1 / 33

Vulnerability Testing Approach

Vulnerability Testing Approach. Prepared By: Phil Cheese Nov 2008. Outline . Structure of Technology UK Security Team Why we test What we test When we test How we test Demo of a unix platform test Hot topics Questions and Answers. Vulnerability Test Team. UK Tech. Security Mgr.

armand
Download Presentation

Vulnerability Testing Approach

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Vulnerability Testing Approach Prepared By: Phil Cheese Nov 2008

  2. Outline • Structure of Technology UK Security Team • Why we test • What we test • When we test • How we test • Demo of a unix platform test • Hot topics • Questions and Answers

  3. Vulnerability Test Team UK Tech. Security Mgr Security Operations Group CISO Security Consultants UK Technology Security teams Review New Systems Vulnerability Testing Security Monitoring Mail, Logs, IDS, Firewall

  4. Definition Penetration testing v Vulnerability testing ? • Wikepedia “Security testing techniques scour for vulnerabilities or security holes in applications. These vulnerabilities leave applications open to exploitation. Ideally, security testing is implemented throughout the entire software development life cycle (SDLC) so that vulnerabilities may be addressed in a timely and thorough manner. Unfortunately, testing is often conducted as anafterthought at the end of the development cycle.” Why ? – test against standards, identify misconfigurations, old vunerable versions of software, test drive • Ethics & Legality

  5. Preventing financial loss through fraud (hackers, extortionists and disgruntled employees) or through lost revenue due to unreliable business systems and processes. Proving due diligence and compliance to your industry regulators, customers and shareholders. Non-compliance can result in your organisation losing business, receiving heavy fines, gathering bad PR or ultimately failing. Protecting your brand by avoiding loss of consumer confidence and business reputation. vulnerability testing helps shape information security strategy through identifying vulnerabilities and quantifying their impact and likelihood so that they can be managed proactively; budget can be allocated and corrective measures implemented. Why testing

  6. Defining the scope • Full-Scale vs. Targeted Testing • Platform, Network, Database, Applications • Remote vs. Local Testing • In-house v outsourcing

  7. Defense in depth Network

  8. Nmap Nessus Tester www.vodafone.co.uk Network elements e.g SGSN’s, HLR’s Sun Solaris Application Server Redhat Apache Web server HP-UX Oracle DB Windows File server

  9. Nmap

  10. Nessus

  11. Assuria Agents Tester www.vodafone.co.uk Network elements e.g SGSN’s, HLR’s Sun Solaris Application Server Redhat Apache Web server HP-UX Oracle DB Windows File server

  12. Assuria Auditor Console

  13. NGS Squirrel Tester www.vodafone.co.uk Network elements e.g SGSN’s, HLR’s Sun Solaris Application Server Redhat Apache Web server HP-UX Oracle DB Windows File server

  14. NGS Squirrel

  15. Appscan, Superwalk Tester www.vodafone.co.uk Network elements e.g SGSN’s, HLR’s Sun Solaris Application Server Redhat Apache Web server HP-UX Oracle DB Windows File server

  16. Appscan

  17. Backtrack

  18. Tester www.vodafone.co.uk Network elements e.g SGSN’s, HLR’s Sun Solaris Application Server Redhat Apache Web server HP-UX Oracle DB Windows File server AssuriaCLI Remote test (Data Centre)

  19. Remote platform vulnerability assessment using Assuria Auditor & workbench via the command line • “It is better to voyage hopefully than to drive to Oldham” • FTP and install scripts • Run scans • Copy off raw results files • Generate csv files • Import results into workbench • Review scan results • Producing reports • Agreeing remedial actions and re-testing

  20. Log onto remote server

  21. FTP onto a remote server

  22. unzip tarball file

  23. Areas checked by ‘Initial’ policies

  24. Run scans

  25. FTP results back to desktop

  26. Generate CSV files

  27. Import into Workbench

  28. Reconcile results

  29. Filter results

  30. Vulnerability testing - hot topics • PCI-DSS – keeping Security vendor industry going! https://www.pcisecuritystandards.org/ • Appliances and automation – keep your auditors happy http://www.qualys.com/products/qg_suite/ http://www.ncircle.com/index.php?s=products • Virtualisation and middleware vulnerabilities – don’t forget’em…. http://labs.mwrinfosecurity.com/ • Exploitation tools – Metasploit framework, Canvas, Core Impact. BEEF http://www.metasploit.com/ http://www.immunitysec.com/ http://www.coresecurity.com/ http://www.bindshell.net/tools/beef

  31. Conclusions • In depth, holistic approach to security testing • Testing needs to take place during the development lifecycle • Can be complex and time consuming • Outsource specialist testing to third party vendors • Commercial tools easy to maintain and use but can be expensive • “A fool with a tool is still a fool” • Results from tools need analysis and put into a ‘business risk’ context

  32. Any Questions ?

More Related