microdao-daarion

daarion-admin/microdao-daarion

Fork 0

Commit Graph

Author	SHA1	Message	Date
Apple	f6a2007c77	🛡️ security: Implement full container audit and signed images guide - Added security/audit-all-containers.sh: Automated Trivy scan for all 60+ project images - Added security/hardening/signed-images.md: Guide for Docker Content Trust (DCT) - Updated NODE1 with audit script and started background scan - Results will be saved to /opt/microdao-daarion/logs/audits/ Co-authored-by: Cursor Agent <agent@cursor.sh>	2026-01-09 12:16:30 -08:00
Apple	cba2ff47f3	📚 docs(security): Add comprehensive Security chapter ## New Security Documentation Structure /security/ ├── README.md # Security overview & contacts ├── forensics-checklist.md # Incident investigation guide ├── persistence-scan.sh # Quick persistence detector ├── runtime-detector.sh # Mining/suspicious process detector └── hardening/ ├── docker.md # Docker security baseline ├── kubernetes.md # K8s policies (future reference) └── cloud.md # Hetzner-specific hardening ## Key Components ### Forensics Checklist - Process analysis commands - Persistence mechanism detection - Network connection analysis - File system inspection - Authentication audit - Decision matrix for threat response ### Scripts - persistence-scan.sh: Cron, systemd, executables, SSH keys - runtime-detector.sh: Mining process detection with --kill option ### Hardening Guides - Docker: Secure compose template, Dockerfile best practices - Kubernetes: NetworkPolicy, PodSecurityStandard, Falco rules - Cloud: Egress firewall, SSH hardening, fail2ban, monitoring ## Post-Incident Documentation Based on lessons learned from Incidents #1 and #2 (Jan 2026) Co-authored-by: Cursor Agent <agent@cursor.sh>	2026-01-09 02:08:13 -08:00

Author

SHA1

Message

Date

Apple

f6a2007c77

🛡️ security: Implement full container audit and signed images guide

- Added security/audit-all-containers.sh: Automated Trivy scan for all 60+ project images
- Added security/hardening/signed-images.md: Guide for Docker Content Trust (DCT)
- Updated NODE1 with audit script and started background scan
- Results will be saved to /opt/microdao-daarion/logs/audits/

Co-authored-by: Cursor Agent <agent@cursor.sh>

2026-01-09 12:16:30 -08:00

Apple

cba2ff47f3

📚 docs(security): Add comprehensive Security chapter

## New Security Documentation Structure

/security/
├── README.md                    # Security overview & contacts
├── forensics-checklist.md       # Incident investigation guide
├── persistence-scan.sh          # Quick persistence detector
├── runtime-detector.sh          # Mining/suspicious process detector
└── hardening/
    ├── docker.md                # Docker security baseline
    ├── kubernetes.md            # K8s policies (future reference)
    └── cloud.md                 # Hetzner-specific hardening

## Key Components

### Forensics Checklist
- Process analysis commands
- Persistence mechanism detection
- Network connection analysis
- File system inspection
- Authentication audit
- Decision matrix for threat response

### Scripts
- persistence-scan.sh: Cron, systemd, executables, SSH keys
- runtime-detector.sh: Mining process detection with --kill option

### Hardening Guides
- Docker: Secure compose template, Dockerfile best practices
- Kubernetes: NetworkPolicy, PodSecurityStandard, Falco rules
- Cloud: Egress firewall, SSH hardening, fail2ban, monitoring

## Post-Incident Documentation
Based on lessons learned from Incidents #1 and #2 (Jan 2026)

Co-authored-by: Cursor Agent <agent@cursor.sh>

2026-01-09 02:08:13 -08:00

2 Commits