Software Security Course - PowerPoint PPT Presentation

software security course n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Software Security Course PowerPoint Presentation
Download Presentation
Software Security Course

play fullscreen
1 / 51
Software Security Course
138 Views
Download Presentation
lucia
Download Presentation

Software Security Course

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Software Security Course Course Outline 2-27-09

  2. Course Overview • Introduction to Software Security • Common Attacks and Vulnerabilities • Overview of Security Engineering • How To - Secure Design • How To - Secure Implementation • How To - Security Testing • How To - Secure Deployment • Compliance and Regulatory Standards • Special Topics • Additional Resources

  3. Introduction to Software Security

  4. Introduction to Software Security • Definition and Context • Why Security Matters • Myths and Urban Legends • Threats and Examples • Case Studies • Concepts and Definitions

  5. Definition and Context • Software security as part of the larger problem of developing robust, reliable code • Describe the relationship between software security and: • Corporate information security policies • Corporate risk strategies • Explain the differences between software and network security • Areas of overlap • Areas of divergence • Pros and cons of each area of investment

  6. Definition and Context • CIA as a way to think about security • STRIDE as a way to assess impact of a threat • DREAD as a way to categorize the severity of a threat

  7. Why Security Matters • Customers care – now more than ever • Patching is expensive • Regulatory compliance • Security failures == business risk • Competitive advantage • Critical part of TCO • The threat environment is bad and getting worse • Attackers have the advantage

  8. Myths and Urban Legends • Security is only required in the OS • 15% are OS vulns • I only need a good patch strategy • Mean time to attack: 330 days -> 2 weeks • I have a firewall, AV and IDS • 92% of vulns are software, not network • Functional testing finds security defects • Good practices from design->deploy are required • I use Java (or .NET) • Only helps with some classes of problem • I use cryptography • Helps with some threats, but just one tool in the toolbox

  9. Threats and Examples

  10. Threats and Examples

  11. Case Studies • Show real world impact, examine past mistakes • Love Virus • Saphire Worm • TJX • Heartland

  12. Concepts and Definitions • Asset • Attack • Control • Countermeasure or mitigation • Guideline • Information Security • Insider Threat • Policy • Privacy • Risk • Risk Analysis • Risk Assessment • Security Engineering • Security Requirement • Threat • Vulnerability

  13. Common Attacks and Vulnerabilities

  14. Common Attacks and Vulnerabilities • Types of Attackers • Attacker Motivation • Attacker Origin • Anatomy of an Attack • Attacker Tools • OWASP Top 10 • CWE/SAN Top 25

  15. Types of Attackers • Script Kiddies • Amateur Experts • Crack Experts • Professionals

  16. Attacker Motivation • White Hat • Black Hat • Grey Hat

  17. Attacker Origin • Internal attackers – the insider threat • External attackers

  18. Anatomy of an Attack • Targeting • Probing • Attempting penetration • Securing hold • Cleanup and propagation

  19. Attacker Tools • Whitebox • Greybox • Blackbox

  20. OWASP Top 10 • Cross Site Scripting • Injection Flaws • Malicious File Execution • Insecure Direct Object Reference • Cross Site Request Forgery • Information Leakage and Improper Error Handling • Broken Authentication and Session Management • Insecure Cryptographic Storage • Insecure Communications • Failure to restrict URL access

  21. CWE/SANS 25 Most Dangerous • CWE and SANS put together a list of the 25 most dangerous coding errors • Insecure interaction between components • Risky resource management • Porous defenses http://www.sans.org/top25errors/

  22. Overview of Security Engineering

  23. Overview of Security Enginering • How it Fits • Key Activities

  24. How it Fits

  25. Key Activities • Threat Modeling • Security Design Best Practices • Security Design Review • Security Coding Best Practices • Security Code Review • Penetration Test • Security Deployment Review

  26. How To - Secure Design

  27. How To – Secure Design • Design Principles • Design Patterns

  28. Design Principles • Simplify the design • Least privilege • Defense in depth • Fail secure • Secure by default • Compartmentalize • Attack Surface Reduction • …

  29. Design Patterns • Trusted Subsystem • Brokered Authentication • …

  30. How To - Secure Implementation

  31. How To – Secure Implementation • Coding Principles • OS Fundamentals • Common Errors • Common Web Errors

  32. Coding Principles • Validate all user input • Auditing and logging • Limit resource consumption • …

  33. OS Fundamentals • Access controls • .NET code access security • Java sandbox • Cryptography • …

  34. Common Errors • Integer overflows • Failure to validate input • Failure to protect sensitive data • Failure to understand and protect across trust boundaries • Insecure error messages • Buffer overflows and other errors that occur only in compiled languages such as C/C++ • …

  35. Common Web Errors • Trusting client-side validation • Failure to validate input and encode output • Failure to protect the session • Failure to protect against zero and one-click attacks • Disclosing too much information • …

  36. How To - Security Testing

  37. How To – Security Testing • Security Testing is Different • Think Like an Attacker • Categories of Attack • How to Test the Top 10

  38. Security Testing is Different Intended Behavior Actual Behavior Most Security Bugs Traditional Bugs

  39. Think Like an Attacker • Security bugs: • Are much harder to spot…they often have no visible (to the human eye) behavior…we need better tools • Require us to think about side effects and what sensitive data might be exposed • Require us to “think backwards”…that is, instead of thinking what should happen, we need to think about what shouldn’t happen

  40. Categories of Attack • External dependencies • Unanticipated user input • Vulnerable design • Vulnerable implementation

  41. How to Test the Top 10 • Cross Site Scripting • Injection Flaws • Malicious File Execution • Insecure Direct Object Reference • Cross Site Request Forgery • Information Leakage and Improper Error Handling • Broken Authentication and Session Management • Insecure Cryptographic Storage • Insecure Communications • Failure to restrict URL access

  42. How To - Secure Deployment

  43. How To – Secure Deployment • Deployment Principles • Deployment Patterns

  44. Deployment Principles • The importance of configuration • How physical deployment impacts security • How software design can make it easier to manage security and detect attacks post-deployment

  45. Deployment Patterns • Understand the common application types: • Mobile Client • Rich Client • Rich Internet Application • Service Interfaces (SAAS, S+S) • Web Application • Understand the common deployment patterns: • Single server, non-distributed • Multiple server, distributed • Understand the impact: • Impersonation and delegation • Layer interfaces • Trust boundaries

  46. Compliance and Regulatory Standards

  47. Regulatory Standards • Overview of the regulation: • PCI • HIPPA • Cover what these mean from a developer point of view • http://msdn.microsoft.com/en-us/library/aa480484.aspx

  48. Special Topics

  49. Additonal Topics to Consider • Privacy Issues • Digital Rights Management (DRM) • Social Engineering Attacks

  50. Additional Resources