A legacy SVN server is found to be exposed on the internet Review of the source code identifies a number of secrets:
- Usernames and passwords of production DBs and Servers
- AWS key Upon review, the AWS key is active and has root privileges
Objective: Understand and contain issue(s) without any pushes to production
- You can use any technology you want (ideally ones you have experience with) and any Group Security team size
- Describe what you would do and how you would act (ideally in diagram format)
- Who would you talk to?
- What actions would you take to contain and remediate the issue(s)?
Resources and Technologies available:
- Techops, Webops, and Dev teams
- Slack, Jira, Confluence, ELK, Grafana, Nagios, Akamai, AWS, Cisco Firewalls, Landeks, and DarkTrace
Back to all challenges