Envoy: Security Assessment

Created on 4 Jul 2017 · 9Comments · Source: envoyproxy/envoy

If Envoy is being positioned as an edge-capable router, it would be ideal to have some security assessment of the code. Could we engage some volunteer security experts to help build a repeatable process for security review and some CI fuzzing/VA/etc tests?

Ideally this process and tools could be applied to contributed filters as well such we don't end up with 'trusted' (e.g. from core committers) and 'unknown' filter classifications.

aresecurity

Source

msample

Most helpful comment

It's also here: https://github.com/envoyproxy/envoy#security-audit

https://github.com/envoyproxy/envoy/blob/master/docs/SECURITY_AUDIT.pdf

caniszczyk on 8 May 2018

👍2

All 9 comments

Not really sure what I/we can concretely do here, but will leave this open to track. Envoy is already getting attention from security experts at least two "very large companies" (Lyft is not a "very large company"). Presumably if issues are found they will be reported and fixed. If anyone wants to volunteer for something more official let me know.

mattklein123 on 5 Jul 2017

I will tap some of my security friends to see if we can setup some CI tests for fuzzing etc. E.g. with AFL. Thx for keeping this open - hopefully they will comment here.

msample on 5 Jul 2017

Fuzzing is going to be worked on by G at some point. I think @PiotrSikora is going to tackle this. https://github.com/lyft/envoy/issues/508 tracks.

mattklein123 on 5 Jul 2017

👍1

CNCF is going to sponsor something official here. We are also looking into setting up a bug bounty. Assigning over to @caniszczyk.

mattklein123 on 20 Oct 2017

👍1

This has been done. We will make the report available publicly soon.

mattklein123 on 5 Mar 2018

Awesome, I look forward to reading the report. Thank you.

msample on 6 Mar 2018

@mattklein123 - is it this?

https://cure53.de/pentest-report_envoy.pdf