Network Vulnerability Assessment: Key Decision Points

50 %
50 %
Information about Network Vulnerability Assessment: Key Decision Points
Technology

Published on July 7, 2009

Author: PivotPointSecurity

Source: slideshare.net

Description

The ins and outs of network vulnerability assessments. A veritable how-to-use this valuable tool in the information security arsenal.

Maximum Assurance: Key Decision Points for Network Vulnerability Assessments from the Maximum Assurance Series Pivot Point Security Hamilton Square, NJ

The Maximum Assurance presentations are intended to provide guidance to organizations seeking information assurance by clearly defining Security Assessment activities and their critical decision points Terms Used to Communicate Activities Methodology (actions/steps/rationale) Scope (matching activity to objective) Key Decision Points Value Proposition (Assurance level) Objective Master Assurance Series Pivot Point Security - Balancing Security, Building Trust

NETWORK VULNERABILITY ASSESSMENT (NVA) Quick Overview Master Assurance Series Pivot Point Security - Balancing Security, Building Trust

What IsNetwork Vulnerability Assessment (NVA) Systematic examination of network attached devices (e.g., computer, router) to identify vulnerabilities (weaknesses) in design/configuration that can result in a negative impact Vulnerabilities generally result from default configurations, configuration errors, security holes in applications, and missing patches NVAs are conducted by a network scanner (a purpose built computer) and generally include very little human involvement NVAs provide significant value for both public and private networks/systems NVAs are a good way to rapidly assess your security posture and the efficacy of your vulnerability management program (e.g., patch/configuration management) NVAs can be stand-alone and/or the first step in a Penetration Test Be cautious NVAs can (Do!) generate false positives NVAs run with default settings can often miss critical vulnerabilities NVAs can provide a staggeringly large amount of information in a moderate or larger environment Master Assurance Series Pivot Point Security - Balancing Security, Building Trust

Discrete Components of an NVA An NVA actually incorporates a number of discrete steps: Scoping - What are our objectives? Which network segments? What is an appropriate sampling? Discovery - What devices are out there? How will we go about discovering them? Port Scanning - What ports will be scanned? What “ports” are “open”? Vulnerability Detection - For each service discovered on a port, are there problems with the configuration or version that indicate a vulnerability? Advanced Techniques - What advanced techniques (e.g., Credentialed/Content/Passive Scanning) should we leverage? Reporting – Communicating the results of the NVA, preferably in a manner that is readily understood by management and technical resources, easily interpreted, and actionable Master Assurance Series Pivot Point Security - Balancing Security, Building Trust

For NETWORK VULNERABILITY ASSESSMENT (NVA) Key Decision Points Master Assurance Series Pivot Point Security - Balancing Security, Building Trust

Key Decision Points: SCOPING SCOPING & RIGOR … should be aligned with the assessment objectives and proportional to the risk being measured Choose subnets and system coverage to provide desired assuranceFor audit & compliance there is a significant benefit to representative sampling across system types, function, and location to reduce data overloadLeverage the information gained in the statistical sampling across the entire environment during the mitigation phaseIf warranted, post mitigation run a secondary “confirmatory” scan across a different or wider sampling to confirm the efficacy of the mitigation efforts and provide a higher level of assuranceMaster Assurance Series Pivot Point Security - Balancing Security, Building Trust

Choose subnets and system coverage to provide desired assurance

For audit & compliance there is a significant benefit to representative sampling across system types, function, and location to reduce data overload

Leverage the information gained in the statistical sampling across the entire environment during the mitigation phase

If warranted, post mitigation run a secondary “confirmatory” scan across a different or wider sampling to confirm the efficacy of the mitigation efforts and provide a higher level of assurance

Key Decision Points: OBJECTIVES Vulnerability Assessments are also a good way to gauge the effectiveness of an organization’s Incident Detection and Incident Response Programs or Intrusion Prevention systems Master Assurance Series Pivot Point Security - Balancing Security, Building Trust

Key Decision Points: THE DISCOVERY PHASE Black/Grey/White Hat: Black Hat is worthwhile if you are trying to validate the effectiveness of obfuscation efforts (or if you are looking to assess Incident Response) Else … there are significant benefits to White Hat (full disclosure) It is less time consuming/expensive It results in fewer false positives Master Assurance Series Pivot Point Security - Balancing Security, Building Trust

Key Decision Points: PORT SCANNING Ports are “addresses” that different services (applications) listen (process input) on By default, many Vulnerability Scans will only be run on those ports that are commonly used or assigned ports (0 thru 1024) This approach saves time but will miss vulnerabilities on high numbered ports (1024 to 65535), possibly missing malware or back-doors By default, many Vulnerability Scans will only be run on TCP ports This approach saves time but will miss vulnerabilities for any UDP services (e.g., DNS) If you run a high risk environment, will be scanning through a firewall, or are testing your incident response – you may want to incorporate more advanced port scanning methods (e.g., TCP FIN scans) to maximize the level of assurance that you achieve from your testing Master Assurance Series Pivot Point Security - Balancing Security, Building Trust

