Introducing Costa Scanner
In the last Friday, April 21th, a OWASP Latam Tour event begun in San José, Costa Rica, where I had the pleasure to speak. That was my first keynote and I've talked about security automation. The slides are available here.
In that talk I introduced Costa Scanner, an open source security scanner that you can use from Day 0 in your company to chain together:
- Network Asset Discovery (discover active servers given network ranges)
- Security Scans (using one or many tools - but includes only Nmap so far)
- Reporting (by email, webhook or save to a file)
It's of course embryonic, but you're always welcome to contribute instead of expecting that someone else will do it.
In regard to Costa Rica, I really like it. The conference was full and many people were interested in security. The city itself is very similar to São Paulo (Brazil), but less crowded. Same temperature, same price and people are also mixed in terms of their origins. Michael Hidalgo (chapter leader) offered the best possible hospitality. I'm very thankful. It would be nice to return someday :)