https://github.com/egida-kassandra/egida

Automatically deploying highly secure infraestructures with early error detection
https://github.com/egida-kassandra/egida

ansible ansible-playbook ansible-role automation cis cis-benchmark dsl egida harden hardening network-security security

Last synced: 14 days ago
JSON representation

Automatically deploying highly secure infraestructures with early error detection

• Host: GitHub
• URL: https://github.com/egida-kassandra/egida
• Owner: Egida-Kassandra
• License: apache-2.0
• Created: 2020-05-24T14:12:13.000Z (over 4 years ago)
• Default Branch: master
• Last Pushed: 2024-03-13T22:48:35.000Z (8 months ago)
• Last Synced: 2024-10-13T07:40:59.537Z (about 1 month ago)
• Topics: ansible, ansible-playbook, ansible-role, automation, cis, cis-benchmark, dsl, egida, harden, hardening, network-security, security
• Language: Java
• Homepage: https://egida-kassandra.github.io/egida/
• Size: 87.9 MB
• Stars: 10
• Watchers: 1
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Egida

[![GitHub license](https://img.shields.io/badge/license-Apache-blue?style=for-the-badge)](https://github.com/egida-kassandra/egida/blob/master/LICENSE)






  

    

  


  


    


    Explore the docs »

    


  



---

## Overview

The Egida project is a server orchestration system that allows to perform and deploy security configurations 

(custom control lists) over a machine infrastructure. These security configurations can shield and protect those 

servers by implementing the desired security measures depending on the server profile. Controls are sourced from the 

[CIS Benchmarks](https://www.cisecurity.org/cis-benchmarks/), and we also need to obtain system information about each 

of the deployed servers to ensure proper deployment.

To achieve that, Egida is built using a microservices-based architecture composed of the following three modules:

- **egida**: This is the main module, in charge of providing the communication interfaces with the user, as well as the 

         process of the specific domain language called Aspida. Using this module, the user can define 

         the different profiles to work with and the actions to be performed.

         

- **egida-roles**: This module contains the definition of the Ansible roles that contains the actions corresponding to 

        the security controls that are defined for each profile that a machine may have assigned. These actions can be 

        either hardening operations (CIS Benchmarks) or setup actions to prepare that machine so it can be 

        used correctly by Egida.

        

- **egida-api**: The functionality of this module is to provide information of each machine to be used by Egida. 

        This information can be varied: the services that are currently running, the operating system version or the 

        score obtained with the [Lynis](https://cisofy.com/lynis/) tool… any kind of information that we determine it is 

        interesting to better deploy any security control. 

![Egida Network](img/esquema.png)

## License

Distributed under the Apache 2.0 License. See `LICENSE` for more information.

## Contact

Authors:

* [Antonio Payá González](https://antoniopg.tk)

* [Alba Cotarelo Tuñón](https://antoniopg.tk)

* [Jose Manuel Redondo Lopez](http://orcid.org/0000-0002-0939-0186)

Project Link: [https://github.com/egida-kassandra/egida](https://github.com/egida-kassandra/egida)