SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.

Slides:

Advertisements

Similar presentations

Presented by Nikita Shah 5th IT ( )

Advertisements

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.

Lecture 1: Overview modified from slides of Lawrie Brown.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Network Vulnerability Scanning Xiaozhen Xue Dept. of Computer Science Texas Tech University, USA Akbar Siami Namin Dept. of Computer.

Vulnerability Assessment & Penetration Testing By: Michael Lassiter Jr.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Comp 8130 Presentation Security Testing Group Members: U Hui Chen U Ming Chen U Xiaobin Wang.

Vulnerability Assessments

Remedy, a BMC Software company Change Management Maximize Speed and Minimize Risk in the Change Process.

Software Asset Management

Security Assessments FITSP-M Module 5. Security control assessments are not about checklists, simple pass-fail results, or generating paperwork to pass.

Security+ Guide to Network Security Fundamentals, Fourth Edition

VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Introduction to Network Defense

Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.

Information Systems Security Computer System Life Cycle Security.

Security Assessments FITSP-A Module 5

Prepared by: Dinesh Bajracharya Nepal Security and Control.

»Vulnerability Management for the Real World » Successful Approaches » What is Vulnerability Management? » Challenges to Effective VM » The Problem Contents:

EEye Digital Security    On the Frontline of the Threat Landscape: Simple configuration goes a long way.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Automating Enterprise IT Management by Leveraging Security Content Automation Protocol (SCAP) John M. Gilligan May, 2009.

Event Management & ITIL V3

Copyright Security-Assessment.com 2004 Vulnerability Management Explained By Peter Benson.

© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.

Appendix C: Designing an Operations Framework to Manage Security.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

.  Define risk and risk management  Describe the components of risk management  List and describe vulnerability scanning tools  Define penetration.

Wireless Intrusion Prevention System

Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.

Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.

Institutional affiliation Date.  Security is very important as it keeps your secret from other know.  An insecure network exposes a business to various.

Introduction to Information Security

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Retina Network Security Scanner

Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.

Computer Security By Duncan Hall.

Security Snapshot Assessment Maximizing Return on Security Investment What assets do we have? What is running on those assets? What is our risk level?

IT Security CS5493(74293). IT Security Q: Why do you need security? A: To protect assets.

INNOVATE THROUGH MOTIVATION Mobile Computing & Your Business KEVIN KIRKPATRICK – OWNER, MSP INC LOGO.

 Introduction  Tripwire For Servers  Tripwire Manager  Tripwire For Network Devices  Working Of Tripwire  Advantages  Conclusion.

E-Commerce E-Commerce Security?? Instructor: Safaa S.Y. Dalloul E-Business Level Try to be the Best.

(2) Organize information processing centers environment, the various functions and details Information technology audit: An information technology audit,

Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.

GFI LANguard Matt Norris Dave Hone Chris Gould. GFI LANguard: Description Through the performances of the three (3) cornerstones of vulnerability management:

ASHRAY PATEL Protection Mechanisms. Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools.

Welcome Information Security Office Services Available to Counties Security Operations Center Questions.

Information Security in Laurier Grant Li Wilfrid Laurier University.

By: Mark Reed.  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

Computer Science / Risk Management and Risk Assessment Nathan Singleton.

Kevin Watson and Ammar Ammar IT Asset Visibility.

Tripwire Threat Intelligence Integrations. 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only.

Defining your requirements for a successful security (and compliance

Vulnerability Management Programs & The Lessons Learned

Automating Security Frameworks

Security Testing Methods

Putting It All Together

Putting It All Together

Reduce Security Risks to Protect Your Network

CMGT 431 STUDY Lessons in Excellence--cmgt431study.com.

I have many checklists: how do I get started with cyber security?

TRIP WIRE INTRUSION DETECTION SYSYTEM Presented by.

JOINED AT THE HIP: DEVSECOPS AND CLOUD-BASED ASSETS

IS4680 Security Auditing for Compliance

Presentation transcript:

SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes

Conducting Vulnerability Assessments Without Disrupting Your Network Notice:  The views and opinions expressed in this presentation are those of the presenters and do not necessarily represent any organization or company they will be associated with in the future.  May the force be with you!

WHY VULNERABILITY MANAGEMENT?  Ensure protection of critical data  Meet compliance regulations  Reduce risk or minimize impact by addressing vulnerabilities in a timely manner  Prepare to meet future security

What is a Vulnerability Scanner  A vulnerability scanner is a computer program designed to assess computers, computer systems, networks or applications for weaknesses. They can be run either as part of vulnerability management by those tasked with protecting systems - or by black hat attackers looking to gain unauthorized access.

Types of Vulnerability Scanners Agent verses Agentless Active verses Passive

Vulnerability Scanners - Benefits Very good at checking for hundreds (or thousands) of potential problems quickly – Automated – Regularly Can help identify rogue machines Helpful in inventory devices on the network

What Vulnerability Scanner Do Well  Provide a generic risk level  Explain why the item is a risk  Provide detailed information on how to remediate The differences of how your scanner does the above items are some of the key differences between the scanners.

How Vulnerability Scanners Work  Similar to virus scanning software: – Contain a database of vulnerability signatures that the tool searches for on a target system – Cannot find vulnerabilities not in the database New vulnerabilities are discovered often Vulnerability database must be updated regularly

Challenges  Security resources are often decentralized  The security organization often doesn’t own the network or system  Always playing catch-up to changing threats  Determining if the fix was actually made  Ignoring it – accepting it

Decisions for your First Scan  Full Scan Verses Known Segment  Time and bandwidth verses Unknown devices  Is Your Network Ready for This?  Poor Network Configuration can lead to Security getting blamed for bandwidth issues (what to look for – how to resolve)

Dream Vs. Reality  Dream of vulnerability scanner  Plug in  Get data  Network/Endpoint Teams Act on Information  Network Secured  You Emerge as Security Hero!

Dream Vs. Reality  Proper planning :  Policies and Procedures for the Scanning Process  Track Inventory and Categorize Assets  Identify and Understand your business processes  To the network team it looks like an attack

So You Scanned – Now What  Can’t expect folks to act on 1,000 page reports.  Need to provide some prioritization  What are the biggest risks in your environment  What is the level of risk that is acceptable in your environment  What is the threat level that exists in your industry.

What Vulnerability Scanners Can’t Do  Scan items not connect to the network  Tell you how bad a vulnerability is in your environment. (ratings are universal)  Tell you exactly where a device is

Major Players  Tenable (Nessus)  Rapid 7  Qualys  Tripwire (nCircle)  OPenVAS

Questions? Game Over