Security Considerations
Overview
NetoFuse has API access to Netography Fusion to upload context labels and to the 3rd party product modules you are using to retrieve asset information. A threat actor that gains access to the system you deploy NetoFuse on in your environment could read these credentials, modify the NetoFuse code, or access these APIs directly. Therefore, it is important to implement the security concept of least privilege to reduce the risk of unauthorized access to this system.
Best Practices
Here are recommended best practices to use in deploying netofuse in production environments:
- Use the NetoFuse container for deployment, as this is built on the Google distroless container image that significantly reduces the attack surface as compared to a default Linux distribution.
- If you choose to deploy NetoFuse as a Python package, deploy it on a dedicated system that adheres to your organization's security policies and is updated hardened, and all external services that are not strictly required are disabled (eg, no open ports or services except SSH). Limit network access to the system to authorized administrators only. Exercise general security best practices in operating a limited-use system of this type.
- Configure API keys for 3rd party modules with the least privilege needed to access the resources needed for the integration.
- Store API credentials in an external vault or secrets management system and pass credentials in at run-time rather than store the credentials locally. Choose the most secure credential storage approach for your environment.
- Regularly expire and rotate credentials being used.
- Enabling custom transforms loads arbitrary Python code you have defined in that file. This is disabled by default, can not be turned on from a configuration file, and requires using the command line option
--allow-custom-transforms
to turn on. Only enable this if you maintain strict control over that file and are thoroughly aware of the contents of the code.
Updated 9 months ago