Presentation is loading. Please wait.

Presentation is loading. Please wait.

HO20110473 1 © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.

Published byLorena Sharp Modified over 8 years ago

Similar presentations

Presentation on theme: "HO20110473 1 © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil."— Presentation transcript:

1 HO20110473 1 © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil Cirulli Prepared: April 14 th, 2014

2 HO20110473 2 © 2012 Fluor. All rights reserved. Agenda  The Need for Vulnerability Management  Clarifications on Vulnerability Management  SANS’ Top 20 Critical Controls  Master the Basics  Perform a Self Audit  Continuous Scanning & Remediation  Leverage Vulnerability Data in Incident Response  Metrics That Count  Secure Your ISP

3 HO20110473 3 © 2012 Fluor. All rights reserved. About Michael Holcomb  25+ years in Information Technology  15+ years dedicated to Information Security  Sr. Information Security Manager at Fluor  President of Upstate SC ISSA Chapter  CISSP, GCIH, GCIA, etc.

4 HO20110473 4 © 2012 Fluor. All rights reserved. The Need for Vulnerability Management  The quicker we stop an attacker, the less it costs the business  An attacker today will gain access to your resources and they are on your network now  Proper vulnerability management reduces the attack vectors an attacker can exploit for spreading control through the environment  Gives intrusion detection capabilities times to detect intruder and response to eject from network

5 HO20110473 5 © 2012 Fluor. All rights reserved. Clarifications on Vulnerability Management  Vulnerability assessments and vulnerability management are two different things  Vulnerability assessments and penetration testing are two different things  Soft skills are more important than technical skills in vulnerability management  Successful vulnerability management is required to help secure an environment; successful vulnerability scans help ensure compliance

6 HO20110473 6 © 2012 Fluor. All rights reserved. SANS’ Top 20 Critical Controls 1.Inventory of Authorized and Unauthorized Devices 2.Inventory of Authorized and Unauthorized Software 3.Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers 4.Continuous Vulnerability Assessment and Remediation 5.Malware Defenses 6.Application Software Security 7.Wireless Access Control 8.Data Recovery Capability 9.Security Skills Assessment and Appropriate Training to Fill Gaps 10.Secure Configurations for Network Devices such as Firewalls, Routers, and Switches 11.Limitation and Control of Network Ports, Protocols, and Services 12.Controlled Use of Administrative Privileges 13.Boundary Defense 14.Maintenance, Monitoring, and Analysis of Audit Logs 15.Controlled Access Based on the Need to Know 16.Account Monitoring and Control 17.Data Protection 18.Incident Response and Management 19.Secure Network Engineering 20.Penetration Tests and Red Team Exercises

7 HO20110473 7 © 2012 Fluor. All rights reserved. Master the Basics

8 HO20110473 8 © 2012 Fluor. All rights reserved. Perform a Self Audit  If you have no Vulnerability Management Program in place today, perform a self audit to discover what vulnerabilities you do have.  Before engaging an outside party to conduct a vulnerability assessment or penetration testing exercise, remediate as many issues as possible.

9 HO20110473 9 © 2012 Fluor. All rights reserved. Continuous Scanning & Remediation  Determine scanning schedule and “window threshold” based on your organization’s requirements –If a new vulnerability is introduced into your environment, how long would it take you to discover and understand the vulnerability?  Compliance requirements, rather than the quest for security, often drive scanning schedules  SEIM solutions now integrating vulnerability scanning management capabilities with host detection capabilities

10 HO20110473 10 © 2012 Fluor. All rights reserved. Leverage Vulnerability Data in Incident Response  Correlate most current vulnerability data to focus intrusion detection response efforts –Identify alerts that can be closed due to inapplicability –Escalate alerts for response based on actual risk for an attack against a specific existing vulnerability

11 HO20110473 11 © 2012 Fluor. All rights reserved. Metrics That Count  Metrics can be used to communicate to technical and non-technical parties the risks associated with existing vulnerabilities within the environment  Such metrics should measure items which can be controlled by the organization –Number of vulnerabilities by risk Critical, High, Medium/Severe, Low –Average risk (CVSS) score –Remediation time –False remediation

12 HO20110473 12 © 2012 Fluor. All rights reserved. Metrics That Count (cont.)  Sample metrics can be simple, but meaningful  Examples below* demonstrate that while, limited progress is being made for remediating “backlog” of vulnerabilities, processes for addressing new vulnerabilities and patch releases are highly successful

13 HO20110473 13 © 2012 Fluor. All rights reserved. Thank You!  If you have any questions, please don’t hesitate to contact me –Email: michael.holcomb@fluor.com –Phone: 864.281.5958

Download ppt "HO20110473 1 © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil."

Similar presentations

Presented by Nikita Shah 5th IT ( )

Presented by Nikita Shah 5th IT ( )
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Security Controls – What Works

Security Controls – What Works
Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.

Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Controls for Information Security

Controls for Information Security
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer
VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.

VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 Steve Katz, CISSP Security.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter,

Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter,
Audit – Proof Information System Security Controls Wednesday, August 18, 2010 John R. Robles Tel: 787-647-3961.

Audit – Proof Information System Security Controls Wednesday, August 18, 2010 John R. Robles Tel:
Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.

Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Security Management prepared by Dean Hipwell, CISSP

Security Management prepared by Dean Hipwell, CISSP

Similar presentations

Ads by Google