Upload File

vulnerability management

19
2015 VULNERABILITY KILL CHAIN Carl Thorp MSc FBCS CITP M.Inst.ISP VRSM CISM CGEIT CISSP CLAS CCP.RA CCP.SA

Upload: carlthorp

Post on 15-Aug-2015

74 views

Category:

Data & Analytics


0 download

Report

Tags:

TRANSCRIPT

Page 1: Vulnerability management

2015

VULNERABILITY KILL CHAIN

Carl Thorp MSc FBCS CITP M.Inst.ISP VRSM CISM CGEIT CISSP CLAS CCP.RA CCP.SA

Page 2: Vulnerability management

Welcome

Page 3: Vulnerability management

What is Vulnerability

• Vulnerability is a measure of the extent to which a community, structure, service or geographical area is likely to be damaged or disrupted, on account of its nature or location, by the impact of a particular disaster hazard [OECD 2015]

Page 4: Vulnerability management

What is Vulnerability

• A weakness of an asset or group of assets that can be exploited by one or more threats [ISO/IEC 13335-1:2004]

• Or anything attackers find that they can exploit

Page 5: Vulnerability management

Vulnerability Management

• The identification of vulnerabilities that can be exploited within a system– Vulnerability Assessment– Penetration Testing

• The remediation / risk management of vulnerabilities

Page 6: Vulnerability management

Types of Testing

• SAST• DAST

– Web Layer– Host / Infrastructure– Database

• Manual validation• ITS NOT A PEN TEST

Page 7: Vulnerability management

Why is it difficult?

Page 8: Vulnerability management

• Business1

• Environmental2

• Threat3

Context

Page 9: Vulnerability management

Getting it Right

Page 10: Vulnerability management

Business Context

• Business drivers and objectives

• Understand your assets• We want to be Secure but we

DO NOT WANT Security– John Callas PGP, Apple, Entrust

& Silent Circle• System 1 & System 2 thinking

Page 11: Vulnerability management

Environmental Context

• Understand your assets• Understand the operating

environment• Deep knowledge of

compensating controls• Tool selection

Page 12: Vulnerability management

Threat Intel

• External Threats– Indirect Intel– Direct Intel

• Internal Threats

Page 13: Vulnerability management

Get Message Right

• Less blah blah blah• Use business context

examples• Negative to positive• Do not belittle people

– Israel Barrack ex-Israeli Defence Force Red Team Lead

Page 14: Vulnerability management

Kill Chain

Page 15: Vulnerability management

Kill Chain

Projects

Asset Mgmt.

Threat Intelligence

VMSOnboard Test Analysis Resolution Decom

a

Incidents

Report

Page 16: Vulnerability management

Conclusion

• Work with your organisation not against it

• Plan ahead• Understand your

environment• Develop threat intelligence

Page 17: Vulnerability management

QUESTIONS?

Page 18: Vulnerability management

APPENDIX

Page 19: Vulnerability management

Useful Links / FeedsRSS Feedshttps://isc.sans.edu/rssfeed.xmlrhttp://feeds.feedburner.com/sucuri/bloghttp://seclists.org/rss/fulldisclosure.rsshttp://www.intelligentexploit.com/feed/https://community.rapid7.com/Rapid7_ViewAll?tag=Metasploit&type=blog

Podcastshttp://securityweekly.com/podcast/psw.xmlhttps://isc.sans.edu/dailypodcast.xmlhttp://leo.am/podcasts/sn

All Round Defence / WestThor Ltd take no responsibility for the content of these sites / podcasts

https://isc.sans.edu/rssfeed.xml
https://isc.sans.edu/rssfeed.xml
https://isc.sans.edu/rssfeed.xml
http://feeds.feedburner.com/sucuri/blog
http://feeds.feedburner.com/sucuri/blog
http://feeds.feedburner.com/sucuri/blog
http://seclists.org/rss/fulldisclosure.rss
http://seclists.org/rss/fulldisclosure.rss
http://www.intelligentexploit.com/feed/
http://www.intelligentexploit.com/feed/
https://community.rapid7.com/Rapid7_ViewAll?tag=Metasploit&type=blog
https://community.rapid7.com/Rapid7_ViewAll?tag=Metasploit&type=blog
http://securityweekly.com/podcast/psw.xml
http://securityweekly.com/podcast/psw.xml
http://securityweekly.com/podcast/psw.xml
http://securityweekly.com/podcast/psw.xml
https://isc.sans.edu/dailypodcast.xml
https://isc.sans.edu/dailypodcast.xml
https://isc.sans.edu/dailypodcast.xml
https://isc.sans.edu/dailypodcast.xml
http://leo.am/podcasts/sn
http://leo.am/podcasts/sn
http://leo.am/podcasts/sn
http://leo.am/podcasts/sn

Vulnerability and compliance management

Vulnerability Management for dummies

Vulnerability Management

Quick Wins in Vulnerability Management

Predictive Security Intelligence for Vulnerability Management · Unify and Streamline Vulnerability Management CORE Insight ™ and QualysGuard unify and streamline vulnerability

Vulnerability Management Case Study · Vulnerability Management Case Study Page 4 of 16 3. What is Vulnerability Management? Vulnerability Management is a business process aimed at

Vulnerability Management needn’t be scary!index-of.co.uk/Security/Vulnerability Management for Dummies.pdf · Are thinking about using a vulnerability management application to

New approaches to vulnerability management

VULNERABILITY MANAGEMENT AND PENETRATION TESTING SERVICES ... and... · VULNERABILITY MANAGEMENT AND PENETRATION TESTING SERVICES FOR A ... GPEN GIAC Penetration ... o The IT Vulnerability

Enterprise Vulnerability Management - ZeroNights16

The Forrester Wave Vulnerability Management

APPSEC VULNERABILITY MANAGEMENT PIPELINES

Vulnerability and Patch Management

Tripwire IP360 Vulnerability Management

Implementing Vulnerability Management Process - GIAC

An Approach to Vulnerability Management, Configuration Management

Vulnerability Management Scoring Systems

Implementing Vulnerability Management Process 34180

Vulnerability Management Tool Final Report

Software Vulnerability Management at Microsoft

Controlware Vulnerability Management Service · Security Assessment Vulnerability Management (Proof of Concept) Vulnerability Management (as a Service) Controlware Vulnerability Management

2017 Software Vulnerability Management Resolutions

Award-winning vulnerability management software

Assignment No 5 Vulnerability Management

Effective Vulnerability Management

Web Application Vulnerability Management

DGRZETICH - Adv Vulnerability Management DRAFTto!examine!patch!management!in!the!contextof!vulnerability!management throughoutthis!paper.!

PRODUCT SAFETY MANAGEMENT: VULNERABILITY …

An Introduction to Vulnerability Management

VULNERABILITY MANAGEMENT€¦ · Vulnerability management is more than just running a vulnerability scanner and adjusting the resulting vulnerabilities on an annual basis. A vulnerability

Vulnerability Management

QG Vulnerability Management Module

Security Vulnerability Management

Vulnerability management - PwC

Vulnerability Management - baramundi · 2019-04-09 · White Paper | Vulnerability Management Vulnerability overview2 of various software products While the vulnerability is lying