If GCP has some logs (like the CloudTrail equiv) that could also shed some light
Hi ...m trying to install security-monkey on aws instance & added aws account , but its now showing any data on dashbaord
@here Anyone have documentation to install security monkey on kubernetes ?
Hi @mikegrima How can make API calls to security monkey?.
You need to follow the login path to get an api token
and add the auth data headers in the request
It's one of the reasons why we're deprecating it
Is there a way to get when an account was last scanned? Would like to set up some monitoring on this.
Your best bet would be parsing the log files, but outside of that there's no feature for getting when an account was last scanned. It would be much easier to just parse your own cloudtrail logs to find when the role was last used in that account
If you're looking to ensure it runs every X hours for an account, write a lambda that checks your cloudtrail logs to see if the role was used in that account. Trigger it via a CW Rule every X hours
Thanks @zpritcha ! Will see what I can do with cloudtrail :)
@mikegrima I have configured SES for security Monkey , But not receiving any emails
sorry @pacebaotwt_twitter …. you are trying to extract metrics like displayed on the dashboard?
@mikegrima answered this above not long ago (re using API): "It's painful You need to follow the login path to get an api token and add the auth data headers in the request It's one of the reasons why we're deprecating it"
/all As an FYI, I am planning on adding a major note to the main readme for Security Monkey mentioning that it is deprecated and that you should not be using it for production purposes.
Primary reasons for this:
2020 Python 2 deprecation - Migrating to Python 3 is too much work and not worth the effort
SM just doesn't scale in large environments
Efforts like AWS Config are solving our major use cases around the initial solution that we were seeking to solve with Security Monkey
The SM UI code is written in Dart 1.0 and migrating to React or something more modern is A LOT of work
We want CloudTrail context, and the ability to drive more event driven use cases. Having a loosely coupled system will scale better vs the SM monolith and enable use cases that Security Monkey itself could not effectively handle
While I understand that AWS Config only addresses AWS, Netflix (the main maintainer of SM) is primarily an AWS shop, and we are going to dedicate our resources to that. I would highly encourage you to reach out to your TAMs and other representatives of other cloud providers to develop an AWS Config type of solution for the respective cloud.
yeah it shouldn't be so hard to getting of tech scores by script tho
would be really appreciated if someone can help me out
@pacebaotwt_twitter , as @mstair mentioned, this would be best accomplished via a custom alerter. From there, you would have full access to the database and be able to fetch and retrieve any data you need.
To be honest though... the security verification checks and scores are very much broken
I'd be suprised if they are that useful
Anyone having issues were justified issues come back?
I had that one before and now they are back
Enter security monkey after a while and lots of justified issues now are unjustified again
This has happened before -- the issues system is broken