SlideShare a Scribd company logo

The Security Vulnerability Assessment Process & Best Practices

Download as PPT, PDF
Kellep Charles
Kellep Charles

Conducting regular security assessments on the organizational network and computer systems has become a vital part of protecting information-computing assets. Security assessments are a proactive and offensive posture towards information security as compared to the traditional reactive and defensive stance normally implemented with the use of Access Control-Lists (ACLs) and firewalls. Too effectively conduct a security assessment so it is beneficial to an organization, a proven methodology must be followed so the assessors and assesses are on the same page. This presentation will evaluate the benefits of credential scanning, scanning in a virtual environment, distributed scanning as well as vulnerability management.

Technology
1 of 32
The Security Vulnerability Assessment Process, Best Practices & Challenges 1 Kellep A. Charles, CISA, CISSP www.SecurityOrb.com
Agenda 2 About Me Topic Introduction The Process The Best Practices/Challenges Conclusion www.SecurityOrb.com
About Me 3 Kellep Charles but you can call me K.C. Government contractor in the DC area Served as an adjunct professor Doctoral Student  Research area:  Human Computer Interaction-Security HCI-Sec  Honeypot & Artificial Neural Networks Operate SecurityOrb.com www.SecurityOrb.com
Introduction 4 Security vulnerability assessments have become an imperative part of any organization’s computer and network security posture. Many organizations consist of:  Heterogeneous computing environments  Windows, Mac OS X, Linux/Unix  Multiple Applications  Distributed computing  Internet-enabled information access systems.  The need to understand the state of an organization’s overall information system is ever more important now. www.SecurityOrb.com
Introduction 5 Best practices in information security acknowledge  a defensive only approach to securing an enterprise does not suffice  at times is considered inadequate. Frequently these defensive security devices such as firewalls and intrusion detection systems (IDS)  often not configured properly  not capable of locating all the vulnerabilities and threats on the network, especially at the node level. www.SecurityOrb.com
Introduction 6 Performing regular security vulnerability assessment helps bridge that gap Allows an organization to take a proactive stance towards protecting their information computing environment. The bottom line objective is to safeguard the core intellectual and electronic assets of the organization, and to ensure compliance with appropriate regulations www.SecurityOrb.com
Why Is It So Vital? 7 Most Systems are unpatched  Lazy, overworked or misinformed system administrators Most compromises are from unpatched systems with patches or work around available Some systems cannot be patched (allow for alternate defense) Proactive and offensive posture towards security Compliance www.SecurityOrb.com
Assessment Levels 8  Basic Security Assessment - The objective for this assessment is to give the responsible party a basic understanding of the security of the business as a whole in three key areas: Administrative, Physical and Technical Safeguards. It is meant to point out possible areas of weakness with a walk through of the facility and a Q&A session. It is not an in-depth study, rather, a basic first step in protecting information.  In-depth Security Assessment - This is a comprehensive study of the security of your business. We will analyze all policies and procedures, router access lists, Firewall configurations and policies, PC and server configurations, complete Website review, complete mail server review. We will then present the client with a written report of our findings. This type of assessment will give you a thorough understanding of how your company measures up to "Industry Best Practices". www.SecurityOrb.com
Assessment Levels 9 External Vulnerability Testing - We will test your network from the outside from a "hacker's point-of-view". We will use the same tools criminals use to try and compromise your network and servers. Internal Vulnerability Testing - These are the same tools used in the External test. This type of assessment is essential in understanding how and why hackers, viruses and worms spread so quickly through an organization. www.SecurityOrb.com
Assessment Process 10  To effectively conduct a security assessment so it is beneficial to an organization  a proven methodology must be followed so the assessors and assesses are on the same page.  Using a proven security assessment methodology supplies a blueprint of events from start-to-finish that can be examined, tracked and replicated.  Reports that are constructed from the security assessments are used to provide a snap shot view of information system deficiencies for short-term analysis as well as trending data for long-term evaluation  Allowing the organization to understand their vulnerabilities so they can better protect themselves from current and future threats. www.SecurityOrb.com
Security Assessment Process 11 The process includes the following 6 phases  Pre Security Assessment Process  Security Assessment In-Brief  Security Assessment Field Work  Security Assessment Report Analysis & Preparation  Security Assessment Out-Brief  Post Security Assessment Process www.SecurityOrb.com
Security Assessment Process 12 Pre-Security Assessment Process  The pre-security assessment process entails one of the most important aspects of conducting a security assessment. Obtaining an engagement letter grants the assessment team the authority to commence with the formal processes of creating documentation to support the security assessment, permission for the onsite visit and the overall authority to conduct the security assessment. www.SecurityOrb.com
Security Assessment Process 13 Security Assessment In-Brief  Once the team has arrived at the assessment location, a security assessment in-brief is required. In the in-brief, both the security assessment team and the organizational staff members will introduce themselves and the roles they will have during the security assessment process. www.SecurityOrb.com
Security Assessment Process 14 Security Assessment Field Work (Scanning, Interview, Walk-Thru and Doc Review)  Once the in brief has been review, discussed, completed and agreed upon, the security assessment fieldwork can commence. The security assessment field-work process consist of conducting vulnerability scans, facility walkthrough, manual system checks, staff interview and various document reviews. www.SecurityOrb.com
