SCAP: Automating Our Way Out Of The Vulnerability Wheel Of Pain AppSec DC 11.13.2009 Ed Bellis VP, CISO Orbitz Worldwide

Slides:



Advertisements
Similar presentations
Tony Rutkowski Yaana Technologies Georgia Tech Q.4/17 Rapporteur
Advertisements

Business Development Suit Presented by Thomas Mathews.
SupportCenter Plus Product Overview. Overview 1.What is SupportCenter Plus (SCP) 2.Benefits of SCP 3.Licensing & Pricing 4.Questions.
1 Remediation Workflow Automated Scan Reports Patch Report Remediation Policies Remediation Tickets API Custom Report Templates.
September 2, 2013 VM Evolution via API Parag Baxi, Technical Account Manager.
MIDAS is a complete web based scheduling solution for managing your facility’s bookings and resources. MIDAS is a complete web based scheduling solution.
Dan Stolts Chief Technology Strategist Microsoft Corporation Blog: Managing and Monitoring Critical Infrastructure.
Federal Desktop Core Configuration and the Security Content Automation Protocol Peter Mell, National Vulnerability Database National Institute of Standards.
HP Quality Center Overview.
© 2012 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Cisco SocialMiner: Developer Network Forum 2.
Paul Green –President and Founder of G2, Inc –We are trusted security advisors to the Federal Government and Fortune 500. –We are recognized as having.
Cyber Security: Past and Future John M. Gilligan CERT’s 20 th Anniversary Technical Symposium Pittsburgh, PA March 10, 2009.
S5-1 © 2001 Carnegie Mellon University OCTAVE SM Process 5 Identify Key Components Software Engineering Institute Carnegie Mellon University Pittsburgh,
Nu Project Management Office A web based tool to Manage Projects.
Vulnerability and Configuration Management Best Practices for State and Local Governments Jonathan Trull, CISO, Qualys, Inc.
Information System Continuous Monitoring (ISCM)
8/9/2015 1:47 AM SurveyCentralOverview.ppt CSC ©Copyright 2012 Online Survey Application: CSC Survey Central System Overview November 26, 2012 Supported.
Analyzing your OPC Data Introduction to OPCReport.NET Nathan Pocock Chief Architect & Developer Direct Line: +1 (704)
Reducing the Cost and Complexity of Server Management with Microsoft Operations Manager.
Overview of Change Management ClearQuest Overview for CORUG January, 2008.
© 2011 The MITRE Corporation. All rights Reserved. Approved for Public Release: Distribution Unlimited You’re Not Done (Yet) Turning Securable.
© 2009 IBM Corporation Delivering Quality Service with IBM Service Management April 13 th, 2009.
Information System Continuous Monitoring (ISCM) FITSP-A Module 7.
Software Assurance Automation throughout the Lifecycle OWASP AppSec USA 2011 September 23 rd 2011.
Copyright Justin C. Klein HECTOR Security Intelligence Platform Developed for: University of Pennsylvania School of Arts & Science.
Drupal Security Securing your Configuration Justin C. Klein Keane University of Pennsylvania School of Arts and Sciences Information Security and Unix.
A Model for Exchanging Vulnerability Information draft-booth-sacm-vuln-model-01 David Waltermire.
JDF in the Inter-Enterprise Workflow Achieving JDF workflow automation.
A Security Review Process for Existing Software Applications
What is SMEcollaborate Primarily developed for Small and Medium Companies who wish to collaborate together. It is a:- A resource center for collaborating.
Chris Wright Senior Systems Engineer, Lucity IMPORT & UPDATE.
User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.
Automating STIGs: The Transition to CCI and SRG
Basic Concepts Of CITRIX XENAPP.
Automating Enterprise IT Management by Leveraging Security Content Automation Protocol (SCAP) John M. Gilligan May, 2009.
The Eyeblaster ACM Advertising Campaign Management.
DCML – The Standard that Enables ITIL Compliance.
Time lag between discovering issue and resolving Difficult to find solutions and patches that can help resolve issue Service outages expensive and.
1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.
Synergy of the SCAP Program and IETF Activities BOF
ISS SiteProtector and Internet Scanner LanAdmin Group Meeting 12/8/2005.
A Networked Machine Management System 16, 1999.
Security Automation May 26th, Security Automation: the challenge “Tower of Babel” – Too much proprietary, incompatible information – Costly – Error.
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
Click to add text SUITE SEM Implementation Process Training.
Experiment Management System CSE 423 Aaron Kloc Jordan Harstad Robert Sorensen Robert Trevino Nicolas Tjioe Status Report Presentation Industry Mentor:
© 2010 by Boeing; made available under the EPL v1.0 | March 23, 2010 | Xtext and GEF deliver editors for the Open System Engineering Environment Ryan Brooks.
HP PPM Center release 8 Helping IT answer the tough questions
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Automate your way to.
Module 9 User Profiles and Social Networking. Module Overview Configuring User Profiles Implementing SharePoint 2010 Social Networking Features.
Background Real-time environmental monitoring is a field garnering an ever-increasing amount of attention. The ability for sensors to make and publish.
WEB SERVICES Casey Bauer Hannah McMahon John Walls William Hunter Mary Daniel Casey Bauer Hannah McMahon John Walls William Hunter Mary Daniel.
Click to edit Master title style Click to edit Master text styles –Second level Third level –Fourth level »Fifth level 1 CustomerSoft ESP Contact Operations.
Windows NT ® Security Management: Extending Windows NT 5.0 Security Management Tools, Part 2 Praerit Garg Program Manager Windows NT Security Microsoft.
CounterMeasures™ Risk Analysis and Management May 2005.
Michael Mast Senior Architect Applications Technology Oracle Corporation.
 Cloud Computing technology basics Platform Evolution Advantages  Microsoft Windows Azure technology basics Windows Azure – A Lap around the platform.
 GEETHA P.  Originally coined by Tim O’Reilly Publishing Media  Second generation of services available on www.  Lets people collaborate and share.
Product presentation Kulkanya Prateeptong June, 2012.
Third Party Risk Governance in a Diverse Environment
Creating New Business Value with Big Data
Metrics-Focused Analysis of Network Flow Data
Challenges in Network Troubleshooting In big scale networks, when an issue like latency or packet drops occur its very hard sometimes to pinpoint.
Intro to Ethical Hacking
CAMP: Cluster Account Management Program
CVE.
1 5 Identify Connect Leverage MOBILE-READY SINGLE PLATFORM
Case Study: Privileged Access and Data Science
Day 1, Session 4 Building Your Service Catalog
Presentation transcript:

