notes/README.md

## Infrastructure

### libvirt
1. [Terraform libvirt](https://github.com/bodsch/terraform-libvirt)

### OpenStack

1. [Upload Debian image to Glance](https://cloud.debian.org/images/cloud/)
2. [OpenStack `zed` venison Nova
   end-user docs](https://docs.openstack.org//nova/zed/doc-nova.pdf)


### Testing

-   [serverspec.org](https://serverspec.org/tutorial.html): Ruby based
    simple, infrastructure testing. Please see [here](./sandbox/serverspec/getting-started) for a simple example.

-   [testinfra](https://testinfra.readthedocs.io/en/latest/): python-based
    infrastructure testing

## DevSecOps

1. (DevSec Hardening Framework](https://dev-sec.io/): Automatic Server
   hardening
2. [Chef Inspec](https://community.chef.io/tools/chef-inspec)(Apacha 2.0 and proprietary): Infrastructure-as-Code to auto-configure VMs and apps running in it to meet compliance.

    The binary installation(the one you get when you follow installation
    instructions) requires accepting EULA, so essentially proprietary? Please see [here](https://github.com/inspec/inspec/issues/5109) for
    the issue discussing the EULA and [here](https://saf.mitre.org/#/faq#5) for building Apache 2.0
    compliant binary.

    Also, there's the [CINC is not CHef (CINC)](https://cinc.sh/)
    project that distributes fully FOSS([Apache2.0 and free of EULAs](https://cinc.sh/goals/)) Chef software.

3. [MITRE Security Automation Framework
   (SAF)](https://saf.mitre.org/#/): framework of tools, techniques,
   libraries developed by MITRE and security community
4. [MITRE 2020 DevSecOps Best Practices
   Guide](https://saf.mitre.org/DevSecOps_Best_Practices_Guide_01262020.pdf)

## Linux

### Security

1. [Hardening Guide](https://github.com/trimstray/the-practical-linux-hardening-guide)

## K8s

1. [NSA K8s Hardening Guide](https://media.defense.gov/2022/Aug/29/2003066362/-1/-1/0/CTR_KUBERNETES_HARDENING_GUIDANCE_1.2_20220829.PDF))))

## Programming

1. [CWE 2022: Top 25 Most Dangerous Software
   Weakness](https://cwe.mitre.org/top25/archive/2022/2022_cwe_top25.html)

## Notes

### Chef
feat: testinfra demo and librepages blog basic testing 2022-10-07 22:28:59 +05:30			`## Infrastructure`

feat: ubuntu terraform libvirt example 2022-10-24 10:54:04 +05:30			`### libvirt`
			`1. [Terraform libvirt](https://github.com/bodsch/terraform-libvirt)`

feat: add openstack resources: howto add debian img to glance and nova docs 2022-10-11 09:10:42 +05:30			`### OpenStack`

			`1. [Upload Debian image to Glance](https://cloud.debian.org/images/cloud/)`
			2. [OpenStack `zed` venison Nova
			`end-user docs](https://docs.openstack.org//nova/zed/doc-nova.pdf)`



feat: ubuntu terraform libvirt example 2022-10-24 10:54:04 +05:30
feat: testinfra demo and librepages blog basic testing 2022-10-07 22:28:59 +05:30			`### Testing`

			`- [serverspec.org](https://serverspec.org/tutorial.html): Ruby based`
			`simple, infrastructure testing. Please see [here](./sandbox/serverspec/getting-started) for a simple example.`

			`- [testinfra](https://testinfra.readthedocs.io/en/latest/): python-based`
			`infrastructure testing`

feat: list linux, k8s and general hardening guides 2022-10-06 15:58:47 +05:30			`## DevSecOps`

			`1. (DevSec Hardening Framework](https://dev-sec.io/): Automatic Server`
			`hardening`
feat: chef isn't FOSS but there's a FOSS distribution for it + devsecops best practices guide 2022-10-06 16:47:15 +05:30			`2. [Chef Inspec](https://community.chef.io/tools/chef-inspec)(Apacha 2.0 and proprietary): Infrastructure-as-Code to auto-configure VMs and apps running in it to meet compliance.`

			`The binary installation(the one you get when you follow installation`
			`instructions) requires accepting EULA, so essentially proprietary? Please see [here](https://github.com/inspec/inspec/issues/5109) for`
			`the issue discussing the EULA and [here](https://saf.mitre.org/#/faq#5) for building Apache 2.0`
			`compliant binary.`

			`Also, there's the [CINC is not CHef (CINC)](https://cinc.sh/)`
			`project that distributes fully FOSS([Apache2.0 and free of EULAs](https://cinc.sh/goals/)) Chef software.`

			`3. [MITRE Security Automation Framework`
			`(SAF)](https://saf.mitre.org/#/): framework of tools, techniques,`
			`libraries developed by MITRE and security community`
			`4. [MITRE 2020 DevSecOps Best Practices`
			`Guide](https://saf.mitre.org/DevSecOps_Best_Practices_Guide_01262020.pdf)`
feat: list linux, k8s and general hardening guides 2022-10-06 15:58:47 +05:30
			`## Linux`

			`### Security`

			`1. [Hardening Guide](https://github.com/trimstray/the-practical-linux-hardening-guide)`

			`## K8s`

			`1. [NSA K8s Hardening Guide](https://media.defense.gov/2022/Aug/29/2003066362/-1/-1/0/CTR_KUBERNETES_HARDENING_GUIDANCE_1.2_20220829.PDF))))`
feat: chef isn't FOSS but there's a FOSS distribution for it + devsecops best practices guide 2022-10-06 16:47:15 +05:30
feat: add top 25 most dangerous weaknesses 2022-10-06 16:58:12 +05:30			`## Programming`

			`1. [CWE 2022: Top 25 Most Dangerous Software`
			`Weakness](https://cwe.mitre.org/top25/archive/2022/2022_cwe_top25.html)`

feat: chef isn't FOSS but there's a FOSS distribution for it + devsecops best practices guide 2022-10-06 16:47:15 +05:30			`## Notes`

			`### Chef`