element, including routing and switching systems, firewalls, load balancers, and servers, and put that data into robust graphs. If you have a device, it’s possible that Cacti’s active community of developers has created a monitoring template for it.

Cacti supports SNMP polling, which itself covers a wide range of network devices. You can also extend Cacti’s capabilities to use scripts, queries, or commands for data collection, and save it as a template to use for polling other devices for similar data sets. Cacti leverages the power of RRDTool, which is an open-source data logging and graphing system for storing polled data in the database, and creating graphs from the stored data sets. RRDTool’s data consolidation lets you store collected data forever, and is limited only by the size your storage. Cacti leveraging on RRDTool has the ability to generate any type of graph for any data set, and the graphing used in Cacti is the standard used by many open-source and commercial tools. Cacti also allows you to add multiple users and give them access with or without edit permissions, which is perfect for service providers and enterprises with a large NOC team.

Cacti’s strength lies in its community of developers who have contributed many plug-ins, scripts, and templates that can be used to monitor almost every type of device. We especially like its device support and graphing capabilities.

ZABBIX

Zabbix is probably the most widely used open-source network monitoring tool after Nagios
Complex to set up, Zabbix® comes with a simple and clean GUI that makes it easy to manage, once you get the hang of it.

Zabbix supports agent-less monitoring using technologies such as SNMP, ICMP, Telnet, SSH, etc., and agent-based monitoring for all Linux® distros, Windows® OS, and Solaris®. It supports a number of databases, including MySQL®, PostgreSQL™, SQLite, Oracle®, and IBM® DB2®. Zabbix’s VMware® monitoring capabilities allow you to customize using any scripting or programming language, which is widely regarded as its best feature.

NTOP

ntop, which is now ntopng (ng for next generation), is a traffic probe that uses libpcap (for packet capture) to report on network traffic.

You can install ntopng on a server with multiple interfaces, and use port mirroring or a network tap to feed ntopng with the data packets from the network for analysis. ntopng can analyze traffic even at 10G speeds; report on IP addresses, volume, and bytes for each transaction; sort traffic based on IP, port, and protocol; generate reports for usage; view top talkers; and even report on AS information. This level of traffic analysis helps you make informed decisions about capacity planning and QoS design, and also helps you find bandwidth-hogging users and applications in the network. ntopng has a commercial version called ntopng pro that comes with some additional features, but the open-source version is good enough to quickly gain insight into traffic behavior. ntop can also integrate with external monitoring applications such as Nagios for alerting, and provide data for monitoring.

Ntopng has some limitations, but the level of network traffic visibility it provides makes it well worth the effort.