all InfoSec news
Detecting and Characterizing Propagation of Security Weaknesses in Puppet-based Infrastructure Management. (arXiv:2208.01242v1 [cs.CR])
Aug. 3, 2022, 1:20 a.m. | Akond Rahman, Chris Parnin
cs.CR updates on arXiv.org arxiv.org
Despite being beneficial for managing computing infrastructure automatically,
Puppet manifests are susceptible to security weaknesses, e.g., hard-coded
secrets and use of weak cryptography algorithms. Adequate mitigation of
security weaknesses in Puppet manifests is thus necessary to secure computing
infrastructure that are managed with Puppet manifests. A characterization of
how security weaknesses propagate and affect Puppet-based infrastructure
management, can inform practitioners on the relevance of the detected security
weaknesses, as well as help them take necessary actions for mitigation. To that …
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
Sr. Product Manager
@ MixMode | Remote, US
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
PNT/NAVWAR Space Electronic Warfare Instructor II – Officer Training Course
@ Aleut Federal | Colorado Springs, Colorado, United States
Sr Director, Cybersecurity SIRT
@ Workday | USA, VA, McLean