Presentation on theme: "OWASP Mantra-OS Because the world is cruel. About Me Attended United Stated Air Force Institute of Technology Defense Acquisition University Platform."— Presentation transcript:
OWASP Mantra-OS Because the world is cruel
About Me Attended United Stated Air Force Institute of Technology Defense Acquisition University Platform Security Engineer at
What is Mantra-OS? Mantra-OS is a virtualized attack platform designed around Mantra Security toolkit and OWASP WTE repository.
What was Mantra-OS developed for? SCAP testing and professional pen-testing environment optimized for virtual environments. Such as vSphere, XenDesketop, OpenStack, oVirt. Installation media iso and deployable ovf/ova.
Mantra-OS & HyTrust Mantra-OS was implemented into HyTrust QA cycle It is used for SCAP testing and Vulnerability verification testing. Is deployed through vCenter.
Mantra-OS Virtualization and Security Kernel GrSecurity Kernel patch and OpenVZ Kernel patch. Ganeti for Virtual Cluster KVM implementation as secondary layer of virtualization.
Mantra-OS Containers and Sandboxing OpenVZ is used as container controller and lxc with arkose d-bus hook to sandbox desktop. Libvirtd is used as a job handler for virtualization with glib hook.
Mantra-OS Virtual Core
Mantra-OS Enhanced Security IDS protection with suricata Artillery and honeyd for IPS protection Container based sandboxing AppArmor, SElinux