Key Decision Points: VULNERABILITY DETECTION Operating Systems and applications/versions are inferred by the answers the host gives to the scanner By default, most scanners attempt to optimize the scan to run as quickly as possible The optimizations can potentially reduce assurance as the scanner may make erroneous assumptions based on the presented host data Generally, running in a “Paranoid mode” increases time, accuracy, and assurance for an NVA Vulnerability scanners are only as good as the library of OS, application, and vulnerability signatures it is loaded with Use a well regarded scanner and ensure that it is updated immediately before the scan takes place Some vulnerability checks have a higher probability of negatively impacting systems so defining if these checks should be run is critical Master Assurance Series Pivot Point Security - Balancing Security, Building Trust

Key Decision Points: ADVANCED TECHNIQUES Key new capabilities introduced in ‘08 & ‘09 Credentialed Scans Content Scans Passive Scans Master Assurance Series Pivot Point Security - Balancing Security, Building Trust

Key Decision Points: CREDENTIALED SCANNING Much more accurate as the application & version can be exactly determined Much greater “depth” (patch history, system logging settings, full password settings) Benchmark compliance against a standard (e.g., CIS, PCI, or corporate) Greater time/cost to run generally offset by the reduction in false positives and simplified remediation Credentialed Scans run with Administrative level privilege Master Assurance Series Pivot Point Security - Balancing Security, Building Trust

Key Decision Points: CONTENT SCANNING Credentialed scans can be extended to look at the “content” on systems Does the machine contain? Credit Card Data, Pornography, Medical Records, Social Security Numbers, Customer Records, Intellectual Property Benchmark compliance against relevant standards HIPAA, PCI, Sarbanes Oxley, Identify Theft Regulations Greater time/cost to run generally offset by risk reduction and simplified compliance reporting Master Assurance Series Pivot Point Security - Balancing Security, Building Trust

Key Decision Points: PassiveScanning Standard NVAs are “active” in that they are based on inquiry and response NVAs can crash services or systemsIn “mission critical” environments (e.g., a power plant or bank trading floor) this risk may not be acceptablePassive Scanning just “sniffs” already existing traffic Provides assurance in an environment without any risk of disrupting serviceOnly identifies vulnerabilities for services that are actively communicatingGreater time/cost to run generally offset by gathering assurance where it was previously not feasible Master Assurance Series Pivot Point Security - Balancing Security, Building Trust

NVAs can crash services or systems

In “mission critical” environments (e.g., a power plant or bank trading floor) this risk may not be acceptable

Provides assurance in an environment without any risk of disrupting service

Only identifies vulnerabilities for services that are actively communicating

Greater time/cost to run generally offset by gathering assurance where it was previously not feasible

Summary: Network Vulnerability Assessments Key is ensuring that it is the right tool to meet your objectives, scoped appropriately & optimallyconfigured Critical Tool in the Security Assessment Arsenal Where compliance (or risk) is critical, leverage credentialed and contentscans for a higher level of assurance Intelligent sampling and confirmatory re-scans can save significant time and money Master Assurance Series Pivot Point Security - Balancing Security, Building Trust

For a copy of this presentation please send an email to maxassure@PivotPointSecurity.com or call us at (609) 581-4600 ext. 300 THANK YOU FOR YOUR TIME … Master Assurance Series Pivot Point Security - Balancing Security, Building Trust

Add a comment

Related presentations

Presentación que realice en el Evento Nacional de Gobierno Abierto, realizado los ...

In this presentation we will describe our experience developing with a highly dyna...

Presentation to the LITA Forum 7th November 2014 Albuquerque, NM

Un recorrido por los cambios que nos generará el wearabletech en el futuro

Um paralelo entre as novidades & mercado em Wearable Computing e Tecnologias Assis...

Microsoft finally joins the smartwatch and fitness tracker game by introducing the...

Related pages

Key Decision Points For Network Vulnerability Assessments ...

Learn the advantages of properly scoping and optimizing a Network Vulnerability Assessment - and the power of this tool in your informtation security arsen
Read more

Network Vulnerability Assessment from the Maximum ...

Network Vulnerability Assessment: Key Decision Points. Learn the advantages of properly scoping and optimizing a Network VA - and the power of ...
Read more

AN OVERVIEW OF VULNERABILITY ANALYSIS AND MAPPING (VAM)

VULNERABILITY ANALYSIS AND MAPPING (VAM) ... intended to inform decision-making at key points within the WFP country ... vulnerability assessment.
Read more

Ethical Hacking - Vulnerability Management | NetWorks Group

Vulnerability Management Vulnerability Management That Works for You ... and learn where pain points can be ... Vulnerability Assessment .
Read more

Security Vulnerability Assessment Services from Hitachi ...

Title: Security Vulnerability Assessment Services from Hitachi Data Systems Author: Hitachi Data Systems Subject: Protect your organization against ...
Read more

Spire Solutions » Vulnerability Assessment

Vulnerability Assessment; ... via your wireless networks. The key to ... to ensure your network’s weak points are thoroughly and completely ...
Read more

Academia.edu | Documents in Network Vulnerability ...

Network Vulnerability. ... Grid systems Vulnerability assessment. 2. ... lessons of broken communication from key decision makers and the effectiveness of ...
Read more

A wireless network vulnerability assessment checklist

A wireless network vulnerability assessment checklist. by ... For each discovered 802.11 access point, document: ... If the AP is using a PreShared Key ...
Read more

Vulnerability Assessment and Global Change Monitoring: The ...

Vulnerability Assessment and Global Change ... the starting point for a vulnerability assessment. ... relative assessments are more useful for decision
Read more