Security Assessment Process 15 Security Assessment Report Analysis & Preparation  Towards the end of the security assessment, once all of the security assessment fieldwork has been completed, the security assessment team will review and process the information in preparation of the final report. During this phase, the security assessment team will address any false positive, document any variances and findings that will be included in the final report. www.SecurityOrb.com
Security Assessment Process 16 Security Assessment Report Analysis & Preparation www.SecurityOrb.com
Security Assessment Process 17  Security Assessment Report Analysis & Preparation www.SecurityOrb.com
Security Assessment Process 18 Security Assessment Out-Brief  The security assessment team will provide recommendations as well.  Contact information will be on the out-brief.  This process should be interactive were questions are taken through out the security assessment out-brief.  At the end of the security assessment out-brief, both parties will have to sign the pages of the out-brief and discuss what will be occurring in the post security assessment process. www.SecurityOrb.com
Security Assessment Process 19 Security Assessment Out-Brief  The security assessment team will provide recommendations as well.  Contact information will be on the out-brief.  This process should be interactive were questions are taken through out the security assessment out-brief.  At the end of the security assessment out-brief, both parties will have to sign the pages of the out-brief and discuss what will be occurring in the post security assessment process. www.SecurityOrb.com
Security Assessment Process 20 Post Security Assessment Process  The post security assessment process is where the security assessment team securely files all documentation and electronic data pertaining to the organization in which the security assessment was conducted on.  In addition, a team meeting with all members of the assessment team should be conducted to review and lessons learned to add any improvements or deficiencies to the process. www.SecurityOrb.com
Vulnerability Assessment, Penetration Test & Security Audit 21  A vulnerability assessment is a practice used to identify all potential vulnerabilities that could be exploited in an environment.  The assessment can be used to evaluate physical security, personnel (testing through social engineering and such), or system and network security.  While a vulnerability assessment's goal is to identify all vulnerabilities in an environment, a penetration test has the goal of "breaking into the network."  only needs to exploit one or two vulnerabilities to actually penetrate the environment.  Penetration testing is also referred to as ethical hacking  A security audit is basically someone going around with a criteria checklist of things that should be done or in place to ensure that the company is in compliance with its security policy, regulations and legal responsibilities. www.SecurityOrb.com
Credential Scans vs Un-credential Scans 22 Credentialed scanning allows for a much more accurate and thorough picture of the system.  Mechanic and doctor example Part of vulnerability scanning is to identify missing patches that leave a machine open to compromise.  Test of a Windows 7 system  The results speak for themselves: first scan without credentials, then with credentials – What do you think you will see? www.SecurityOrb.com
Credential Scans vs Un-credential Scans 23  Test of a Windows 7 system  The results speak for themselves: without credentials, the scan identified highs=0; meds=0; lows=1. With credentials: highs=7; meds=8; lows=5  Guess which one is more accurate. www.SecurityOrb.com
Credential Scans vs Un-credential Scans 24 www.SecurityOrb.com
Credential Scans vs. Un-credential Scans 25 www.SecurityOrb.com
System Hardening 26  Center for Internet Security (CIS) Benchmarks  provides standards and metrics that dramatically raise the level of security to ensure the integrity of the public and private Internet-based functions on which society increasingly depends.  Federal Desktop Core Configuration (FDCC)  A list of security settings recommended by the National Institute of Standards and Technology for general-purpose microcomputers that are connected directly to the network of a United States government agency.  Security Technical Implementation Guide (STIG)  DISA’s methodology for standardized secure installation and maintenance of computer software and hardware.  Security Content Automation Protocol (SCAP)  a method for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation (e.g., FISMA compliance). The National Vulnerability Database (NVD) is the U.S. government content repository for SCAP.  Some items may have to be changed to obtain credential scans www.SecurityOrb.com
Vulnerability Management 27  The repeated practice of identifying, classifying, remediating, and mitigating  Prioritize  Mitigate Vulnerabilities - Ultimately, the root causes of vulnerabilities must be addressed. This is often done via patching vulnerable services, changing vulnerable configurations or making application updates to remove vulnerable code.  Maintain and Monitor - Organizations' computing environments are dynamic and evolve over time, vulnerability management is an ongoing process rather than a point-in-time event. www.SecurityOrb.com
Compliance 28  Regulatory Bodies www.SecurityOrb.com
Other Things to Consider 29 Virtualization Cloud Computing Politics Reoccurring Scans Distributed Scanning Patch Management Penetration Testing www.SecurityOrb.com
What Vulnerability Scanning Can’t Do 30 Find Zero-Days and malware Eliminates the most obvious and known security threats. Can’t Patch Determine the difference between False Positive/Negative www.SecurityOrb.com
Conclusion The art of defending an organizational network takes many approaches to be done successfully. No one control can assure that the network is safe. Firewalls are great for prevention, IDS offer the ability for detection, Security Awareness briefing provides for user knowledge and Security Assessments assist with a proactive posture towards security. It also helps prove you've done "due diligence" in performing basic system patches and fixing the well- known problems in case a security breach causes financial, legal or regulatory problems.
32 Thank You… @kellepc @securityorb www.SecurityOrb.com

