/* ---- Google Analytics Code Below */

Thursday, July 16, 2020

Google's Tsunami for Network Security Scanning

Here is a new and somewhat unexpected thing I was just introduced to by TWIT.    See their generalized writeup below.    Note still in pre-alpha form, but would seem to be a very useful thing to be aware of and if appropriate, use.   Plan is to extend this via the community.   Technical.   Public release announcement. 

Tsunami
https://github.com/google/tsunami-security-scanner

About
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

Tsunami
To learn more about Tsunami, visit our documentation.   https://github.com/google/tsunami-security-scanner/blob/master/docs/index.md  
Tsunami relies heavily on its plugin system to provide basic scanning capabilities. All publicly available Tsunami plugins are hosted in a separate google/tsunami-security-scanner-plugins repository.

Current Status
Currently Tsunami is in 'pre-alpha' release for developer preview.
Tsunami project is currently under active development. Do expect major API changes in the future.

For TWIT's very useful not too technical write up on this see:
https://www.grc.com/sn/SN-775-Notes.pdf      Page 12 ... 

 ... Supports small manually curated set of vulnerabilities
● Detects high severity, RCE-like vulnerabilities, which often actively exploited in the wild
● Generates scan results with high confidence and minimal false-positive rate.
● Detectors are easy to implement.

● Is easy to scale, executes fast and scans non-intrusively. .... '



No comments: