Dedi Dwianto, profile picture
Uploaded byDedi Dwianto
PPTX, PDF4,148 views

Vulnerability Assesment

The document discusses technical vulnerability management and outlines the key steps in the NIST Risk Management Framework that include vulnerability analysis. It also covers establishing an effective Patch and Vulnerability Group to monitor for vulnerabilities, prioritize remediation, and deploy patches. Finally, it provides examples of different types of vulnerability analysis tools including network scanners, host scanners, and web application scanners.

In this document
Powered by AI

Introduction to a workshop on vulnerability assessment and overview of technical vulnerability management.

Details the NIST Risk Management Framework steps, emphasizing systematic vulnerability management to mitigate risks.

Describes the duties of the Patch and Vulnerability Group (PVG) in managing vulnerabilities and patching systems.

Outlines the report structure including introduction, overview of tools, and catalog descriptions.

Describes the functions and capabilities of vulnerability assessment tools for network and system scanning.

Lists various types of scanners like network, host, database, and web application scanners with examples.

Discusses automated penetration testing tools available for assessing vulnerabilities in systems.

Identifies various resources for monitoring vulnerabilities, including vendor sites, scanners, and databases.

Embed presentation

Downloaded 276 times
 Vulnerability Assesment Network Security Workshop Dedi Dwianto, C|EH, OSCP Daftar ISI
2 Contents  Technical Vulnerability Management  Vulnerability analysis tools
3 Technical Vulnerability Management  vulnerability analysis and assessment is an important element of each required activity in the NIST Risk Management Framework (RMF).  This RMF comprises six steps, into each of which vulnerability analysis and assessment is to be integrated:
4 Technical Vulnerability Management  Step 1: Categorize Information Systems.  Step 2: Select Security Controls  Step 3: Implement Security Controls.  Step 4: Assess Security Controls.  Step 5: Authorize Information Systems.  Step 6: Monitor Security Controls.
5 Technical Vulnerability Management  To reduce risks resulting from exploitation of published technical vulnerabilities.  Technical vulnerability management should be implemented in an effective, systematic, and repeatable way with measurements taken to confirm its effectiveness.  These considerations should include operating systems, and any other applications in use.
6 Technical Vulnerability Management  A current and complete inventory of assets is a prerequisite for effective technical vulnerability management.  Specific information needed to support technical vulnerability management includes the software vendor, version numbers, current state of deployment (e.g. what software is installed on what systems), and the person(s) within the organization responsible for the software.
7 Technical Vulnerability Management  The following guidance should be followed to establish an effective management process for technical vulnerabilities  the organization should define and establish the roles and responsibilities associated with technical vulnerability management, including vulnerability monitoring, vulnerability risk assessment, patching, asset tracking, and any coordination responsibilities required;
8 Technical Vulnerability Management  information resources that will be used to identify relevant technical vulnerabilities and to maintain awareness about them should be identified for software and other technology  a timeline should be defined to react to notifications of potentially relevant technical vulnerabilities;  once a potential technical vulnerability has been identified, the organization should identify the associated risks and the actions to be taken; such action could involve patching of vulnerable systems and/or applying other controls;
9 Technical Vulnerability Management  depending on how urgently a technical vulnerability needs to be addressed, the action taken should be carried out according to the controls related to change management  a timeline should be defined to react to notifications of potentially relevant technical vulnerabilities;  an audit log should be kept for all procedures undertaken  systems at high risk should be addressed first.
10 The Patch and Vulnerability Group  The PVG should be a formal group that incorporates representatives from information security and operations.  These representatives should include individuals with knowledge of vulnerability and patch management, as well as system administration, intrusion detection, and firewall management.