Recommended

Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingIntroduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingRaghav Bisht
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testingAbu Sadat Mohammed Yasin
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing RomSoft SRL
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingNezar Alazzabi
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Mohammed Adam
 
Secure Code Review 101
Secure Code Review 101Secure Code Review 101
Secure Code Review 101Narudom Roongsiriwong, CISSP
 
Application Security
Application SecurityApplication Security
Application SecurityReggie Niccolo Santos
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing Priyanka Aash
 

Recommended

Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingIntroduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingRaghav Bisht
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testingAbu Sadat Mohammed Yasin
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing RomSoft SRL
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingNezar Alazzabi
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Mohammed Adam
 
Secure Code Review 101
Secure Code Review 101Secure Code Review 101
Secure Code Review 101Narudom Roongsiriwong, CISSP
 
Application Security
Application SecurityApplication Security
Application SecurityReggie Niccolo Santos
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing Priyanka Aash
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
Penetration testing reporting and methodology
Penetration testing reporting and methodologyPenetration testing reporting and methodology
Penetration testing reporting and methodologyRashad Aliyev
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Vulnerability Assessment Presentation
Vulnerability Assessment PresentationVulnerability Assessment Presentation
Vulnerability Assessment PresentationLionel Medina
 
Information security
Information securityInformation security
Information securityLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Edureka!
 
WAFs.pptx
WAFs.pptxWAFs.pptx
WAFs.pptxHamzaJamil41
 
A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...Noppadol Songsakaew
 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practicesScott Hurrey
 
Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30Kevin M. Moker, CFE, CISSP, ISSMP, CISM
 
Secure Coding and Threat Modeling
Secure Coding and Threat ModelingSecure Coding and Threat Modeling
Secure Coding and Threat ModelingMiriam Celi, CISSP, GISP, MSCS, MBA
 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)TzahiArabov
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingAnurag Srivastava
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network securityIGZ Software house
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?ONE BCG
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)k33a
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaComputer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaEdureka!
 
