[Platformone] [EXT] Re: IATT Way Ahead

Wed Dec 18 16:17:29 UTC 2019

All, here are the notes I captured from this morning’s meeting with Nic:

•             Is Twistlock in runtime in Prod-B (and what about current Prod)?  If not, then it needs to be.  (recommend for RH P1 Team)

•             AWS Account Hardening — CloudWatch, CloudTrail, RBAC... (in progress with Adrian’s team)

•             DCAR S3 Bucket — Validate Proxy in place and no direct external access (recommend for Taylor’s DSOP Team)

•             Need Encryption on open Ports (recommend for RH P1 Team to look into)

•             Need better diagram showing both internal and external ports/protocols right on the diagram (no IPs or become Classified Document) with encryption, and what’s internal/external to AWS account, VPC, inside/outside cluster, what’s public facing and what’s not, application; for IATT focus on what’s outside the cluster—what goes in/out of cluster boundary and identify/define what goes in/out (which team will take lead?)

•             Action Item: Taylor send DSOP scans of apps to Nic, focus on the delta (the findings not covered by UBI)

•             Need to share with Nic the findings on facility scan from CYBERCOM/Darkwolf:  (Cybersecurity Team taking lead?)

                - 1. Wi-fi: WPA2, needs to be WPA3

                - 2. Facility Badging system has known vulnerabilities

                - 3. Third thing?

Mark/Kevin, please add the RH P1 and DSOP teams actions above to our GitLab Backlog.

--v/r, Roc

From: Lastrilla, Jet <jlastrilla at mitre.org> 
Sent: Wednesday, December 18, 2019 9:33 AM
To: Kevin O'Donnell <kodonnel at redhat.com>; platformONE at redhat.com; DIROCCO, ROGER E GG-13 USAF AFMC ESC/AFLCMC/HNCP <roger.dirocco.4 at us.af.mil>
Cc: TRAMBLE, ELIJAH Q Capt USAF AFMC AFLCMC/HNC <elijah.tramble.1 at us.af.mil>; BRYAN, AUSTEN R Capt USAF AFMC AFLCMC/HNCP <austen.bryan.1 at us.af.mil>; Tim Gast <tg at braingu.com>; Feiglstok, Colleen M [US] (MS) <Colleen.Feiglstok at ngc.com>; RAMIREZ, JOSE A CTR USAF AFMC AFLCMC/HNCP <jose.ramirez.50.ctr at us.af.mil>; LOPEZDEURALDE, RICHARD A Lt Col USAF AFMC AFLCMC/HNCP <richard.lopezdeuralde at us.af.mil>; Bubb, Mike <mbubb at mitre.org>; REINHARDT, MELISSA A GG-13 USAF AFMC AFLCMC/HNCP <melissa.reinhardt.2 at us.af.mil>; Leonard, Michael C. <leonardm at mitre.org>; tj.zimmerman at braingu.com; Blade, Eric D [US] (MS) <Eric.Blade at ngc.com>
Subject: [Non-DoD Source] RE: [EXT] Re: IATT Way Ahead

+Roc

My bad.. moving too fast.

From: Lastrilla, Jet 
Sent: Wednesday, December 18, 2019 9:32 AM
To: Kevin O'Donnell <kodonnel at redhat.com <mailto:kodonnel at redhat.com> >; platformONE at redhat.com <mailto:platformONE at redhat.com> 
Cc: TRAMBLE, ELIJAH Q Capt USAF AFMC AFLCMC/HNC <elijah.tramble.1 at us.af.mil <mailto:elijah.tramble.1 at us.af.mil> >; BRYAN, AUSTEN R Capt USAF AFMC AFLCMC/HNCP <austen.bryan.1 at us.af.mil <mailto:austen.bryan.1 at us.af.mil> >; Tim Gast <tg at braingu.com <mailto:tg at braingu.com> >; Feiglstok, Colleen M [US] (MS) <Colleen.Feiglstok at ngc.com <mailto:Colleen.Feiglstok at ngc.com> >; RAMIREZ, JOSE A CTR USAF AFMC AFLCMC/HNCP <jose.ramirez.50.ctr at us.af.mil <mailto:jose.ramirez.50.ctr at us.af.mil> >; LOPEZDEURALDE, RICHARD A Lt Col USAF AFMC AFLCMC/HNCP <richard.lopezdeuralde at us.af.mil <mailto:richard.lopezdeuralde at us.af.mil> >; Bubb, Mike <mbubb at mitre.org <mailto:mbubb at mitre.org> >; REINHARDT, MELISSA A GG-13 USAF AFMC AFLCMC/HNCP <melissa.reinhardt.2 at us.af.mil <mailto:melissa.reinhardt.2 at us.af.mil> >; Leonard, Michael C. <leonardm at mitre.org <mailto:leonardm at mitre.org> >; tj.zimmerman at braingu.com <mailto:tj.zimmerman at braingu.com> ; Blade, Eric D [US] (MS) <Eric.Blade at ngc.com <mailto:Eric.Blade at ngc.com> >
Subject: RE: [EXT] Re: IATT Way Ahead

+Colleen and Eric…

Colleen, lets coordinate on getting environment scans for UP Prod and UP-ProdB accordingly.  