11 The duties of the PVG  Create a System Inventory.  Monitor for Vulnerabilities, Remediations, and Threats.  Prioritize Vulnerability Remediation.  Create an Organization-Specific Remediation Database  Conduct Generic Testing of Remediations.  Deploy Vulnerability Remediations.  Distribute Vulnerability and Remediation Information to Local Administrators.  Perform Automated Deployment of Patches.
12 The duties of the PVG  Configure Automatic Update of Applications Whenever Possible and Appropriate.  Verify Vulnerability Remediation Through Network and Host Vulnerability Scanning.  Vulnerability Remediation Training.
13 Report Organization Section1 Introduction to purpose, organization, scope, and assumptions for this Report. Section 2 Overview of automated vulnerability assessment tools—including descriptions of the various types of automated vulnerability assessment tools currently available Section 3 Catalogue of descriptions of current vulnerability assessment tools, categorized by type. Section 4 Representative listing of vulnerability assessment tools Section 5 List of resources to additional detailed information about IT and network vulnerability assessment and assessment tools.
14 Vulnerability Analysis tools  Vulnerability assessment tools generally work by attempting to automate the steps often employed to exploit vulnerabilities: they begin by performing a “footprint” analysis to determine what network services and/or software programs (including versions and patch levels) run on the target.  Vulnerability assessment tools help in that integration, by automating the detection, identification, measurement, and understanding of vulnerabilities found in ICT components at various levels of a target ICT system or infrastructure.
15 Vulnerability Analysis tools  Most vulnerability assessment tools are capable of scanning a number of network nodes, including networking and networked devices (switches, routers, firewalls, printers, etc.), as well as server, desktop, and portable computers.  The type and level of detail of a vulnerability assessment tool’s findings varies from tool to tool.
16 Tool type  Network Scanners  Host Scanners  Database Scanners  Web Application Scanners  Multilevel Scanners  Automated Penetration Test Tools  Vulnerability Scan Consolidators
17 Network Scanners  Assuria Auditor and Auditor RA  Infiltration Systems Infiltrator for Home Users  Microsoft® Attack Surface Analyzer  NileSOFT Secuguard SSE  Numara® Vulnerability Manager  SoftRun Inciter Vulnerability Manager  ThreatGuard® Secutor
18 Host Scanners  Beyond Security® Automated Vulnerability Detection System Host Scanners  Black Falcon/Net Security Suite Falcon Vulnerability Analysis  DragonSoft Vulnerability Management  eEye® Retina® Network  Fortinet® FortiScan 4.1.0  FuJian RongJi RJ-iTOP  GFI LANguard®
19 Database Scanners  Application Security AppDetectivePro  DBAPPSecurity MatriXay 3.6  Fortinet FortiDB  Imperva® Scuba  McAfee Repscan and McAfee Vulnerability Manager for Databases  NGSSecure NGS SQuirreL  Safety-Lab Shadow Database Scanner
20 Web Application Scanners  Acunetix® Web Vulnerability Scanner  Casaba Watcher 1.5.1  Cenzic® Hailstorm® Enterprise Application Risk Controller  eEye Retina Web  Grabber  Mavutina Netsparker®  HP WebInspect®
21 Multilevel Scanners  Integrigy AppSentry  Open Vulnerability Assessment System 4  SAINT® Professional and SAINT® Enterprise  Symantec® Control Compliance Suite: Vulnerability Manager  Tenable® Nessus®  Venusense Vulnerability Scanning and Management System
22 AUTOMATED PENETRATION TEST TOOLS  Arachni  CORE IMPACT® Pro  CORE INSIGHT Enterprise  Google® Skipfish  Immunity® CANVAS® Professional  Rapid7® Metasploit®  Rapid7 NeXpose
23 Monitoring Vulnerabilities  Vendor Web sites and mailing lists  Third-party Web sites  Third-party mailing lists and newsgroups  Vulnerability scanners  Vulnerability databases  Enterprise patch management tools  Other notification tools.
24 Monitoring Vulnerabilities  http://web.nvd.nist.gov/  http://secunia.com  http://www.exploit-db.com/

More Related Content

PPTX
Overview of Vulnerability Scanning.pptx
byAjayKumar73315
 
PPTX
Web application vulnerability assessment
byRavikumar Paghdal
 
PPTX
Pen Testing Explained
byRand W. Hirt
 
PDF
Vulnerability Assessment Report
byHarshit Singh Bhatia
 
PPTX
Vapt( vulnerabilty and penetration testing ) services
byAkshay Kurhade
 
PDF
Penetration Testing Execution Phases
byNasir Bhutta
 
PDF
Vulnerability Management Whitepaper PowerPoint Presentation Slides
bySlideTeam
 