New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationShritam Bhowmick
 
It Security Audit Process
It Security Audit ProcessIt Security Audit Process
It Security Audit ProcessRam Srivastava
 

More Related Content

What's hot

Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
Penetration testing reporting and methodology
Penetration testing reporting and methodologyPenetration testing reporting and methodology
Penetration testing reporting and methodologyRashad Aliyev
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Vulnerability Assessment Presentation
Vulnerability Assessment PresentationVulnerability Assessment Presentation
Vulnerability Assessment PresentationLionel Medina
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Edureka!
 
A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...Noppadol Songsakaew
 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practicesScott Hurrey
 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)TzahiArabov
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingAnurag Srivastava
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?ONE BCG
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)k33a
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaComputer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaEdureka!
 

What's hot (20)

Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
 
Penetration testing reporting and methodology
Penetration testing reporting and methodologyPenetration testing reporting and methodology
Penetration testing reporting and methodology
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
Vulnerability Assessment Presentation
Vulnerability Assessment PresentationVulnerability Assessment Presentation
Vulnerability Assessment Presentation
 
Information security
Information securityInformation security
Information security
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
 
WAFs.pptx
WAFs.pptxWAFs.pptx
WAFs.pptx
 
A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...
 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practices
 
Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30
 
Secure Coding and Threat Modeling
Secure Coding and Threat ModelingSecure Coding and Threat Modeling
Secure Coding and Threat Modeling
 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controls
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration Testing
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network security
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
 
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaComputer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
 

Similar to The Security Vulnerability Assessment Process & Best Practices

New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationShritam Bhowmick
 
It Security Audit Process
It Security Audit ProcessIt Security Audit Process
It Security Audit ProcessRam Srivastava
 
ByteCode pentest report example
ByteCode pentest report exampleByteCode pentest report example
ByteCode pentest report exampleIhor Uzhvenko
 
Phi 235 social media security users guide presentation
Phi 235 social media security users guide presentationPhi 235 social media security users guide presentation
Phi 235 social media security users guide presentationAlan Holyoke
 
Cisco_eBook_ShiftLeftSecurity_2022_06_07a.pdf
Cisco_eBook_ShiftLeftSecurity_2022_06_07a.pdfCisco_eBook_ShiftLeftSecurity_2022_06_07a.pdf
Cisco_eBook_ShiftLeftSecurity_2022_06_07a.pdfNathanDjami
 
Building a Product Security Practice in a DevOps World
Building a Product Security Practice in a DevOps WorldBuilding a Product Security Practice in a DevOps World
Building a Product Security Practice in a DevOps WorldArun Prabhakar
 
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...Cam Fulton
 
Integrated Security for Software Development and Advanced Penetration Testing...
Integrated Security for Software Development and Advanced Penetration Testing...Integrated Security for Software Development and Advanced Penetration Testing...
Integrated Security for Software Development and Advanced Penetration Testing...Symptai Consulting Limited
 
Best Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docxBest Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docxAfour tech
 
Domain 6 - Security Assessment and Testing
Domain 6 - Security Assessment and TestingDomain 6 - Security Assessment and Testing
Domain 6 - Security Assessment and TestingMaganathin Veeraragaloo
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA Information Security
 
10 KEYS TO EFFECTIVE NETWORK SECURITY
10 KEYS TO EFFECTIVE NETWORK SECURITY10 KEYS TO EFFECTIVE NETWORK SECURITY
10 KEYS TO EFFECTIVE NETWORK SECURITYRazorpoint Security
 

Similar to The Security Vulnerability Assessment Process & Best Practices (20)

New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise Infilteration
 
It Security Audit Process
It Security Audit ProcessIt Security Audit Process
It Security Audit Process
 
ByteCode pentest report example
ByteCode pentest report exampleByteCode pentest report example
ByteCode pentest report example
 
Phi 235 social media security users guide presentation
Phi 235 social media security users guide presentationPhi 235 social media security users guide presentation
Phi 235 social media security users guide presentation
 
Information Security and the SDLC
Information Security and the SDLCInformation Security and the SDLC
Information Security and the SDLC
 
Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016
 
Cisco_eBook_ShiftLeftSecurity_2022_06_07a.pdf
Cisco_eBook_ShiftLeftSecurity_2022_06_07a.pdfCisco_eBook_ShiftLeftSecurity_2022_06_07a.pdf
Cisco_eBook_ShiftLeftSecurity_2022_06_07a.pdf
 
Backtrack manual Part1
Backtrack manual Part1Backtrack manual Part1
Backtrack manual Part1
 
Auditing-Cybersecurity in the enterprise
Auditing-Cybersecurity in the enterpriseAuditing-Cybersecurity in the enterprise
Auditing-Cybersecurity in the enterprise
 
Building a Product Security Practice in a DevOps World
Building a Product Security Practice in a DevOps WorldBuilding a Product Security Practice in a DevOps World
Building a Product Security Practice in a DevOps World
 
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
 
ISACA Cybersecurity Audit course brochure
ISACA Cybersecurity Audit course brochureISACA Cybersecurity Audit course brochure
ISACA Cybersecurity Audit course brochure
 
PACE-IT, Security+3.7: Overview of Security Assessment Tools
PACE-IT, Security+3.7: Overview of Security Assessment ToolsPACE-IT, Security+3.7: Overview of Security Assessment Tools
PACE-IT, Security+3.7: Overview of Security Assessment Tools
 
R1
R1R1
R1
 
Integrated Security for Software Development and Advanced Penetration Testing...
Integrated Security for Software Development and Advanced Penetration Testing...Integrated Security for Software Development and Advanced Penetration Testing...
Integrated Security for Software Development and Advanced Penetration Testing...
 
Many products-no-security (1)
Many products-no-security (1)Many products-no-security (1)
Many products-no-security (1)
 
Best Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docxBest Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docx
 
Domain 6 - Security Assessment and Testing
Domain 6 - Security Assessment and TestingDomain 6 - Security Assessment and Testing
Domain 6 - Security Assessment and Testing
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshop
 
10 KEYS TO EFFECTIVE NETWORK SECURITY
10 KEYS TO EFFECTIVE NETWORK SECURITY10 KEYS TO EFFECTIVE NETWORK SECURITY
10 KEYS TO EFFECTIVE NETWORK SECURITY
 

Recently uploaded

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 

Recently uploaded (20)

