Presentation is loading. Please wait.

Presentation is loading. Please wait.

Topological Vulnerability Analysis

Published byAlfred Cox Modified over 8 years ago

Similar presentations

Presentation on theme: "Topological Vulnerability Analysis"— Presentation transcript:

1 Topological Vulnerability Analysis
Automatically predicting paths of cyber attack GPS for your IT infrastructure Common Operating Picture Situational Awareness

2 CAULDRON History Inventors: Sushil Jajodia, Steven Noel, Pramod Kalapa
CSIS pioneered the field of Topological Vulnerability Analysis (TVA) attack graph technology.  8 years of R&D CAULDRON has been independently evaluated enhancement for penetration testing red team/blue team exercises CSIS has filed for 5 U.S. patents in TVA/CAULDRON technology.  CAULDRON is currently being used at several government organizations. Improve security; Reduce risk; Comply with regulatory mandates And do so faster and with fewer resources

3 The Perfect Storm Network configurations are ever more sophisticated
Vulnerabilities are becoming more complex Remediation resources are sparse A total solution is a combination of technology and services CAULDRON is the technology component

4 Our Approach Aggregate / Correlate / Visualize Network Capture
builds a model of the network. represents data in terms of corresponding elements in Vulnerability Reporting and Exploit Specifications. Vulnerability Database a comprehensive repository of reported vulnerabilities Graph Engine simulates multi-step attacks through the network, for a given user-defined Attack Scenario. analyzes vulnerability dependencies, matching exploit preconditions and post-conditions, generates all possible paths through the network (for a given attack scenario). Aggregate / Correlate / Visualize

5 Aggregate/Correlate/Visualize
We analyze vulnerability dependencies Calculates the impact of individual and combined vulnerabilities on overall security We show all possible attack paths into a network Transforms raw security data into a roadmap All known attack paths from attacker to target are succinctly depicted Supports both offensive (e.g., penetration testing) and defensive (e.g., network hardening) applications Strategic Proactively prepare for attacks, manage vulnerability risks, and have current situational awareness A response strategy can be more easily created. Key deliverable is an attack graph showing all possible ways an attacker can penetrate the network

6

7 Adding CAULDRON to the mix
Scanners Visualization & What If’s Correlation Firewalls Repository + SAS Patch Mgt Persistent Metadata Logs, etc

8 Range of Benefits Region 1 Visualization & What If’s Visualization
Correlation Region 2 Repository + SAS Region 3 Strategic Region X Common Operating Picture Situational Awareness Relevant POAMs Targeted remediation Tactical

9 Decentralizing the process
Repository + SAS Visualization & What If’s Correlation Region 1 Region 2 Region 3 Region X

10 Seven Invigorating Virtues
Strategic Provides a Common Operating Picture Provides Situational Awareness - context Improves security w/out hardware Shortens the cycle of improvements Nature of the problem Regional yet centralized Allows for drill down Empowers the “LCD” Tactical Management Operations

11 More security . . without more hardware
Contact Info: John Williams . . without more hardware

Download ppt "Topological Vulnerability Analysis"

Similar presentations

HP Quality Center Overview.

HP Quality Center Overview.
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Beyond Reactive Management of Network Intrusions Professor Sushil Jajodia Professor Sushil Jajodia Center for Secure Information Systems

Beyond Reactive Management of Network Intrusions Professor Sushil Jajodia Professor Sushil Jajodia Center for Secure Information Systems
1www.skyboxsecurity.com Skybox Cyber Security Best Practices Three steps to reduce the risk of Advanced Persistent Threats With continuing news coverage.

1www.skyboxsecurity.com Skybox Cyber Security Best Practices Three steps to reduce the risk of Advanced Persistent Threats With continuing news coverage.
Creating Business Value from Big Data A Big Data Catalyst Project.

Creating Business Value from Big Data A Big Data Catalyst Project.
Experience, Technology and Focus in Mid Market CRM Soffront Asset management: An Overview.

Experience, Technology and Focus in Mid Market CRM Soffront Asset management: An Overview.
© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE www.visible.com Holistic View of the Enterprise Business Development Operations.

© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE Holistic View of the Enterprise Business Development Operations.
S5-1 © 2001 Carnegie Mellon University OCTAVE SM Process 5 Identify Key Components Software Engineering Institute Carnegie Mellon University Pittsburgh,

S5-1 © 2001 Carnegie Mellon University OCTAVE SM Process 5 Identify Key Components Software Engineering Institute Carnegie Mellon University Pittsburgh,
MP3 / MD740 Strategy & Information Systems Oct. 13, 2004 Databases & the Data Asset, Types of Information Systems, Artificial Intelligence.

MP3 / MD740 Strategy & Information Systems Oct. 13, 2004 Databases & the Data Asset, Types of Information Systems, Artificial Intelligence.
Achieving Trusted Systems by Providing Security and Reliability Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun Xu, Shuo Chen, Nithin Nakka and Karthik Pattabiraman.

Achieving Trusted Systems by Providing Security and Reliability Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun Xu, Shuo Chen, Nithin Nakka and Karthik Pattabiraman.
Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.

Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
COTS Based System Security Economics - A Stakeholder/Value Centric Approach Related tool demo session: COTS Based System Security Test-bed (Tiramisu) Tuesday.

COTS Based System Security Economics - A Stakeholder/Value Centric Approach Related tool demo session: COTS Based System Security Test-bed (Tiramisu) Tuesday.
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Security Posture Assessment (SPA) Headquarters: Ofisgate Sdn Bhd (610820-A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, 57000 Kuala Lumpur,

Security Posture Assessment (SPA) Headquarters: Ofisgate Sdn Bhd ( A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, Kuala Lumpur,
© 2014 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2014 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.
SANS Technology Institute - Candidate for Master of Science Degree Implementing and Automating Critical Control 19: Secure Network Engineering for Next.

SANS Technology Institute - Candidate for Master of Science Degree Implementing and Automating Critical Control 19: Secure Network Engineering for Next.
VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.

VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.

Similar presentations

Ads by Google