PPTX
Vulnerability Assessment and Penetration testing
byAaftabKhan14
 
Overview of Vulnerability Scanning.pptx
byAjayKumar73315
 
Web application vulnerability assessment
byRavikumar Paghdal
 
Pen Testing Explained
byRand W. Hirt
 
Vulnerability Assessment Report
byHarshit Singh Bhatia
 
Vapt( vulnerabilty and penetration testing ) services
byAkshay Kurhade
 
Penetration Testing Execution Phases
byNasir Bhutta
 
Vulnerability Management Whitepaper PowerPoint Presentation Slides
bySlideTeam
 
Vulnerability Assessment and Penetration testing
byAaftabKhan14
 

What's hot

PPTX
Vulnerability Assessment
byprimeteacher32
 
PDF
Vulnerability Management
byasherad
 
PPTX
Security architecture, engineering and operations
byPiyush Jain
 
PPTX
Mobile Application Security
byIshan Girdhar
 
PPTX
Vulnerability assessment and penetration testing
byAbu Sadat Mohammed Yasin
 
PPTX
Secure SDLC Framework
byRishi Kant
 
PDF
NIST cybersecurity framework
byShriya Rai
 
PDF
Threat Modelling
byn|u - The Open Security Community
 
PPTX
Information Security Risk Management
byNikhil Soni
 
PDF
MITRE ATT&CK Framework
byn|u - The Open Security Community
 
PPTX
Vulnerability Assessment Presentation
byLionel Medina
 
PPTX
Network Security Risk
byDedi Dwianto
 
PPTX
An introduction to SOC (Security Operation Center)
byAhmad Haghighi
 
PDF
Threat Modeling Basics with Examples
bySanjeev Kumar Jaiswal
 
PDF
Risks threats and vulnerabilities
byManish Chaurasia
 
PPT
IT Security management and risk assessment
byCAS
 
PDF
Application Security | Application Security Tutorial | Cyber Security Certifi...
byEdureka!
 
PPT
STRIDE And DREAD
bychuckbt
 
PPTX
Classification of vulnerabilities
byMayur Mehta
 
PDF
Mobile Malware
byMartin Holovský
 
Vulnerability Assessment
byprimeteacher32
 
Vulnerability Management
byasherad
 
Security architecture, engineering and operations
byPiyush Jain
 
Mobile Application Security
byIshan Girdhar
 
Vulnerability assessment and penetration testing
byAbu Sadat Mohammed Yasin
 
Secure SDLC Framework
byRishi Kant
 
NIST cybersecurity framework
byShriya Rai
 
Threat Modelling
byn|u - The Open Security Community
 
Information Security Risk Management
byNikhil Soni
 
MITRE ATT&CK Framework
byn|u - The Open Security Community
 
Vulnerability Assessment Presentation
byLionel Medina
 
Network Security Risk
byDedi Dwianto
 
An introduction to SOC (Security Operation Center)
byAhmad Haghighi
 
Threat Modeling Basics with Examples
bySanjeev Kumar Jaiswal
 
Risks threats and vulnerabilities
byManish Chaurasia
 
IT Security management and risk assessment
byCAS
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
byEdureka!
 
STRIDE And DREAD
bychuckbt
 
Classification of vulnerabilities
byMayur Mehta
 
Mobile Malware
byMartin Holovský
 

Viewers also liked

PDF
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
byJames W. De Rienzo
 
PDF
NSA and PT
byRahmat Suhatman
 
PDF
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
byJames W. De Rienzo
 
PDF
RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...
byJames W. De Rienzo
 
PDF
Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)
byJames W. De Rienzo
 
PDF
E-Gov Project Management Essentials
byJohn Macasio
 
PPT
04 damage assessment methodology
byviandrito
 
PPT
Java basic introduction
byIdeal Eyes Business College
 
PPTX
what is security
byDedi Dwianto
 
PDF
Guide for Applying The Risk Management Framework to Federal Information Systems
byGuillermo Remache
 
PPTX
Vulnerability Assessment & Analysis (VAA) Overview
bySusan Rantall
 
PPT
Building Web Hack Interfaces
byChristian Heilmann
 
PDF
Let's Hack School: Learner Agency in a Time of New Technologies
bybudtheteacher
 
DOC
Bastion host topologi jaringan
byMunir Putra
 
DOCX
Nist 800 60 data types catgorization tables
byDaniel Kerberos
 
PDF
Vulnerability Analysis
byYash Mahendra
 
PPTX
Setting local domain di virtual host
byFgroupIndonesia
 
PPTX
Leadpreneur and discussion Global Top Leader Challenge
byReynaldo Rayne
 
PPTX
Risk assesment
bysamhoward2405
 
PPTX
Mkgirlsnightin2015 2
byMarian Price
 
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
byJames W. De Rienzo
 
NSA and PT
byRahmat Suhatman
 
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
byJames W. De Rienzo
 
RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...
byJames W. De Rienzo
 
Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)
byJames W. De Rienzo
 
E-Gov Project Management Essentials
byJohn Macasio
 
04 damage assessment methodology
byviandrito
 
Java basic introduction
byIdeal Eyes Business College
 
what is security
byDedi Dwianto
 
Guide for Applying The Risk Management Framework to Federal Information Systems
byGuillermo Remache
 
Vulnerability Assessment & Analysis (VAA) Overview
bySusan Rantall
 
Building Web Hack Interfaces
byChristian Heilmann
 
Let's Hack School: Learner Agency in a Time of New Technologies
bybudtheteacher
 
Bastion host topologi jaringan
byMunir Putra
 
Nist 800 60 data types catgorization tables
byDaniel Kerberos
 
Vulnerability Analysis
byYash Mahendra
 
Setting local domain di virtual host
byFgroupIndonesia
 
Leadpreneur and discussion Global Top Leader Challenge
byReynaldo Rayne
 
Risk assesment
bysamhoward2405
 
Mkgirlsnightin2015 2
byMarian Price
 

Similar to Vulnerability Assesment

PPTX
Vapt life cycle
bypenetration Tester
 
PDF
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4
byLisa Niles
 
PDF
Monitoring threats for pci compliance
byShiva Hullavarad
 
PDF
Nt2580 Unit 7 Chapter 12
byLaura Arrigo
 
PDF
Vulnerability Management System
byIRJET Journal
 
PDF
Nessus Assesment Vulnerability Management.pdf
bysurajpatil318663
 
PDF
Types of Vulnerability Scanning An in depth investigation.pdf
byCyber security professional services- Detox techno
 
PDF
Understanding Vulnerability Assessment.pdf
by247 tech
 
PPTX
Module 6.pptx
byssuser66c4d5
 
PDF
2 20613 qualys_top_10_reports_vm
byazfayel
 
PDF
Monitoring threats for pci compliance
byShiva Hullavarad
 
DOCX
Globally.docx
byGermanERuizCorrales
 
PDF
5 howtomitigate
byricharddxd
 
PDF
Vulnerability Management
byGFI Software
 
PDF
Application Security Program Management with Vulnerability Manager
byDenim Group
 
PDF
Software for Finding vulnerabilities in programs.pdf
byBytecode Security
 
PPT
Info Security - Vulnerability Assessment
byMarcelo Silva
 
PPTX
Crafting Super-Powered Risk Assessments by Digital Defense Inc & Veracode
byDigital Defense Inc
 
PPT
NH Bankers 10 08 07 Kamens
bykamensm02
 
PPT
M Kamens Iia Financial Services Presentation At Disney
bykamensm02
 
Vapt life cycle
bypenetration Tester
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4
byLisa Niles
 
