Presentation is loading. Please wait.

Presentation is loading. Please wait.

Topological Vulnerability Analysis

Published byElizabeth Richardson Modified over 6 years ago

Similar presentations

Presentation on theme: "Topological Vulnerability Analysis"— Presentation transcript:

1 Topological Vulnerability Analysis
Automatically predicting possible paths of cyber attack GPS for your IT infrastructure Common Operating Picture Situational Awareness

2 About ProInfo Founded in focused on next generation technologies Intellectual Property is foundational Corporate activity CAULDRON Tech transfer

3 CAULDRON History Inventors: Sushil Jajodia, Steven Noel, Pramod Kalapa
CSIS pioneered the field of Topological Vulnerability Analysis (TVA) attack graph technology.  8 years of R&D CAULDRON has been independently evaluated enhancement for penetration testing red team/blue team exercises CSIS has filed for 5 U.S. patents in TVA/CAULDRON technology.  CAULDRON is currently being used at several government organizations.

4 The Perfect Storm Network configurations are ever more sophisticated
Vulnerabilities are becoming more complex Remediation resources are sparse A total solution is a combination of technology and services CAULDRON is the technology component

5 Our Approach Aggregate / Correlate / Visualize Network Capture
builds a model of the network. represents data in terms of corresponding elements in Vulnerability Reporting and Exploit Specifications. Vulnerability Database a comprehensive repository of reported vulnerabilities Graph Engine simulates multi-step attacks through the network, for a given user-defined Attack Scenario. analyzes vulnerability dependencies, matching exploit preconditions and post-conditions, generates all possible paths through the network (for a given attack scenario). Aggregate / Correlate / Visualize

6

7 Adding CAULDRON to the mix
Scanners Visualization & What If’s Correlation Firewalls Repository + SAS Patch Mgt Persistent Metadata Logs, etc

8 Range of Benefits Region 1 Visualization & What If’s Visualization
Correlation Region 2 Repository + SAS Region 3 Strategic Region X Common Operating Picture Situational Awareness Relevant POAMs Targeted remediation Tactical

9 Aggregate/Correlate/Visualize
We analyze vulnerability dependencies Calculates the impact of individual and combined vulnerabilities on overall security We show all possible attack paths into a network Transforms raw security data into a roadmap All known attack paths from attacker to target are succinctly depicted Supports both offensive (e.g., penetration testing) and defensive (e.g., network hardening) applications Strategic Proactively prepare for attacks, manage vulnerability risks, and have current situational awareness A response strategy can be more easily created. Key deliverable is an attack graph showing all possible ways an attacker can penetrate the network

10 Seven Invigorating Virtues
Strategic Provides a Common Operating Picture Provides Situational Awareness - context Improves security w/out hardware Shortens the cycle of improvements Nature of the problem Regional yet centralized Allows for drill down Empowers the “LCD” Tactical Management Operations

11 More security . . without more hardware
Contact Info: John Williams . . without more hardware

Download ppt "Topological Vulnerability Analysis"

Similar presentations

Beyond Reactive Management of Network Intrusions Professor Sushil Jajodia Professor Sushil Jajodia Center for Secure Information Systems

Beyond Reactive Management of Network Intrusions Professor Sushil Jajodia Professor Sushil Jajodia Center for Secure Information Systems
1www.skyboxsecurity.com Skybox Cyber Security Best Practices Three steps to reduce the risk of Advanced Persistent Threats With continuing news coverage.

1www.skyboxsecurity.com Skybox Cyber Security Best Practices Three steps to reduce the risk of Advanced Persistent Threats With continuing news coverage.
Creating Business Value from Big Data A Big Data Catalyst Project.

Creating Business Value from Big Data A Big Data Catalyst Project.
S5-1 © 2001 Carnegie Mellon University OCTAVE SM Process 5 Identify Key Components Software Engineering Institute Carnegie Mellon University Pittsburgh,

S5-1 © 2001 Carnegie Mellon University OCTAVE SM Process 5 Identify Key Components Software Engineering Institute Carnegie Mellon University Pittsburgh,
MP3 / MD740 Strategy & Information Systems Oct. 13, 2004 Databases & the Data Asset, Types of Information Systems, Artificial Intelligence.

MP3 / MD740 Strategy & Information Systems Oct. 13, 2004 Databases & the Data Asset, Types of Information Systems, Artificial Intelligence.
Achieving Trusted Systems by Providing Security and Reliability Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun Xu, Shuo Chen, Nithin Nakka and Karthik Pattabiraman.

Achieving Trusted Systems by Providing Security and Reliability Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun Xu, Shuo Chen, Nithin Nakka and Karthik Pattabiraman.
Security Posture Assessment (SPA) Headquarters: Ofisgate Sdn Bhd (610820-A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, 57000 Kuala Lumpur,

Security Posture Assessment (SPA) Headquarters: Ofisgate Sdn Bhd ( A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, Kuala Lumpur,
IT:Network:Microsoft Applications

IT:Network:Microsoft Applications
Introduction to Network Defense

Introduction to Network Defense
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Www.skyboxsecurity.com Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.

Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.
Topological Vulnerability Analysis

Topological Vulnerability Analysis
Lean and (Prepared for) Mean: Application Security Program Essentials Philip J. Beyer - Texas Education Agency John B. Dickson.

Lean and (Prepared for) Mean: Application Security Program Essentials Philip J. Beyer - Texas Education Agency John B. Dickson.
A Combat Support Agency Defense Information Systems Agency DISN NetOps Service Assurance 2011 Customer Conference August 2011.

A Combat Support Agency Defense Information Systems Agency DISN NetOps Service Assurance 2011 Customer Conference August 2011.
PATCH MANAGEMENT: Issues and Practical Solutions Presented by: ISSA Vancouver Chapter March 4, 2004.

PATCH MANAGEMENT: Issues and Practical Solutions Presented by: ISSA Vancouver Chapter March 4, 2004.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Automating Enterprise IT Management by Leveraging Security Content Automation Protocol (SCAP) John M. Gilligan www.gilligangroupinc.com May, 2009.

Automating Enterprise IT Management by Leveraging Security Content Automation Protocol (SCAP) John M. Gilligan May, 2009.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.

© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.
An Analysis of Location-Hiding Using Overlay Networks Ju Wang and Andrew A. Chien Department of Computer Science and Engineering, University of California.

An Analysis of Location-Hiding Using Overlay Networks Ju Wang and Andrew A. Chien Department of Computer Science and Engineering, University of California.

Similar presentations

Ads by Google