SCAP: Automating Our Way Out Of The Vulnerability Wheel Of Pain AppSec DC Ed Bellis VP, CISO Orbitz Worldwide

Orbitz.com NWA Booking engine But First... some context Orbitz For Business Cheaptickets Away.com eBookers HotelClub Traveler Care GORP Travel RBS Rewards Southwest Hotels Orbitzgames.com Trip.com msn.orbitz.com AA Booking engine

Context Matters......and on and on and on ’s of Endless Applications 1000’s of Servers 1000’s of Devices 100’s of DBs Data Centers: multiple continents Call Centers - follow the sun

Context Matters... VA Tools Application Network & Host Database Remediation Tracking Jira Remedy...and on and on and on...

A Proposed Solution: A Case Study

Using Standards to Automate, Correlate & Measure

Centralizing the Data: Overview

Workflow: A Simple Use Case 1. NVD feed is pulled in daily

A Workflow Use Case 2. Whitehat connector runs on a predefined schedule.

A Workflow Use Case 3. Qualys connector runs on a predefined schedule

A Workflow Use Case 4(a). Security Admin manages and modifies asset information discovered by VA tools - CPE Note: Unexpected Benefit!

A Workflow Use Case 5. Vulnerability data is normalized and correlated across VA results utilizing CVE and WASC-TC. Vulns are scored using CVSS / WASC-TC plus Asset/CPE data.

A Workflow Use Case 6. Single click defect creation from Conduit to Jira.

A Workflow Use Case 7. Security defect is remediated by developer and closed in Jira.

A Workflow Use Case 8. Conduit issues re-test of vulnerability via Sentinel API

A Workflow Use Case 9. If re-test returns clean results are fed to Conduit and vulnerability is closed

A Workflow Use Case 10. Metrics can be viewed and filtered via tags added through asset mgmt

Metrics via Tag Lenses Pre-Defined Vulnerability Metrics Filtered by Asset Tags Many-to-Many Tag/Asset Relationship

Wheel of Pain Revisited

The Standards CPE: Common Platform Enumeration CVE: Common Vulnerability Enumeration CVSS: Common Vulnerability Scoring System WASC-TC: Web Application Security Consortium Threat Class Today Roadmap CCE: Common Configuration Enumeration XCCDF: Extensible Configuration Checklist Description Format

Additional & Emerging SCAP Standards OVAL: Open Vulnerability Assessment Language

Q&A Twitter: More Info On SCAP: More Info On Conduit:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.