Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya.

Slides:



Advertisements
Similar presentations
PENETRATION TESTING Presenters:Chakrit Sanbuapoh Sr. Information Security MFEC.
Advertisements

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Bill McClanahan – Principal Business Consultant LPS Integration.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
JARED BIRD Nagios: Providing Value Throughout the Organization.
1www.skyboxsecurity.com Skybox Cyber Security Best Practices Three steps to reduce the risk of Advanced Persistent Threats With continuing news coverage.
Penetration Testing Anand Sudula, CISA,CISSP SSA Global Technologies, India Anand Sudula, CISA,CISSP SSA Global Technologies, India.
The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Vulnerability Testing Approach Prepared By: Phil Cheese Nov 2008.
Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard.
Vulnerability Assessment & Penetration Testing By: Michael Lassiter Jr.
Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard 12/5/2010Greg Williams CS591.
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
Penetration Testing Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802
Web Application Security Assessment and Vulnerability Assessment.
VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.
Sam Cook April 18, Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.
Vulnerability Management Dimension Data – Tom Gilis 24 November 2011.
INFORMATION SECURITY REGULATION COMPLIANCE By Insert name dd/mm/yyyy senior leadership training on the primary regulatory requirements,
Information Security Update CTC 18 March 2015 Julianne Tolson.
1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.
CMGT400 Intro to Information Assurance and Security (University of Phoenix) Lecture, Week 5 Tom Olzak, MBA, CISSP.
Automating Enterprise IT Management by Leveraging Security Content Automation Protocol (SCAP) John M. Gilligan May, 2009.
Nata Raju Gurrapu Agenda What is Information and Security. Industry Standards Job Profiles Certifications Tips.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
Microsoft Security Development Lifecycle
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
Security Innovation & Startup. OPEN THREAT EXCHANGE (OTX): THE HISTORY AND FUTURE OF OPEN THREAT INTELLIGENCE COMMUNITY ALIENVAULT OTX.
IS Network and Telecommunications Risks Chapter Six.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
IT Security – Scanning / Vulnerability Assessment David Geick State of Connecticut IT Security.
What Can Go Wrong During a Pen-test? Effectively Engaging and Managing a Pen-test.
Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.
HP World September 2002 Scott S. Blake, CISSP Vice President, Information Security BindView Corporation Vulnerability Assessment and Action.
HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.
Module 5 – Vulnerability Identification  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification.
B-I-C-T Security Strategy Introducing a new framework November 19, 2015 Aman Raheja
MANAGED SECURITY TESTING PROACTIVELY MANAGING VULNERABILITIES.
Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.
Introduction to Security Dr. John P. Abraham Professor UTPA.
Web Security Introduction to Ethical Hacking, Ethics, and Legality.
Cyber Security – The Changing Landscape Erick Weber Department of Public Works Khaled Tawfik Cyber Security.
FROM CONTINUOUS INTEGRATION TO VIRTUAL PATCHING BUILDING APPSEC ALL ALONG THE WEB APPLICATION LIFECYCLE.
Financial Sector Cybersecurity R&D Priorities The Members of the FSSCC R&D Committee November 2014.
Vulnerability Analysis Dr. X. Computer system Design Implementation Maintenance Operation.
Risk Assessments in Many Flavors George J. Dolicker, CISA, CISSP.
Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Juniper Security Threat Response Manager (STRM)
September 20, 2016 How to Defend Your Organization from a Cyber Breach LTC Tim Bloechl (U.S. Army, Ret.) Director, Cyber Security Business.
Defining your requirements for a successful security (and compliance
Topic 5 Penetration Testing 滲透測試
BruinTech Vendor Meet & Greet December 3, 2015
Information Security Program
Critical Security Controls
Real-time protection for web sites and web apps against ATTACKS
Cyber Security: State of the Nation
Or how to learn to love the bomb
Valid And Updated CS0-001 Exam Certifications Dumps Questions
5G Security Training
Combining the best of Audit and Penetration Testing
Validating Your Information Security Program (ISP 3 of 3)
Skybox Cyber Security Best Practices
National Cyber Security
Healthcare Cloud Security Stack for Microsoft Azure
Healthcare Cloud Security Stack for Microsoft Azure
Chris Romano Andrew Shepardson IA 456
Healthcare Cloud Security Stack for Microsoft Azure
Presentation transcript:

Red Team “You keep using that word, I do not think it means what you think it means” – Inigo Montoya

Intro - Greg Huff  CISSP  Sr. Engineer – Red Team  Co-founded Red Team for Fortune 50

Why do we do security testing?  Industry compliance  PCI  FIPS  Government regulations  HIPAA  GLBA  FISMA  Number 1 reason why??:  Because we have to!

Vulnerability Assessment  Fully automated  Can be scheduled  Real-time detections  Interpretation of results requires some technical knowledge.  Detects presence of public exploits, misconfigurations, outdated patch levels, default credentials, etc.

Vulnerability Assessment (cont.) Commonly used tools:  Nessus  Configurations, patch levels, public exploits  Burp Suite  Web applications, API’s  Nexpose  Similar to Nessus, browser-based checking

Penetration Testing  Combination of automated and manual testing  Results of vulnerability scan may lend to successful penetration into an environment.  Exploitation of known vulnerabilities  Privilege escalation  Generally not designed to be stealthy or test response plans and defensive capabilities

Penetration Testing (cont.) Commonly used tools  Often the same as vulnerability scan tools  Exploitation frameworks  Usually targeted against specific infrastructure/applications

Red Team  Real-world attack simulation  Significant reconnaissance effort  Penetration into environment  Avoidance of security monitoring  Persistence maintained

Red Team (cont.)  Wide variety of attacks  Advanced social-engineering  Physical attacks  Custom exploit development  Act as aggressors to test defensive capabilities and response  More deliberate, paced compared to a standard pen test  Will adapt to countermeasures, maintain persistence, and continue attacks  Goal/scenario-based testing

Testing Comparison 10 Level of Effort, Cost and Time Attack Sophistication Vulnerability Assessment Penetration Testing Red Team Unsophisticated Threats Misconfigurations Default creds Largest Threat Landscape Hactivists Script Kiddies Identity Theft High Capability Threats (Nation States, Organized Crime, APT)

Should I have an internal Red Team?  Need vs. want  Org size  Regulatory requirements  Security funding  Industry Do I want to know what I don’t?  Org socialization  Mission statement  Service catalog  Partnerships with HR, legal, etc.  Learning opportunities First question to ask…

IamA Red Teamer AMA!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.