fsf is an advanced security scanner farm and batch system. fsf is
shorthand for the Fermi Scanner Farm. The FSF is a re-thinking of how a security
testing batch system should work. It models security tests like BDD tests.
What I did
Complete design and implementation of system, encompassing the entire software development lifecycle
Taught myself several technologies including Ruby, BDD, nginx and Coffeescript
Redesigned existing scanner farm software, replacing antiquated tools and design
Performed rolling upgrades away from existing framework while maintaining uptime of both systems
Provided complete documentation for all system functionality including tutorials on how to administer and develop for the system
The following are key features of fsf
Convention over configuration. The FSF lays down rules. Follow those rules and you will succeed.
Easy to configure. Very little setup is required. Most of the system run’s itself
Single scheduler. No need to add cron jobs for everything
Beautiful, natural language, used to define scan jobs
Multiple jobs per detector
Unit testing of detectors built in to the detector itself
Advanced scheduling ability. Per detector schedules and even multiple schedules per detector
Reusable step definitions. Write it once and use it again and again and again in different detectors
Simple yet powerful underlying batch system
Built-in splunk logging and metrics
Simple, intuitive web UI for control and monitoring
Built-in Nagios support for provided services
Single click ability to start and stop the farm
Support for an arbitrary number of farm nodes. Scale to as many computers as you own.
Support for production, integration, development, and unittest environments
The application is modular in design and extendable, allowing for customization
specific to your site.