Monitoring threats for pci compliance
byShiva Hullavarad
 
Nt2580 Unit 7 Chapter 12
byLaura Arrigo
 
Vulnerability Management System
byIRJET Journal
 
Nessus Assesment Vulnerability Management.pdf
bysurajpatil318663
 
Types of Vulnerability Scanning An in depth investigation.pdf
byCyber security professional services- Detox techno
 
Understanding Vulnerability Assessment.pdf
by247 tech
 
Module 6.pptx
byssuser66c4d5
 
2 20613 qualys_top_10_reports_vm
byazfayel
 
Monitoring threats for pci compliance
byShiva Hullavarad
 
Globally.docx
byGermanERuizCorrales
 
5 howtomitigate
byricharddxd
 
Vulnerability Management
byGFI Software
 
Application Security Program Management with Vulnerability Manager
byDenim Group
 
Software for Finding vulnerabilities in programs.pdf
byBytecode Security
 
Info Security - Vulnerability Assessment
byMarcelo Silva
 
Crafting Super-Powered Risk Assessments by Digital Defense Inc & Veracode
byDigital Defense Inc
 
NH Bankers 10 08 07 Kamens
bykamensm02
 
M Kamens Iia Financial Services Presentation At Disney
bykamensm02
 

Vulnerability Assesment

  • 1.
     Vulnerability Assesment Network SecurityWorkshop Dedi Dwianto, C|EH, OSCP Daftar ISI
  • 2.
    2 Contents  Technical Vulnerability Management  Vulnerability analysis tools
  • 3.
    3 Technical VulnerabilityManagement  vulnerability analysis and assessment is an important element of each required activity in the NIST Risk Management Framework (RMF).  This RMF comprises six steps, into each of which vulnerability analysis and assessment is to be integrated:
  • 4.
    4 Technical VulnerabilityManagement  Step 1: Categorize Information Systems.  Step 2: Select Security Controls  Step 3: Implement Security Controls.  Step 4: Assess Security Controls.  Step 5: Authorize Information Systems.  Step 6: Monitor Security Controls.
  • 5.
    5 Technical VulnerabilityManagement  To reduce risks resulting from exploitation of published technical vulnerabilities.  Technical vulnerability management should be implemented in an effective, systematic, and repeatable way with measurements taken to confirm its effectiveness.  These considerations should include operating systems, and any other applications in use.
  • 6.
    6 Technical VulnerabilityManagement  A current and complete inventory of assets is a prerequisite for effective technical vulnerability management.  Specific information needed to support technical vulnerability management includes the software vendor, version numbers, current state of deployment (e.g. what software is installed on what systems), and the person(s) within the organization responsible for the software.
  • 7.
    7 Technical VulnerabilityManagement  The following guidance should be followed to establish an effective management process for technical vulnerabilities  the organization should define and establish the roles and responsibilities associated with technical vulnerability management, including vulnerability monitoring, vulnerability risk assessment, patching, asset tracking, and any coordination responsibilities required;
  • 8.
    8 Technical VulnerabilityManagement  information resources that will be used to identify relevant technical vulnerabilities and to maintain awareness about them should be identified for software and other technology  a timeline should be defined to react to notifications of potentially relevant technical vulnerabilities;  once a potential technical vulnerability has been identified, the organization should identify the associated risks and the actions to be taken; such action could involve patching of vulnerable systems and/or applying other controls;
  • 9.
    9 Technical VulnerabilityManagement  depending on how urgently a technical vulnerability needs to be addressed, the action taken should be carried out according to the controls related to change management  a timeline should be defined to react to notifications of potentially relevant technical vulnerabilities;  an audit log should be kept for all procedures undertaken  systems at high risk should be addressed first.
  • 10.
    10 ThePatch and Vulnerability Group  The PVG should be a formal group that incorporates representatives from information security and operations.  These representatives should include individuals with knowledge of vulnerability and patch management, as well as system administration, intrusion detection, and firewall management.
