-
Notifications
You must be signed in to change notification settings - Fork 5
TODO List
dav3r edited this page Aug 31, 2018
·
28 revisions
Confirm enough Nessus licenses are available for our Production instancesVerify full scans of CAL and other sites work as expected-
Take best guess at EC2 instance types (better to be too beefy at first)- Mongo: m4.10xlarge
(temporarily set to m4.2xlarge, due to AWS resource limits) - Nessus: m4.2xlarge
- nmap: t2.large
- Mongo: m4.10xlarge
- Ensure that Production workspace can be safely terraformed from current state to launch state without nuking existing MongoDB data
Set correct reply-to address for CyHy reports- Set up automated CyHy reports in AWS
- Automate Nessus
license key, user setup,policy deployment Set up NVD sync script- Set up cyhy-archive (weekly archive script) and decide where archived data should be sent to
Increase the ephemeral port range for the nmap boxes:cat /proc/sys/net/ipv4/ip_local_port_range- Set up CyHy team members with CyHy tools that can access DB in AWS
Change mongo instance from m4.2xlarge to m4.10xlarge (when limit is increased by AWS)- Update to licensed MaxMind GeoIP2 database (docker container and aws deployment) https://download.maxmind.com/app/geoip_download?edition_id=GeoIP2-City&license_key=rOV57jX1AN9f&suffix=tar.gz
Enable nmap instances to be destroyed/created without losing their current work- Enable Nessus instances to be destroyed/created without losing their current work
- Review all EC2 instances and volumes to determine if they should be resized
- Make commander more resilient- if any resource (database, scanner) is unavailable, gracefully wait until it becomes available; alert when a sane timeout has been reached
- Get CyHy dashboard up and running again
- Set up MongoDB replication
- Add memory and disk usage monitoring and alerting
- Set up standby instances for CyHy in case we need to move to a different AWS availability zone
- Create a mechanism to watch for scans that have been in RUNNING status for "too long" and alert us