The document discusses building secure code by rigorously testing it through automated attacks and verification. It introduces the concept of "ruggedization" where code is made resilient through repeated, automated testing against attacks. This helps code handle adversity in unexpected ways and provides unrealized value. It promotes using the Gauntlet framework to put code through extensive security testing with tools like nmap, metasploit, fuzzers and custom attacks to improve security.
3. I recognize that my
code will be used in
ways I cannot
anticipate, in ways it
was not designed,
and for longer than it
was ever intended.
4. Ruggedization Theory
Building solutions to handle
adversity will cause
unintended, positive benefits
that will provide value that
would have been unrealized
otherwise.
5. "Secondly, our network
got a lot stronger as a
result of the LulzSec
attacks."
-Surviving Lulz: Behind the Scenes of LulzSec @SXSW 2012
by CloudFlare team
6. Security vs. Rugged
• Absence of • Verification of
Events quality
• Cost • Benefit
• Negative • Positive
• FUD • Known values
• Toxic • Affirming
7. “[RISK ASSESSMENT] INTRODUCES A
DANGEROUS FALLACY: THAT
STRUCTURED INADEQUACY IS
ALMOST AS GOOD AS ADEQUACY
AND THAT UNDERFUNDED
SECURITY EFFORTS PLUS RISK
MANAGEMENT ARE ABOUT AS
GOOD AS PROPERLY FUNDED
SECURITY WORK” - MICHAL ZALEWSKI
13. feature for nmap:
nmap.feature
@run
Feature: Run nmap against a target and pass the value of the hostname from the profile.xml.
Background:
Given nmap is installed
Scenario:Verify server is available on standard web ports
Given the hostname in the profile.xml
When I run nmap against the hostname in the profile on ports 80,443
Then the output should contain:
"""
80/tcp open http
443/tcp open https
"""
14. feature for nmap:
nmap.feature
@run @webserver
Feature: Run nmap against a target and pass the value of the hostname from the
profile.xml.
Background: #optional
Given nmap is installed
Scenario: Verify server is available on standard web ports
Given the hostname in the profile.xml
When I run nmap against the hostname in the profile on ports 80,443
Then the output should contain:
"""
80/tcp open http
443/tcp open https
"""
15. step definition for nmap:
nmap.rb
Given /^nmap is installed$/ do
steps %{
When I run `which nmap`
Then the output should contain:
"""
nmap
"""
}
end
When /^I run nmap against the hostname in the profile on ports (d+),(d+)$/ do |arg2, arg3|
steps %{
When I run `nmap "#{@hostname}" -p80,443`
}
end
...
16. running gauntlt with failing tests
wickett$ gauntlt
@gauntlet @run
Feature: Run nmap against a target and pass the value of the hostname from the profile.xml.
Background: # features/nmap/nmap.feature:5
Given nmap is installed # features/step_definitions/nmap.rb:2
Scenario:Verify server is available on standard web ports # features/nmap/nmap.feature:8
Given the hostname in the profile.xml # features/step_definitions/profile.rb:1
When I run nmap against the hostname in the profile on ports 8080,443 # features/step_definitions/nmap.rb:12
Then the output should contain: # aruba-0.4.11/lib/aruba/cucumber.rb:98
"""
8080/tcp open http
443/tcp open https
"""
...
Failing Scenarios:
cucumber features/nmap/nmap.feature:8 # Scenario:Verify server is available on standard web ports
1 scenario (1 failed)
4 steps (1 failed, 3 passed)
0m0.341s
17. running gauntlt with passing tests
wickett$ gauntlt
@gauntlet @run
Feature: Run nmap against a target and pass the value of the hostname from the profile.xml.
Background: # features/nmap/nmap.feature:5
Given nmap is installed # features/step_definitions/nmap.rb:2
Scenario:Verify server is available on standard web ports # features/nmap/nmap.feature:8
Given the hostname in the profile.xml # features/step_definitions/profile.rb:1
When I run nmap against the hostname in the profile on ports 80,443 # features/step_definitions/nmap.rb:12
Then the output should contain: # aruba-0.4.11/lib/aruba/cucumber.rb:98
"""
80/tcp open http
443/tcp open https
"""
1 scenario (1 passed)
4 steps (4 passed)
0m1.117s