all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Detecting and Characterizing Propagation of Security Weaknesses in Puppet-based Infrastructure Management. (arXiv:2208.01242v1 [cs.CR])

Add to bookmarks
Aug. 3, 2022, 1:20 a.m. | Akond Rahman, Chris Parnin

cs.CR updates on arXiv.org arxiv.org

Despite being beneficial for managing computing infrastructure automatically,
Puppet manifests are susceptible to security weaknesses, e.g., hard-coded
secrets and use of weak cryptography algorithms. Adequate mitigation of
security weaknesses in Puppet manifests is thus necessary to secure computing
infrastructure that are managed with Puppet manifests. A characterization of
how security weaknesses propagate and affect Puppet-based infrastructure
management, can inform practitioners on the relevance of the detected security
weaknesses, as well as help them take necessary actions for mitigation. To that …

infrastructure management puppet security

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Calibration Attacks: A Comprehensive Study of Adversarial Attacks on Model Confidence 11 hours ago | arxiv.org
adversarial adversarial attacks aim arxiv +11
Hot PATE: Private Aggregation of Distributions for Diverse Task 11 hours ago | arxiv.org
aggregation arxiv cs.ai cs.cr +18
A Stacked Ensemble Learning IDS Model for Software-Defined VANET 11 hours ago | arxiv.org
arxiv autonomous autonomous vehicles can +23
Your Code Secret Belongs to Me: Neural Code Completion Tools Can Memorize Hard-Coded Credentials 11 hours ago | arxiv.org
arxiv can code code completion +6
Flamingo: Multi-Round Single-Server Secure Aggregation with Applications to Private Federated Learning 11 hours ago | arxiv.org
aggregation applications arxiv beyond +14
PECAN: A Deterministic Certified Defense Against Backdoor Attacks 11 hours ago | arxiv.org
arxiv attackers attacks backdoor +18
Hyperloop: A Cybersecurity Perspective 11 hours ago | arxiv.org
arxiv critical critical infrastructure cs.cr +17
Blockchain based Secure Energy Marketplace Scheme to Motivate Peer to Peer Microgrids 11 hours ago | arxiv.org
arxiv barriers blockchain cost +16
Insecurity of Quantum Two-Party Computation with Applications to Cheat-Sensitive Protocols and Oblivious Transfer Reductions 11 hours ago | arxiv.org
access applications arxiv case +15

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

PNT/NAVWAR Space Electronic Warfare Instructor II – Officer Training Course

@ Aleut Federal | Colorado Springs, Colorado, United States
View on infosec-jobs.com

Sr Director, Cybersecurity SIRT

@ Workday | USA, VA, McLean
View on infosec-jobs.com