Presentation is loading. Please wait.

Presentation is loading. Please wait.

Risk (Vulnerability) Assessment & Penetration Test Approach 1VA PT Approach Confidential.

Published byMatilda Owen Modified over 8 years ago

Similar presentations

Presentation on theme: "Risk (Vulnerability) Assessment & Penetration Test Approach 1VA PT Approach Confidential."— Presentation transcript:

1 Risk (Vulnerability) Assessment & Penetration Test Approach 1VA PT Approach Confidential

2 Content About Docutek The real Difference — We Take Your Security Personally Our mission is to deliver the most comprehensive, accurate, and thorough information security assessments in the industry. We focus exclusively on what we do best — penetration testing and IT security and vulnerability assessments. 2VA PT Approach Confidential

3 We are certified to do our job! VA PT Approach Confidential3 Certified Penetration Tester CPT Metasploit Penetration Tester Pro HP TippingPoint HP ExpertOne – Cloud Architect HP AppPulse OpenEMR CompTIA Health IT Security + LPT, ENSA, SCUS CEH Certified Ethical Hacker

4 Content Table of Content 1.Introduction 2.The need for VA - PT 3.What is VA - PT 4.Typical Approaches 5.Methodology 6.Challenges 4VA PT Approach Confidential

5 Content Introduction 5VA PT Approach Confidential Introduction

6 6VA PT Approach Confidential

7 7

8 8

9 Before you start Business Associate – Compliance BA Risk Analysis – Always Insurance – Just in case (CyberEdge AIG) Contract – Peace of mind Alliances – Do not go in alone VA PT Approach Confidential9

10 To improve information security awareness To assess risk To mitigate risk immediately To reinforce the information security process To assist in decision making processes To Validate that current security mechanisms are working Compliance to various security standards and regulations such as ISO 27001, IT ACT 2000, SOX, HIPAA, PCI, etc VA PT Approach Confidential10 Need for VA – PT Highest Security Risk

11 VA PT Approach Confidential11 Hospitals and Medical Devices Found Prone To Hacking Due To Network Security Flaw Thousands of healthcare organizations around the world, along with the medical devices and equipment that connect to their systems, are leaving themselves open to cyber attacks because of a crucial mis-configuration of a network security protocol.

12 What is VA – PT ? A form of Stress testing, which exposes weaknesses or flaws in a computer system Art of finding an Open door A valued Assurance Assessment tool PT can be used to find Flaws in – Specifications, Architecture, Implementation, Software, Hardware, And many more……………… Vulnerability assessment is the process of identifying and quantifying vulnerabilities in a system. A vulnerability assessment is what most companies generally do, as the systems they are testing are live production systems and can’t afford to be disrupted by active exploits which might crash the system. VA PT Approach Confidential12

13 Typical Approach Typical Approach – It is also know as “complete knowledge” testing WHITEBOX Testing BLACKBOX Testing VA PT Approach Confidential13

14 WHITEBOX Testing It is also known as “complete knowledge” testing Testers are given full information about the target system they are supposed to attack Information TESTING includes: Technology overviews Data flow & Network diagrams Code snippets Benefits: Reveals more vulnerabilities and may be faster Compared to replicate an attack from a criminal hacker that knows the company infrastructure very well This hacker may be an employee of the company itself, doing an internal attack VA PT Approach Confidential14

15 BLACKBOX Testing The tester simulates an inside Employee. The tester is given an account on the internal network and standard access to the network. This test assesses internal threats from employees within the Company. The relative merits of all these approaches are debatable. In most cases it is preferable to assume a worst-case scenario and provide the testers with as much information as they require, assuming that any determined attacker would already have acquired this. VA PT Approach Confidential15

16 Penetration Process Cycle - PPC VA PT Approach Confidential16

17 Methodology 1.Scope / Goal Definition 2.Information Gathering 3.Information Analysis & Planning 4.Vulnerability Detection 5.Attack & Penetration / Privilege Escalation 6.Result Analysis & Reporting 7.Clean Up VA PT Approach Confidential17

18 VA PT Approach Confidential18

19 1. Scope/Goal Definition Which attacker profile the tester will use Hacker with no knowledge about the target Hacker with knowledge about the target Internet user with access Which System or network the test will be conducted Duration of Test VA PT Approach Confidential19

