Ejovi Nuwere SecurityLab Technologies, Inc. Inside Juki Net Ejovi Nuwere SecurityLab Technologies, Inc.

About Ejovi Nuwere Who Am I My Involvement in Testing My Previous Opinion of Juki

Nagano Test Limitations

Limits on Testing

Constraints Media Time Physical environment

Our Findings Technical findings Windows based vulnerabilities Findings limited to systems we could touch Vulnerabilities found in JUKI application

Dangers Lack of Accountability Multiple Points of Abuse

Multiple Points of Abuse

Our Results Several Critical Flaws Flawed trust relationship Previous test results Good Defenses

Improving Juki Security Accountability Network design and trust relationship Disaster recovery IDS and Firewalls are not the answer Code audit of applications Consider Peer to Peer for local government communications