Presentation is loading. Please wait.

Presentation is loading. Please wait.

6. Application Software Security

Published byさあしゃ おとべ Modified over 4 years ago

Similar presentations

Presentation on theme: "6. Application Software Security"— Presentation transcript:

1 6. Application Software Security
Why it’s important: Security flaws in applications are increasingly the attacker’s entry point Both commodity applications and custom in-house applications Applications offer large attack surfaces and many opportunities

2 Quick Wins Install and use special web-knowledgeable firewalls
To look for XSS, SQL injection, etc. Install non-web application specific firewalls, where available Position these firewalls so they aren’t blinded by cryptography

3 7. Wireless Device Control
Why it’s important: Wireless reaches outside physical security boundaries Mobile devices “away from home” often use wireless Unauthorized wireless access points tend to pop up Historically, attackers use wireless to get in and stay in

4 Quick Wins Know what wireless devices are in your environment
Make sure they run your configuration Make sure you have administrative control of all of them With your standard tools Use network access control to know which wireless devices connect to wired network

5 8. Data Recovery Capability
Why it’s important: Successful attackers often alter important data on your machines Sometimes that’s the point of the attack You need to be able to get it back

6 Quick Wins Back up all machines at least weekly
More often for critical data Test restoration from backups often Train personnel to know how to recover destroyed information

7 9. Security Skills Assessment and Training
Why it’s important: Attackers target untrained users Defenders need to keep up on trends and new attack vectors Programmers must know how to write secure code Need both good base and constant improvement

8 Quick Wins Assess what insecure practices your employees use and train those Include appropriate security awareness skills in job descriptions Ensure policies, user awareness, and training all match

9 10. Secure Configurations for Network Devices
Why it’s important: Firewalls, routers, and switches provide a first line of defense Even good configurations tend to go bad over time Exceptions and changing conditions Attackers constantly look for flaws in these devices

10 Quick Wins Create documented configurations for these devices
Periodically check actual devices against your standard configurations Turn on ingress/egress filtering at Internet connection points

11 11. Limitation and Control of Ports, Protocols, and Services
Why it’s important: Many systems install software automatically Often in weak configurations These offer attackers entry points If you don’t need and use them, why give attackers’ that benefit?

12 Quick Wins Turn off unused services
If no complaints after 30 days, de-install them Use host-based firewalls with default deny rules on all systems Port scan all servers and compare against known intended configuration Remove unnecessary service components

13 12. Controlled Use of Administrative Privileges
Why it’s important: Administrative privilege gives attackers huge amounts of control The more legitimate users who have it, the more targets Phishing attacks, drive-by downloads, password guessing, etc.

14 Quick Wins Use automated tools to validate who has administrative privileges Ensure all admin password/phrases are long and complex Force them to change often Change all default passwords on new devices Firewalls, wireless access points, routers, operating systems, etc.

15 More Quick Wins Store passwords hashed or encrypted
With only privileged users allowed to access them, anyway Use access control to prevent administrative accounts from running user-like programs E.g., web browsers, games, Require different passwords for personal and admin accounts

16 Yet More Quick Wins Never share admin passwords
Discourage use of Unix root or Windows administrator accounts Configure password control software to prevent re-use of recent passwords E.g., not used within last six months

17 13. Boundary Defense Why it’s important:
A good boundary defense keeps many attackers entirely out Even if they get in, proper use of things like a DMZ limits damage Important to understand where your boundaries really are

18 Quick Wins Black list known bad sites or white list sites you need to work with Test that periodically Use a network IDS to watch traffic crossing a DMZ Use the Sender Policy Framework (SPF) to limit address spoofing

19 14. Maintenance, Monitoring and Analysis of Security Logs
Why it’s important: Logs are often the best (sometimes only) source of info about attack If properly analyzed, you can learn what’s happening on your machines If not, you’re in the dark

20 Quick Wins Ensure all machines have reasonably synchronized clocks (e.g., use NTP) Include audit log settings as part of standard configuration And check that Ensure you have enough disk space for your logs

21 More Quick Wins Use log retention policy to ensure you keep logs long enough Fully log all remote accesses to your machines Log all failed login attempts and failed attempts to access resources

22 15. Controlled Access Based on Need to Know
Why it’s important: If all your machines/users can access critical data, Attacker can win by compromising anything If data kept only on protected machines, attackers have harder time

23 Quick Wins Put all sensitive information on separate VLANs
Encrypt all sensitive information crossing the network Even your own internal network

Download ppt "6. Application Software Security"

Similar presentations

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Understand Database Security Concepts

Understand Database Security Concepts
Current Security Threats WMO CBS ET-CTS Toulouse, France 26-30 May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.

N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.

Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard
Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.

Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.

Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.
10 Tips for keeping MCL safe 1. Set up your defenses. Do you have adequate firewalls and antivirus software to protect you from hackers who could steal.

10 Tips for keeping MCL safe 1. Set up your defenses. Do you have adequate firewalls and antivirus software to protect you from hackers who could steal.
Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include.

Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include.
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.

Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
Lecture 18 Page 1 CS 136, Spring 2014 Security Your System CS 136 Computer Security Peter Reiher June 5, 2014.

Lecture 18 Page 1 CS 136, Spring 2014 Security Your System CS 136 Computer Security Peter Reiher June 5, 2014.

Similar presentations

Ads by Google