The Justice Engine plugin blog

The Justice Engine plugin blog

The Justice Engine is a plugin that we’ve developed for Security Monkey that acts as Judge and Jury of resources. It begins by calculating the risk any given cloud resource poses to our company. This risk is calculated based on the resource’s configuration over time. Configurations such as having a resource accessible to the whole Internet are weighed heavily by the Justice Engine and are more likely to be flagged to be removed.

Open Source Developments at SendGrid: The Justice Engine

Tell Hause August 16, 2018 • 3 min read

Note: This post comes from SendGrid’s Security Team. For more technical posts like this, check out our technical blogroll.

As described within SendGrid Security teams’ last post, we are using a tool we call Krampus to help us mitigate potential risk within our cloud infrastructure. Our aim within this post is to explain and share how we leverage that tool to make our lives easier. In our initial post on our team’s approach to cloud security, we mentioned the following:

“Our ability to enable the business to quickly execute on our cloud security strategy relied on us being able to stand on the shoulders of giants. For example, we have opted to run a modified version of Netflix’s Security Monkey project in order to identify resources with security issues.”

And one might very well ask “What kind of modifications did you make?”

The answer to that…we call the Justice Engine.

What is this Justice Engine that you speak of?

The Justice Engine is a plugin that we’ve developed for Security Monkey that acts as a Judge and Jury of resources. It begins by calculating the risk any given cloud resource poses to our company. This risk is calculated based on the resource’s configuration over time. Configurations such as having a resource accessible to the whole Internet are weighed heavily by the Justice Engine and are more likely to be flagged to be removed.

Once the resources’ score has been calculated, the Justice Engine continues by formatting the results into a standard that Krampus can action, and finishes by warning the various resource owners of the planned action.

This Post Has 15 Comments

  1. Anonymous

    Im thankful for the blog.Really thank you! Keep writing.

  2. review

    Appreciate you sharing, great blog.Much thanks again. Keep writing.

  3. ryan international school amritsar vacancy

    Very good article post.Really looking forward to read more. Fantastic.

  4. you could look here

    I loved your blog post.Much thanks again. Keep writing.

  5. see this

    Thanks for sharing, this is a fantastic blog post.Really thank you! Cool.

  6. Anonymous

    Im thankful for the blog.Much thanks again.

  7. Anonymous

    I cannot thank you enough for the article.Much thanks again. Cool.

  8. Fun

    Hey, thanks for the blog post.Much thanks again. Much obliged.

  9. 파워볼사이트

    Major thanks for the article.Really looking forward to read more. Great.

  10. look at here

    Wow, great blog article.Really thank you! Want more.

  11. Betmatik

    Appreciate you sharing, great blog. Really Great.

  12. Yacht Rental Miami

    I am so grateful for your article post.Really thank you! Awesome.

  13. Yacht Rental Miami

    Major thanks for the article post.Much thanks again. Want more.

Leave a Reply