Skip to content

TODO List

dav3r edited this page Sep 5, 2018 · 28 revisions

Things left to do before launch

  • Confirm enough Nessus licenses are available for our Production instances
  • Verify full scans of CAL and other sites work as expected
  • Take best guess at EC2 instance types (better to be too beefy at first)
    • Mongo: m4.10xlarge (temporarily set to m4.2xlarge, due to AWS resource limits)
    • Nessus: m4.2xlarge
    • nmap: t2.large
  • Ensure that Production workspace can be safely terraformed from current state to launch state without nuking existing MongoDB data

Other things to do after launch that we don't want to forget about

  • Set correct reply-to address for CyHy reports
  • Set up automated CyHy reports in AWS
  • Automate Nessus license key, user setup, policy deployment
  • Set up NVD sync script
  • Set up cyhy-archive (weekly archive script) and decide where archived data should be sent to
  • Add CyHy backup and restore users to mongo_users.yml (S3 secret)
  • Increase the ephemeral port range for the nmap boxes: cat /proc/sys/net/ipv4/ip_local_port_range
  • Set up CyHy team members with CyHy tools that can access DB in AWS
  • Change mongo instance from m4.2xlarge to m4.10xlarge (when limit is increased by AWS)
  • Update to licensed MaxMind GeoIP2 database (docker container and aws deployment) https://download.maxmind.com/app/geoip_download?edition_id=GeoIP2-City&license_key=rOV57jX1AN9f&suffix=tar.gz
  • Enable nmap instances to be destroyed/created without losing their current work
  • Enable Nessus instances to be destroyed/created without losing their current work
  • Review all EC2 instances and volumes to determine if they should be resized
  • Make commander more resilient- if any resource (database, scanner) is unavailable, gracefully wait until it becomes available; alert when a sane timeout has been reached
  • Get CyHy dashboard up and running again
  • Set up MongoDB replication

Longer-term things we don't want to forget about

  • Add memory and disk usage monitoring and alerting
  • Set up standby instances for CyHy in case we need to move to a different AWS availability zone
  • Create a mechanism to watch for scans that have been in RUNNING status for "too long" and alert us
Clone this wiki locally