20 VA PT Approach Confidential20

21 2. Information Gathering Information about the Target Who is: ARIN ; RIPE ; APNIC Google: General Information; Financial, Phone Book, Google Hacking Databases; Web Searching DNS Retrieval, SOA Record, MX Records, NS Records, A Records etc. Tools / Websites: Cheops-ng, Sam Spade, www.dnstuff.com Social Engineering Dumpster Diving Web Site Copy VA PT Approach Confidential21

22 VA PT Approach Confidential22

23 3. Vulnerability Detection Manual Detection Manually probe the target host from common mis- configuration or flaws because a vulnerability scanner can fail to identify certain vulnerabilities. Ex: Database configuration etc…. – Open TCP Ports – Closed TCP Ports – Open UDP Ports – Closed UDP Ports – Service Probing VA PT Approach Confidential23

24 VA PT Approach Confidential24

25 4. Information Analysis & Planning – Collating the information gathered in previous stages. – Preparation of High level attack planning. Overall Approach Target identification VA PT Approach Confidential25

26 VA PT Approach Confidential26

27 5. Penetration & Privilege Escalation HAS Two Sub Stages Attack & Penetration – Known / available exploit selection – Tester acquires publicly available s/w for exploiting. – Exploit customization – Customize exploits s/w program to work as desired. – Exploit development – Develop own exploit if no exploit program available – Exploit testing – Exploit must be tested before formal Test to avoid damage. – Attack – Use of exploit to gain unauthorized access to target. VA PT Approach Confidential27

28 VA PT Approach Confidential28

29 Penetration & Privilege Escalation Privilege Escalation – What can be done with acquired access / privileges Alter Damage What not VA PT Approach Confidential29

30 VA PT Approach Confidential30

31 6. Result Analysis & Reporting Organize Data/related results for Management Reporting Consolidation of Information gathered Analysis and Extraction of General conclusions Recommendations VA PT Approach Confidential31

32 VA PT Approach Confidential32

33 7. Cleanup – Cleaning of all that has been done during the testing Any System alterations Exploits VA PT Approach Confidential33

34 Challenges Quality & Experience of Pen Testers Quality & Effectiveness of Tools Usage of Globally Accepted Methodology such as OSSTMM, OWASP etc Ensuring all the findings are reported to the Management Follow stringent program to Fix Vulnerabilities Conduct Periodic Testing VA PT Approach Confidential34

35 VA PT Approach Confidential35 DOCUTEK 7000 N Plaza Austin, TX 78753 USA www.docutekservices.com osanchez@docutekservices.com 787.407.9074

Download ppt "Risk (Vulnerability) Assessment & Penetration Test Approach 1VA PT Approach Confidential."

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

ETHICAL HACKING A LICENCE TO HACK
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Penetration Testing Anand Sudula, CISA,CISSP SSA Global Technologies, India Anand Sudula, CISA,CISSP SSA Global Technologies, India.

Penetration Testing Anand Sudula, CISA,CISSP SSA Global Technologies, India Anand Sudula, CISA,CISSP SSA Global Technologies, India.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Hands-On Ethical Hacking and Network Defense

Hands-On Ethical Hacking and Network Defense
Security Controls – What Works

Security Controls – What Works
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS 4600 - © Abdou Illia.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.

Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Network Vulnerability Scanning Xiaozhen Xue Dept. of Computer Science Texas Tech University, USA Akbar Siami Namin Dept. of Computer.

Network Vulnerability Scanning Xiaozhen Xue Dept. of Computer Science Texas Tech University, USA Akbar Siami Namin Dept. of Computer.
SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.

SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Network security policy: best practices

Network security policy: best practices
Penetration Testing Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802

Penetration Testing Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
Sam Cook April 18, 2013. Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.

Sam Cook April 18, Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Performing a Penetration Test.  Penetration Tester  Attempts to reveal potential consequences of a real attack  Security Audit / Vulnerability Assessment.

Performing a Penetration Test.  Penetration Tester  Attempts to reveal potential consequences of a real attack  Security Audit / Vulnerability Assessment.
 Jonathan Trull, Deputy State Auditor, Colorado Office of the State Auditor  Travis Schack, Colorado’s Information Security Officer  Chris Ingram,

 Jonathan Trull, Deputy State Auditor, Colorado Office of the State Auditor  Travis Schack, Colorado’s Information Security Officer  Chris Ingram,
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.

Similar presentations

Ads by Google