Managing A Secure Infrastructure – Tales From the Trenches November 6, 2003.

Slides:

Advertisements

Similar presentations

Presented by Nikita Shah 5th IT ( )

Advertisements

ETHICAL HACKING A LICENCE TO HACK

Georgia State University 2003 A Ten Step Approach to Developing an Information Security Program Bill Paraska Director of University Computing.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

 Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.

Department Of Computer Engineering

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

EDUCAUSE Security 2006 Internet John Brown University.

Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

Network Security in a Business Setting By: Brian Haumschild.

Program Objective Security Basics

SEC835 Database and Web application security Information Security Architecture.

 Southwest Florida Local Managed Services Company  Technicians throughout Florida, North Carolina, and New York  Knowledgeable Core Team  Certified.

10 Tips for keeping MCL safe 1. Set up your defenses. Do you have adequate firewalls and antivirus software to protect you from hackers who could steal.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

Life in a Dangerous World: Developing effective strategies against Virus, Worms and Other Threats Marshall Breeding Vanderbilt University

Lessons Learned in Smart Grid Cyber Security

BUSINESS B1 Information Security.

Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.

Web Site Content Protection Solution. Protecting Web Site Content with.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

Event Management & ITIL V3

Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,

1 CHAPTER 2 LAWS OF SECURITY. 2 What Are the Laws of Security Client side security doesn’t work Client side security doesn’t work You can’t exchange encryption.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Survival by Defense- Enabling Partha Pal, Franklin Webber, Richard Schantz BBN Technologies LLC Proceedings of the Foundations of Intrusion Tolerant Systems(2003)

Denial of Service (DoS) Attacks: A Nightmare for eCommerce Jearanai Muangsuwan Strayer University.

12 Steps to Cloud Security A guide to securing your Cloud Deployment Vishnu Vettrivel Principal Engineering Lead,

Knowing What You Missed Forensic Techniques for Investigating Network Traffic.

Wireless Intrusion Prevention System

Scott Teeters, Jr. MicroSolved, Inc. in partnership with Sogeti USA How to Fail A Penetration Test Concepts in Securing a Network.

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.

IT Security Policy: Case Study March 2008 Copyright , All Rights Reserved.

Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.

Intrusion Detection Systems Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.

Proposed UW Minimum Computer Security Standards From C&C 28 Jan 2005 Draft.

Role Of Network IDS in Network Perimeter Defense.

Intro to Network Security. Vocabulary Vulnerability Weakness that can be compromised Threat A method to exploit a vulnerability Attack Use of one or more.

ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.

The internet is a place of both useful and bad information. It has both good and bad side- and it’s all too easy for kids to stray into it. And no parents/guardian.

BizSmart Lunch & Learn Webinar Information Security and Protecting your business With the increased risk of some sort of cyber- attack over the past few.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Some Great Open Source Intrusion Detection Systems (IDSs)

Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.

CYBERSECURITY SOLUTIONS

Building A Security Program From The Ground Up

Security in the Workplace: Information Assurance

Outline Introduction Characteristics of intrusion detection systems

Assuring Your Web Application Security

Introduction to Networking

Call AVG Antivirus Support | Fix Your PC

National Cyber Security

Security Essentials for Small Businesses

Network Security Best Practices

TRIP WIRE INTRUSION DETECTION SYSYTEM Presented by.

Network hardening Chapter 14.

6. Application Software Security

Access Control and Site Security

Presentation transcript:

Managing A Secure Infrastructure – Tales From the Trenches November 6, 2003

About the Speaker Steve Manzuik – Director, Security- Sensei.Com Founder / Moderator of Vulnwatch.Org Founder of Win2KSecAdvice mailing list Member of nmrc.Org Co-Author of Hack Proofing Your Network Participant – Open Web Application Security Project (OWASP.org) Participant – Open Source Vulnerability Database (OSVDB.org)

Outline Security today Failures in Security Succeed in Security

Security Today Vulnerabilities will always exist Typical organizations have made large investments in network and security infrastructure Incidents still occur at high rates Past investments do not support the business need Security warnings to upper management are seen as the new Y2K hype. It is time for organizations to stop buying the latest security toy and actually secure their networks.

You Have Been Lied To! All the Firewalls and Intrusion Detection devices in the world will not protect you. Most organizations do not have a firm grasp of their entire infrastructure. Aggressive Firewall configurations prohibit business and prohibit productivity. Network Intrusion Detection has limited value in most organizations. Security is not a magic black box or application. Security is NOT a black art.

Failures in Security Firewalls Intrusion Detection Wall of Shame

Expensive Logging Devices: Firewalls “But we have a firewall, we are completely protected…….” “We have invested in world class firewall technologies… …we are secure.” “Why would we want to block people from getting out?” “A hacker would have to break into our firewall in order to gain access….” “You mean you have to patch a firewall?”

Expensive & Confusing Logging Devices IDS “Well our IDS didn’t see anything wrong…” “There were just too many alerts so I turned it off….” “I didn’t understand what SHELLCODE x86 NOOP was so I ignored it….” “ISS told us that it wasn’t possible….” “What do you mean I can’t monitor this switch…” “No one watches the console on weekends and holidays…..”

Other Examples Wall of Shame “Passwords just made implementing the technology to difficult for our users…” “What exactly do you mean by audit process?” “We spent 2 million dollars on firewalls and other security solutions and 2 thousand dollars on testing those systems….” “We don’t exactly have a security department but Joe in the server group is a hacker so I am sure he is taking care of us….” “But our vendor hasn’t told us anything about….” “But that is a localhost issue…..”

What does this all mean? A proper security posture combines people, process and technology. Most organizations rely on technology leaving their security posture weak and vulnerable.

Success in Security “The greatest security infrastructures are the ones that satisfy the most business needs while allowing for uninhibited network communications between employees, business partners, vendors, and customers.”

Success in Security Do not let vendors use your fear, uncertainty and doubt against you. It is a lot of work but when approached in a logical and calm fashion Information Security can be improved. Never think you are completely secure.

Succeed in Security: Awareness All the security in the world can be trumped by the double click of an attachment. If your users are not aware – they are your greatest threat. If your Administrators are not educated – they are unarmed and unable to be proactive.

Succeed in Security: Know Your Assets If you don’t know what you have or what it does – how do you plan on protecting it? If you don’t know your business how will you enable it? Data and system classification is essential. Large organizations must approach security based on risk.

Succeed in Security: Host Security Secure baseline configurations – the technical starting point of a truly secure infrastructure. Thwarting the attacker by leveraging technology you already have. Helps improve desktop & server support processes and actually reduces long term support costs.

Succeed in Security: Monitoring Logical combinations of network and host based monitoring can be valuable. Log management is valuable. Technical education is far more valuable than the technology itself. Do the right people know when a device is added to the network? What about removed?

Succeed in Security: Validation Penetration Testing over Vulnerability Assessment. Intrusion Detection Validation and tuning is essential. Firewall rule and configuration validation is essential. Don’t forget about phones, and wireless devices.

Succeed in Security: Other Tips Explicit trust is a dangerous game. Users are not malicious for the most part but must be protected against themselves. Don’t overlook threats. Don’t overlook social engineering threats.

Succeed in Security: Other Tips Build a trusted relationship with a security consulting organization that is vendor neutral. Observe what other organizations in similar industries and of similar size are doing.

Closing Questions? Steve Manzuik