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 

The Security Vulnerability Assessment Process & Best Practices

  • 1. The Security Vulnerability Assessment Process, Best Practices & Challenges 1 Kellep A. Charles, CISA, CISSP www.SecurityOrb.com
  • 2. Agenda 2 About Me Topic Introduction The Process The Best Practices/Challenges Conclusion www.SecurityOrb.com
  • 3. About Me 3 Kellep Charles but you can call me K.C. Government contractor in the DC area Served as an adjunct professor Doctoral Student  Research area:  Human Computer Interaction-Security HCI-Sec  Honeypot & Artificial Neural Networks Operate SecurityOrb.com www.SecurityOrb.com
  • 4. Introduction 4 Security vulnerability assessments have become an imperative part of any organization’s computer and network security posture. Many organizations consist of:  Heterogeneous computing environments  Windows, Mac OS X, Linux/Unix  Multiple Applications  Distributed computing  Internet-enabled information access systems.  The need to understand the state of an organization’s overall information system is ever more important now. www.SecurityOrb.com
  • 5. Introduction 5 Best practices in information security acknowledge  a defensive only approach to securing an enterprise does not suffice  at times is considered inadequate. Frequently these defensive security devices such as firewalls and intrusion detection systems (IDS)  often not configured properly  not capable of locating all the vulnerabilities and threats on the network, especially at the node level. www.SecurityOrb.com
  • 6. Introduction 6 Performing regular security vulnerability assessment helps bridge that gap Allows an organization to take a proactive stance towards protecting their information computing environment. The bottom line objective is to safeguard the core intellectual and electronic assets of the organization, and to ensure compliance with appropriate regulations www.SecurityOrb.com
  • 7. Why Is It So Vital? 7 Most Systems are unpatched  Lazy, overworked or misinformed system administrators Most compromises are from unpatched systems with patches or work around available Some systems cannot be patched (allow for alternate defense) Proactive and offensive posture towards security Compliance www.SecurityOrb.com
  • 8. Assessment Levels 8  Basic Security Assessment - The objective for this assessment is to give the responsible party a basic understanding of the security of the business as a whole in three key areas: Administrative, Physical and Technical Safeguards. It is meant to point out possible areas of weakness with a walk through of the facility and a Q&A session. It is not an in-depth study, rather, a basic first step in protecting information.  In-depth Security Assessment - This is a comprehensive study of the security of your business. We will analyze all policies and procedures, router access lists, Firewall configurations and policies, PC and server configurations, complete Website review, complete mail server review. We will then present the client with a written report of our findings. This type of assessment will give you a thorough understanding of how your company measures up to "Industry Best Practices". www.SecurityOrb.com
  • 9. Assessment Levels 9 External Vulnerability Testing - We will test your network from the outside from a "hacker's point-of-view". We will use the same tools criminals use to try and compromise your network and servers. Internal Vulnerability Testing - These are the same tools used in the External test. This type of assessment is essential in understanding how and why hackers, viruses and worms spread so quickly through an organization. www.SecurityOrb.com
  • 10. Assessment Process 10  To effectively conduct a security assessment so it is beneficial to an organization  a proven methodology must be followed so the assessors and assesses are on the same page.  Using a proven security assessment methodology supplies a blueprint of events from start-to-finish that can be examined, tracked and replicated.  Reports that are constructed from the security assessments are used to provide a snap shot view of information system deficiencies for short-term analysis as well as trending data for long-term evaluation  Allowing the organization to understand their vulnerabilities so they can better protect themselves from current and future threats. www.SecurityOrb.com
  • 11. Security Assessment Process 11 The process includes the following 6 phases  Pre Security Assessment Process  Security Assessment In-Brief  Security Assessment Field Work  Security Assessment Report Analysis & Preparation  Security Assessment Out-Brief  Post Security Assessment Process www.SecurityOrb.com
  • 12. Security Assessment Process 12 Pre-Security Assessment Process  The pre-security assessment process entails one of the most important aspects of conducting a security assessment. Obtaining an engagement letter grants the assessment team the authority to commence with the formal processes of creating documentation to support the security assessment, permission for the onsite visit and the overall authority to conduct the security assessment. www.SecurityOrb.com
  • 13. Security Assessment Process 13 Security Assessment In-Brief  Once the team has arrived at the assessment location, a security assessment in-brief is required. In the in-brief, both the security assessment team and the organizational staff members will introduce themselves and the roles they will have during the security assessment process. www.SecurityOrb.com
  • 14. Security Assessment Process 14 Security Assessment Field Work (Scanning, Interview, Walk-Thru and Doc Review)  Once the in brief has been review, discussed, completed and agreed upon, the security assessment fieldwork can commence. The security assessment field-work process consist of conducting vulnerability scans, facility walkthrough, manual system checks, staff interview and various document reviews. www.SecurityOrb.com
  • 15. Security Assessment Process 15 Security Assessment Report Analysis & Preparation  Towards the end of the security assessment, once all of the security assessment fieldwork has been completed, the security assessment team will review and process the information in preparation of the final report. During this phase, the security assessment team will address any false positive, document any variances and findings that will be included in the final report. www.SecurityOrb.com
