Presentation is loading. Please wait.

Presentation is loading. Please wait.

14,698 High & Critical Vulnerabilities since 2005 Source: CVE Details

Published byAllan Tyler Modified over 8 years ago

Similar presentations

Presentation on theme: "14,698 High & Critical Vulnerabilities since 2005 Source: CVE Details"— Presentation transcript:

1 14,698 High & Critical Vulnerabilities since 2005 Source: CVE Details http://www.cvedetails.com/cvss-score-graphics.php?fromform=1&vendor_id=&product_id=&startdate=2005-01-01&enddate=2010-07-01

2 Testability Gap

3 Testing “Defense in Depth” Windows Clients Data Center Apps Oracle, EMC, Veritas, HP, Microsoft Microsoft (Windows, IE, Office), Adobe, Mozilla, etc. Firewall & Network IPS Gap Analysis Protected & Exposed Vulnerabilities HIPS, AV, etc. NSS Labs - Live Test™ Framework Attacks

4 Network Intrusion Prevention (IPS) Varies widely IPS products have significant gaps in coverage Default configs not sufficient  Tune Product Block Rate: Default vs. Tuned Policies Source: Q4 2009 NIPS Test, n=1159

5 Host Intrusion Prevention (HIPS) varies widely Attackers will try multiple exploits and variants Quality of signatures matters Source: Q2 2010 EPP HIPS Test, n = 123

6 Evasion: Every AV product can be circumvented Hundreds of options, thousands of combinations Old attacks can be made new again VendorHTML ObfuscasionPayload EncodingFile CompressionExe Compressors A43%40%80%40% B100%40%80%100% C 40%80% D100%80% E100%60% 80% F43%20%80%40% G43%40%60%40% H57%60%80% I100%40%60% J100% 60%80%

7 What’s Needed… “Gloves off” Security Testing –If you’re not testing like the bad guys, what’s the point. Real-world malware & phishing tests Vulnerability-focused exploit testing & protection Stopping variants Properly handling evasion techniques Good default, recommended and tuned policies

Download ppt "14,698 High & Critical Vulnerabilities since 2005 Source: CVE Details"

Similar presentations

Security Update Server Registration, Active scanning and Windows patching.

Security Update Server Registration, Active scanning and Windows patching.
Insertion, Evasion and Denial of Service: Eluding Network Intrusion Detection ------------------------------------------------ Aaron Beach Spring 2004.

Insertion, Evasion and Denial of Service: Eluding Network Intrusion Detection Aaron Beach Spring 2004.
1© Copyright 2011 EMC Corporation. All rights reserved. Advanced Persistent Threat Sachin Deshmanya & Srinivas Matta.

1© Copyright 2011 EMC Corporation. All rights reserved. Advanced Persistent Threat Sachin Deshmanya & Srinivas Matta.
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.

NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
ForeScout Technologies Ayelet Steinitz, Product Manager April, 2003.

ForeScout Technologies Ayelet Steinitz, Product Manager April, 2003.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Presented by Justin Bode CS 450 – Computer Security February 17, 2010.

Presented by Justin Bode CS 450 – Computer Security February 17, 2010.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: 509-359-6908 Office.

CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.
Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.

Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.
Department Of Computer Engineering

Department Of Computer Engineering
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,

Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,
PROS & CONS of Proxy Firewall

PROS & CONS of Proxy Firewall
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.
PBA. Observations  Growth, projects, busy-ness –Doing an incredible amount of work  Great Quality of work  Concern about being perfect  Attitudes.

PBA. Observations  Growth, projects, busy-ness –Doing an incredible amount of work  Great Quality of work  Concern about being perfect  Attitudes.
©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.

©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.
MSIT 458 – The Chinchillas. Offense Overview Botnet taxonomies need to be updated constantly in order to remain “complete” and are only as good as their.

MSIT 458 – The Chinchillas. Offense Overview Botnet taxonomies need to be updated constantly in order to remain “complete” and are only as good as their.
1 GFI LANguard N.S.S VS NeWT Security Scanner Presented by:Li,Guorui.

1 GFI LANguard N.S.S VS NeWT Security Scanner Presented by:Li,Guorui.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Similar presentations

Ads by Google