Linux Foundation Launches Red Team Project
Written by Kay Ewbank   
Tuesday, 19 March 2019

The Linux Foundation has launched a new project aimed at incubating open source cybersecurity tools. The Red Team Project's main goal is to make open source software safer to use. 

The aim is to create cybersecurity tools for areas including cyber range automation, containerized pentesting utilities, binary risk quantification, and standards validation and advancement.

The term Red Team originated in the US defense community where it is used by teams that take an alternative view of security situations as though from the point of view of a foreign power. In computer security, the term "red team" has come to mean a team of white-hat hackers who attempt attacks on a company's IT systems to find weaknesses.

rtbanner

According to the Red Team Project's website, the project's goal is to make open source software safer to use:

"Our approach is to use the same tools, techniques, and procedures as our adversaries — but in a constructive way — in order to provide feedback to open source projects that will make those projects more secure."

The Red Team Project grew partially from the Fedora Red Team special interest group which was founded by Jason Callaway to build exploit mapping tools. Callaway has now moved to Google, and will be working on the Red Team as his 20% Project.

Current tooling from the project start with a Linux Exploit Mapper (LEM) that scans a Linux system for local exploits and maps them to known exploit code. When exploits are discovered using the mapper, they are curated, tested for efficacy and ease-of-use using a variant of the STRIDE scoring mechanism. An Ansible role called cyber-range-target is used to deliberately downgrade OS packages to a version vulnerable to a given CVE (Common Vulnerabilities and Exposure) for assessment purposes. The project also provides a Red Container. This offers containerized pentesting tooling, which can be launched from whole OSes or containerized environments like Kubernetes.

The team members would like to broaden the Red Team's impact and build a more vendor neutral community. To do this, the group is keen for more people to join, either attending meetups in person or via Google Hangout.

rtaltsq

 

More Information

Red Team Project

Red Team Meetup Details

Related Articles

IBM To Acquire Red Hat For $34 Billion

Don't Neglect Open Source Security

Cybercrime Security Forum Europe

GitHub Bug Bounty Program Expanded In Scope and Reward

Vulnerability Revealed In GNU C Library

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Banner


AWS Adds Support For Llama2 And Mistral To SageMaker Canvas
12/03/2024

As part of its effort to enable its customers to use generative AI for tasks such as content generation and summarization, Amazon has added these state of the art LLMs to SageMaker Canvas.



Open Source Key To Expansion of IoT & Edge
13/03/2024

According to the 2023 Eclipse IoT & Edge Commercial Adoption Survey Report, last year saw a surge of IoT adoption among commercial organizations across a wide range of industries. Open source [ ... ]


More News

raspberry pi books

 

Comments




or email your comment to: comments@i-programmer.info

Last Updated ( Tuesday, 19 March 2019 )