  • 11.
    11 The duties of the PVG  Create a System Inventory.  Monitor for Vulnerabilities, Remediations, and Threats.  Prioritize Vulnerability Remediation.  Create an Organization-Specific Remediation Database  Conduct Generic Testing of Remediations.  Deploy Vulnerability Remediations.  Distribute Vulnerability and Remediation Information to Local Administrators.  Perform Automated Deployment of Patches.
  • 12.
    12 The duties of the PVG  Configure Automatic Update of Applications Whenever Possible and Appropriate.  Verify Vulnerability Remediation Through Network and Host Vulnerability Scanning.  Vulnerability Remediation Training.
  • 13.
    13 Report Organization Section1 Introduction to purpose, organization, scope, and assumptions for this Report. Section 2 Overview of automated vulnerability assessment tools—including descriptions of the various types of automated vulnerability assessment tools currently available Section 3 Catalogue of descriptions of current vulnerability assessment tools, categorized by type. Section 4 Representative listing of vulnerability assessment tools Section 5 List of resources to additional detailed information about IT and network vulnerability assessment and assessment tools.
  • 14.
    14 Vulnerability Analysis tools  Vulnerability assessment tools generally work by attempting to automate the steps often employed to exploit vulnerabilities: they begin by performing a “footprint” analysis to determine what network services and/or software programs (including versions and patch levels) run on the target.  Vulnerability assessment tools help in that integration, by automating the detection, identification, measurement, and understanding of vulnerabilities found in ICT components at various levels of a target ICT system or infrastructure.
  • 15.
    15 Vulnerability Analysis tools  Most vulnerability assessment tools are capable of scanning a number of network nodes, including networking and networked devices (switches, routers, firewalls, printers, etc.), as well as server, desktop, and portable computers.  The type and level of detail of a vulnerability assessment tool’s findings varies from tool to tool.
  • 16.
    16 Tool type  Network Scanners  Host Scanners  Database Scanners  Web Application Scanners  Multilevel Scanners  Automated Penetration Test Tools  Vulnerability Scan Consolidators
  • 17.
    17 Network Scanners  Assuria Auditor and Auditor RA  Infiltration Systems Infiltrator for Home Users  Microsoft® Attack Surface Analyzer  NileSOFT Secuguard SSE  Numara® Vulnerability Manager  SoftRun Inciter Vulnerability Manager  ThreatGuard® Secutor
  • 18.
    18 Host Scanners  Beyond Security® Automated Vulnerability Detection System Host Scanners  Black Falcon/Net Security Suite Falcon Vulnerability Analysis  DragonSoft Vulnerability Management  eEye® Retina® Network  Fortinet® FortiScan 4.1.0  FuJian RongJi RJ-iTOP  GFI LANguard®
  • 19.
    19 Database Scanners  Application Security AppDetectivePro  DBAPPSecurity MatriXay 3.6  Fortinet FortiDB  Imperva® Scuba  McAfee Repscan and McAfee Vulnerability Manager for Databases  NGSSecure NGS SQuirreL  Safety-Lab Shadow Database Scanner
  • 20.
    20 Web Application Scanners  Acunetix® Web Vulnerability Scanner  Casaba Watcher 1.5.1  Cenzic® Hailstorm® Enterprise Application Risk Controller  eEye Retina Web  Grabber  Mavutina Netsparker®  HP WebInspect®
  • 21.
    21 Multilevel Scanners  Integrigy AppSentry  Open Vulnerability Assessment System 4  SAINT® Professional and SAINT® Enterprise  Symantec® Control Compliance Suite: Vulnerability Manager  Tenable® Nessus®  Venusense Vulnerability Scanning and Management System
  • 22.
    22 AUTOMATED PENETRATION TEST TOOLS  Arachni  CORE IMPACT® Pro  CORE INSIGHT Enterprise  Google® Skipfish  Immunity® CANVAS® Professional  Rapid7® Metasploit®  Rapid7 NeXpose
  • 23.
    23 Monitoring Vulnerabilities  Vendor Web sites and mailing lists  Third-party Web sites  Third-party mailing lists and newsgroups  Vulnerability scanners  Vulnerability databases  Enterprise patch management tools  Other notification tools.
  • 24.
    24 Monitoring Vulnerabilities  http://web.nvd.nist.gov/  http://secunia.com  http://www.exploit-db.com/