  • 16. Security Assessment Process 16 Security Assessment Report Analysis & Preparation www.SecurityOrb.com
  • 17. Security Assessment Process 17  Security Assessment Report Analysis & Preparation www.SecurityOrb.com
  • 18. Security Assessment Process 18 Security Assessment Out-Brief  The security assessment team will provide recommendations as well.  Contact information will be on the out-brief.  This process should be interactive were questions are taken through out the security assessment out-brief.  At the end of the security assessment out-brief, both parties will have to sign the pages of the out-brief and discuss what will be occurring in the post security assessment process. www.SecurityOrb.com
  • 19. Security Assessment Process 19 Security Assessment Out-Brief  The security assessment team will provide recommendations as well.  Contact information will be on the out-brief.  This process should be interactive were questions are taken through out the security assessment out-brief.  At the end of the security assessment out-brief, both parties will have to sign the pages of the out-brief and discuss what will be occurring in the post security assessment process. www.SecurityOrb.com
  • 20. Security Assessment Process 20 Post Security Assessment Process  The post security assessment process is where the security assessment team securely files all documentation and electronic data pertaining to the organization in which the security assessment was conducted on.  In addition, a team meeting with all members of the assessment team should be conducted to review and lessons learned to add any improvements or deficiencies to the process. www.SecurityOrb.com
  • 21. Vulnerability Assessment, Penetration Test & Security Audit 21  A vulnerability assessment is a practice used to identify all potential vulnerabilities that could be exploited in an environment.  The assessment can be used to evaluate physical security, personnel (testing through social engineering and such), or system and network security.  While a vulnerability assessment's goal is to identify all vulnerabilities in an environment, a penetration test has the goal of "breaking into the network."  only needs to exploit one or two vulnerabilities to actually penetrate the environment.  Penetration testing is also referred to as ethical hacking  A security audit is basically someone going around with a criteria checklist of things that should be done or in place to ensure that the company is in compliance with its security policy, regulations and legal responsibilities. www.SecurityOrb.com
  • 22. Credential Scans vs Un-credential Scans 22 Credentialed scanning allows for a much more accurate and thorough picture of the system.  Mechanic and doctor example Part of vulnerability scanning is to identify missing patches that leave a machine open to compromise.  Test of a Windows 7 system  The results speak for themselves: first scan without credentials, then with credentials – What do you think you will see? www.SecurityOrb.com
  • 23. Credential Scans vs Un-credential Scans 23  Test of a Windows 7 system  The results speak for themselves: without credentials, the scan identified highs=0; meds=0; lows=1. With credentials: highs=7; meds=8; lows=5  Guess which one is more accurate. www.SecurityOrb.com
  • 24. Credential Scans vs Un-credential Scans 24 www.SecurityOrb.com
  • 25. Credential Scans vs. Un-credential Scans 25 www.SecurityOrb.com
  • 26. System Hardening 26  Center for Internet Security (CIS) Benchmarks  provides standards and metrics that dramatically raise the level of security to ensure the integrity of the public and private Internet-based functions on which society increasingly depends.  Federal Desktop Core Configuration (FDCC)  A list of security settings recommended by the National Institute of Standards and Technology for general-purpose microcomputers that are connected directly to the network of a United States government agency.  Security Technical Implementation Guide (STIG)  DISA’s methodology for standardized secure installation and maintenance of computer software and hardware.  Security Content Automation Protocol (SCAP)  a method for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation (e.g., FISMA compliance). The National Vulnerability Database (NVD) is the U.S. government content repository for SCAP.  Some items may have to be changed to obtain credential scans www.SecurityOrb.com
  • 27. Vulnerability Management 27  The repeated practice of identifying, classifying, remediating, and mitigating  Prioritize  Mitigate Vulnerabilities - Ultimately, the root causes of vulnerabilities must be addressed. This is often done via patching vulnerable services, changing vulnerable configurations or making application updates to remove vulnerable code.  Maintain and Monitor - Organizations' computing environments are dynamic and evolve over time, vulnerability management is an ongoing process rather than a point-in-time event. www.SecurityOrb.com
  • 28. Compliance 28  Regulatory Bodies www.SecurityOrb.com
  • 29. Other Things to Consider 29 Virtualization Cloud Computing Politics Reoccurring Scans Distributed Scanning Patch Management Penetration Testing www.SecurityOrb.com
  • 30. What Vulnerability Scanning Can’t Do 30 Find Zero-Days and malware Eliminates the most obvious and known security threats. Can’t Patch Determine the difference between False Positive/Negative www.SecurityOrb.com
  • 31. Conclusion The art of defending an organizational network takes many approaches to be done successfully. No one control can assure that the network is safe. Firewalls are great for prevention, IDS offer the ability for detection, Security Awareness briefing provides for user knowledge and Security Assessments assist with a proactive posture towards security. It also helps prove you've done "due diligence" in performing basic system patches and fixing the well- known problems in case a security breach causes financial, legal or regulatory problems.
  • 32. 32 Thank You… @kellepc @securityorb www.SecurityOrb.com