One Safe Scan -> A single place for all scans.
One Safe Scan tool offers a unified solution for performing various kinds of security scanning. Users can upload an artefact to scan and get instant results and logs. Based on user requirements, this solution employs Docker technology to create a scalable and flexible design. Jenkins is being used as the user interface to follow the global standard. The idea is to use separate EC2 instances for different scanners (Malware Scan, Open-Source Scan, Penetration Testing Scans, etc.) to make the tool robust and readily scalable. This also ensures that the platform is more secure and isolated from the scanners, reducing the possibility of security breaches. The EC2 instances can be simply scaled up and down in response to demand. Jenkins and the EC2 instances will be managed using Docker Swarm as an orchestration tool. This initiative ensures the organisation’s data is safe and secure.
Name: Average Standard
Student number: nnnnnnnn
• Basic login/logout implementation.
• Multiple Scanners: - Several open-source tools are built into the system to check files for malware and other security risks. By using numerous scanners, the system can improve the accuracy and dependability of the results of its scanning.
• Jenkins UI: - Standard user interface to manage and monitor the scanning process and the logs.
• Docker-based Architecture: - The system is developed using Docker architecture. This allows for easy management of the containers and adding new scanners easily.
• Threat Detection Notifications: The system notifies the users when a security threat is detected via email.
• Jenkins UI: A user interface (UI) powered by Jenkins that enables users to initiate a scan of an artefact and view logs.
• EC2 instances: A collection of EC2 instances which host the Jenkins UI as well as Docker containers that perform the scanning process.
• Scan results: A mechanism for reporting the scanning process’s results, showing whether or not the file is infected.
• Support for More File Types: Support for additional file types, such as executable files, compressed files, and encrypted files.
• Advanced Reporting and Notifications: advanced reporting and notification features that provide comprehensive scan results, including malware type and severity, as well as email notifications.
Scalability: The system is scalable since it uses the docker swarm tool. This allows it to handle a large volume of scanning jobs.
Accuracy: The accuracy of the system is crucial as it determines the reliability of the scanning results. Using more scanners helps in improving the accuracy of the scans.
Performance: High performance is important for the system to handle a large volume of scanning jobs, and this is taken care of by adding more instances and containers to handle the increase in demand for the scans.
Security: The system’s security is essential because it can identify brand-new and unidentified security risks.
A combination of manual and automated testing techniques can be used to determine whether the above project has achieved the desired attributes.
Scalability: The system’s effectiveness can be evaluated by how well it responds to the rising demand for scans on large files.
Accuracy: To check that each scanner is operating as intended, functional testing can be done on individual scanner instances to check the system’s accuracy and efficiency.
Performance: We can monitor the system’s response time, the number of files scanned per minute, and the time it takes to scan a file to assess the system’s performance.
Security: Using automated tools, we can conduct penetration testing to assess the system’s security.
Vague overview of functionality. What type/class of scanners can the system use? Vague MVP, needs more detail and a more concrete overview of the MVP. Interoperability is an important attribute for this system, integration with Jenkins, scanning the different artifacts. Basic evaluation plan, needs more detail. How much load are you expecting? Define what separates an inaccurate from an accurate scan etc…