R/Jet

619-508-5888

From: Kevin O'Donnell <kodonnel at redhat.com <mailto:kodonnel at redhat.com> > 
Sent: Wednesday, December 18, 2019 9:21 AM
To: Lastrilla, Jet <jlastrilla at mitre.org <mailto:jlastrilla at mitre.org> >; platformONE at redhat.com <mailto:platformONE at redhat.com> 
Cc: TRAMBLE, ELIJAH Q Capt USAF AFMC AFLCMC/HNC <elijah.tramble.1 at us.af.mil <mailto:elijah.tramble.1 at us.af.mil> >; BRYAN, AUSTEN R Capt USAF AFMC AFLCMC/HNCP <austen.bryan.1 at us.af.mil <mailto:austen.bryan.1 at us.af.mil> >; Tim Gast <tg at braingu.com <mailto:tg at braingu.com> >; RAMIREZ, JOSE A CTR USAF AFMC AFLCMC/HNCP <jose.ramirez.50.ctr at us.af.mil <mailto:jose.ramirez.50.ctr at us.af.mil> >; LOPEZDEURALDE, RICHARD A Lt Col USAF AFMC AFLCMC/HNCP <richard.lopezdeuralde at us.af.mil <mailto:richard.lopezdeuralde at us.af.mil> >; Bubb, Mike <mbubb at mitre.org <mailto:mbubb at mitre.org> >; REINHARDT, MELISSA A GG-13 USAF AFMC AFLCMC/HNCP <melissa.reinhardt.2 at us.af.mil <mailto:melissa.reinhardt.2 at us.af.mil> >; Leonard, Michael C. <leonardm at mitre.org <mailto:leonardm at mitre.org> >; tj.zimmerman at braingu.com <mailto:tj.zimmerman at braingu.com> 
Subject: [EXT] Re: IATT Way Ahead

+PlatformONE team

KEVIN O'DONNELL 

ARCHITECT MANAGER

 <https://www.redhat.com/> Red Hat Red Hat NA Public Sector Consulting

 <mailto:kodonnell at redhat.com%20M:240-605-4654> kodonnell at redhat.com M: 240-605-4654

 <https://red.ht/sig> 

On Wed, Dec 18, 2019 at 9:02 AM Lastrilla, Jet <jlastrilla at mitre.org <mailto:jlastrilla at mitre.org> > wrote:

+TJ

From: Lastrilla, Jet 
Sent: Wednesday, December 18, 2019 9:01 AM
To: Kevin O'Donnell <kodonnel at redhat.com <mailto:kodonnel at redhat.com> >; TRAMBLE, ELIJAH Q Capt USAF AFMC AFLCMC/HNC <elijah.tramble.1 at us.af.mil <mailto:elijah.tramble.1 at us.af.mil> >; BRYAN, AUSTEN R Capt USAF AFMC AFLCMC/HNCP <austen.bryan.1 at us.af.mil <mailto:austen.bryan.1 at us.af.mil> >; Tim Gast <tg at braingu.com <mailto:tg at braingu.com> >; RAMIREZ, JOSE A CTR USAF AFMC AFLCMC/HNCP <jose.ramirez.50.ctr at us.af.mil <mailto:jose.ramirez.50.ctr at us.af.mil> >
Cc: LOPEZDEURALDE, RICHARD A Lt Col USAF AFMC AFLCMC/HNCP <richard.lopezdeuralde at us.af.mil <mailto:richard.lopezdeuralde at us.af.mil> >; Bubb, Mike <mbubb at mitre.org <mailto:mbubb at mitre.org> >; REINHARDT, MELISSA A GG-13 USAF AFMC AFLCMC/HNCP <melissa.reinhardt.2 at us.af.mil <mailto:melissa.reinhardt.2 at us.af.mil> >; Leonard, Michael C. <leonardm at mitre.org <mailto:leonardm at mitre.org> >
Subject: IATT Way Ahead

All:

Just to re-affirm our way ahead from yesterday afternoon:

In priority order:

1.       Complete deployment of worker nodes on UP-Prod; Coordinate removal of “dev” devices from UP-Prod; Perform complete scan (platform and apps) of UP-Prod.  Complete by COB 18 December.

2.       Complete build out of UP-ProdB; Deploy applications on UP-ProdB; Scan entire environment.  Complete by 19 December 1200 Central time.  This work will be performed by RH and TJ with LIMITED engagement with the app teams.   App team engagement will go through TJ.

Our #1 objective for UP is IATT on 20 December.  We have missed all of our deadlines this week.  We will provide an update to Nic during our regular Friday call.  Let Tim or I know if you have any questions.

R/Jet

Jet Lastrilla, CISSP

MITRE | Systems Security Engineer

San Antonio, TX

210-208-4867

jlastrilla at mitre.org <mailto:jlastrilla at mitre.org> 

Jethro.lastrilla.ctr at us.af.mil <mailto:Jethro.lastrilla.ctr at us.af.mil>  (NIPR)

Jethro.s.lastrilla.ctr at mail.smil.mil <mailto:Jethro.s.lastrilla.ctr at mail.smil.mil>  (SIPR)

Jethro.lastrilla_ctr at af.ic.gov <mailto:Jethro.lastrilla_ctr at af.ic.gov>  (JWICS)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/platformone/attachments/20191218/2c718adc/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5532 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/platformone/attachments/20191218/2c718adc/attachment.p7s>