Presentation is loading. Please wait.

Presentation is loading. Please wait.

SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.

Published byMervin Hamilton Modified over 9 years ago

Similar presentations

Presentation on theme: "SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes."— Presentation transcript:

1 SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes

2 Conducting Vulnerability Assessments Without Disrupting Your Network Notice:  The views and opinions expressed in this presentation are those of the presenters and do not necessarily represent any organization or company they will be associated with in the future.  May the force be with you!

3 WHY VULNERABILITY MANAGEMENT?  Ensure protection of critical data  Meet compliance regulations  Reduce risk or minimize impact by addressing vulnerabilities in a timely manner  Prepare to meet future security

4 What is a Vulnerability Scanner  A vulnerability scanner is a computer program designed to assess computers, computer systems, networks or applications for weaknesses. They can be run either as part of vulnerability management by those tasked with protecting systems - or by black hat attackers looking to gain unauthorized access.

5 Types of Vulnerability Scanners Agent verses Agentless Active verses Passive

6 Vulnerability Scanners - Benefits Very good at checking for hundreds (or thousands) of potential problems quickly – Automated – Regularly Can help identify rogue machines Helpful in inventory devices on the network

7 What Vulnerability Scanner Do Well  Provide a generic risk level  Explain why the item is a risk  Provide detailed information on how to remediate The differences of how your scanner does the above items are some of the key differences between the scanners.

8 How Vulnerability Scanners Work  Similar to virus scanning software: – Contain a database of vulnerability signatures that the tool searches for on a target system – Cannot find vulnerabilities not in the database New vulnerabilities are discovered often Vulnerability database must be updated regularly

9 Challenges  Security resources are often decentralized  The security organization often doesn’t own the network or system  Always playing catch-up to changing threats  Determining if the fix was actually made  Ignoring it – accepting it

10 Decisions for your First Scan  Full Scan Verses Known Segment  Time and bandwidth verses Unknown devices  Is Your Network Ready for This?  Poor Network Configuration can lead to Security getting blamed for bandwidth issues (what to look for – how to resolve)

11 Dream Vs. Reality  Dream of vulnerability scanner  Plug in  Get data  Network/Endpoint Teams Act on Information  Network Secured  You Emerge as Security Hero!

12 Dream Vs. Reality  Proper planning :  Policies and Procedures for the Scanning Process  Track Inventory and Categorize Assets  Identify and Understand your business processes  To the network team it looks like an attack

13 So You Scanned – Now What  Can’t expect folks to act on 1,000 page reports.  Need to provide some prioritization  What are the biggest risks in your environment  What is the level of risk that is acceptable in your environment  What is the threat level that exists in your industry.

14 What Vulnerability Scanners Can’t Do  Scan items not connect to the network  Tell you how bad a vulnerability is in your environment. (ratings are universal)  Tell you exactly where a device is

15 Major Players  Tenable (Nessus)  Rapid 7  Qualys  Tripwire (nCircle)  OPenVAS

16 Questions? Game Over

Download ppt "SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes."

Similar presentations

Presented by Nikita Shah 5th IT ( )

Presented by Nikita Shah 5th IT ( )
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.

OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Network Vulnerability Scanning Xiaozhen Xue Dept. of Computer Science Texas Tech University, USA Akbar Siami Namin Dept. of Computer.

Network Vulnerability Scanning Xiaozhen Xue Dept. of Computer Science Texas Tech University, USA Akbar Siami Namin Dept. of Computer.
Vulnerability Assessment & Penetration Testing By: Michael Lassiter Jr.

Vulnerability Assessment & Penetration Testing By: Michael Lassiter Jr.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Comp 8130 Presentation Security Testing Group Members: U4266680 Hui Chen U4242754 Ming Chen U4266538 Xiaobin Wang.

Comp 8130 Presentation Security Testing Group Members: U Hui Chen U Ming Chen U Xiaobin Wang.
Vulnerability Assessments

Vulnerability Assessments
Remedy, a BMC Software company Change Management Maximize Speed and Minimize Risk in the Change Process.

Remedy, a BMC Software company Change Management Maximize Speed and Minimize Risk in the Change Process.
Software Asset Management

Software Asset Management
Security Assessments FITSP-M Module 5. Security control assessments are not about checklists, simple pass-fail results, or generating paperwork to pass.

Security Assessments FITSP-M Module 5. Security control assessments are not about checklists, simple pass-fail results, or generating paperwork to pass.
Security+ Guide to Network Security Fundamentals, Fourth Edition

Security+ Guide to Network Security Fundamentals, Fourth Edition
VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.

VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Introduction to Network Defense

Introduction to Network Defense
Www.skyboxsecurity.com Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.

Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.
Information Systems Security Computer System Life Cycle Security.

Information Systems Security Computer System Life Cycle Security.

Similar presentations

Ads by Google