SlideShare a Scribd company logo

Vulnerability Assesment

Download as PPTX, PDF
Dedi Dwianto
Dedi Dwianto

Workshop keamanan jaringan

1 of 24
 Vulnerability Assesment Network Security Workshop Dedi Dwianto, C|EH, OSCP Daftar ISI
2 Contents  Technical Vulnerability Management  Vulnerability analysis tools
3 Technical Vulnerability Management  vulnerability analysis and assessment is an important element of each required activity in the NIST Risk Management Framework (RMF).  This RMF comprises six steps, into each of which vulnerability analysis and assessment is to be integrated:
4 Technical Vulnerability Management  Step 1: Categorize Information Systems.  Step 2: Select Security Controls  Step 3: Implement Security Controls.  Step 4: Assess Security Controls.  Step 5: Authorize Information Systems.  Step 6: Monitor Security Controls.
5 Technical Vulnerability Management  To reduce risks resulting from exploitation of published technical vulnerabilities.  Technical vulnerability management should be implemented in an effective, systematic, and repeatable way with measurements taken to confirm its effectiveness.  These considerations should include operating systems, and any other applications in use.
6 Technical Vulnerability Management  A current and complete inventory of assets is a prerequisite for effective technical vulnerability management.  Specific information needed to support technical vulnerability management includes the software vendor, version numbers, current state of deployment (e.g. what software is installed on what systems), and the person(s) within the organization responsible for the software.
7 Technical Vulnerability Management  The following guidance should be followed to establish an effective management process for technical vulnerabilities  the organization should define and establish the roles and responsibilities associated with technical vulnerability management, including vulnerability monitoring, vulnerability risk assessment, patching, asset tracking, and any coordination responsibilities required;
8 Technical Vulnerability Management  information resources that will be used to identify relevant technical vulnerabilities and to maintain awareness about them should be identified for software and other technology  a timeline should be defined to react to notifications of potentially relevant technical vulnerabilities;  once a potential technical vulnerability has been identified, the organization should identify the associated risks and the actions to be taken; such action could involve patching of vulnerable systems and/or applying other controls;
9 Technical Vulnerability Management  depending on how urgently a technical vulnerability needs to be addressed, the action taken should be carried out according to the controls related to change management  a timeline should be defined to react to notifications of potentially relevant technical vulnerabilities;  an audit log should be kept for all procedures undertaken  systems at high risk should be addressed first.
10 The Patch and Vulnerability Group  The PVG should be a formal group that incorporates representatives from information security and operations.  These representatives should include individuals with knowledge of vulnerability and patch management, as well as system administration, intrusion detection, and firewall management.
11 The duties of the PVG  Create a System Inventory.  Monitor for Vulnerabilities, Remediations, and Threats.  Prioritize Vulnerability Remediation.  Create an Organization-Specific Remediation Database  Conduct Generic Testing of Remediations.  Deploy Vulnerability Remediations.  Distribute Vulnerability and Remediation Information to Local Administrators.  Perform Automated Deployment of Patches.
12 The duties of the PVG  Configure Automatic Update of Applications Whenever Possible and Appropriate.  Verify Vulnerability Remediation Through Network and Host Vulnerability Scanning.  Vulnerability Remediation Training.
13 Report Organization Section1 Introduction to purpose, organization, scope, and assumptions for this Report. Section 2 Overview of automated vulnerability assessment tools—including descriptions of the various types of automated vulnerability assessment tools currently available Section 3 Catalogue of descriptions of current vulnerability assessment tools, categorized by type. Section 4 Representative listing of vulnerability assessment tools Section 5 List of resources to additional detailed information about IT and network vulnerability assessment and assessment tools.
14 Vulnerability Analysis tools  Vulnerability assessment tools generally work by attempting to automate the steps often employed to exploit vulnerabilities: they begin by performing a “footprint” analysis to determine what network services and/or software programs (including versions and patch levels) run on the target.  Vulnerability assessment tools help in that integration, by automating the detection, identification, measurement, and understanding of vulnerabilities found in ICT components at various levels of a target ICT system or infrastructure.
15 Vulnerability Analysis tools  Most vulnerability assessment tools are capable of scanning a number of network nodes, including networking and networked devices (switches, routers, firewalls, printers, etc.), as well as server, desktop, and portable computers.  The type and level of detail of a vulnerability assessment tool’s findings varies from tool to tool.
16 Tool type  Network Scanners  Host Scanners  Database Scanners  Web Application Scanners  Multilevel Scanners  Automated Penetration Test Tools  Vulnerability Scan Consolidators
17 Network Scanners  Assuria Auditor and Auditor RA  Infiltration Systems Infiltrator for Home Users  Microsoft® Attack Surface Analyzer  NileSOFT Secuguard SSE  Numara® Vulnerability Manager  SoftRun Inciter Vulnerability Manager  ThreatGuard® Secutor
18 Host Scanners  Beyond Security® Automated Vulnerability Detection System Host Scanners  Black Falcon/Net Security Suite Falcon Vulnerability Analysis  DragonSoft Vulnerability Management  eEye® Retina® Network  Fortinet® FortiScan 4.1.0  FuJian RongJi RJ-iTOP  GFI LANguard®
19 Database Scanners  Application Security AppDetectivePro  DBAPPSecurity MatriXay 3.6  Fortinet FortiDB  Imperva® Scuba  McAfee Repscan and McAfee Vulnerability Manager for Databases  NGSSecure NGS SQuirreL  Safety-Lab Shadow Database Scanner
20 Web Application Scanners  Acunetix® Web Vulnerability Scanner  Casaba Watcher 1.5.1  Cenzic® Hailstorm® Enterprise Application Risk Controller  eEye Retina Web  Grabber  Mavutina Netsparker®  HP WebInspect®
21 Multilevel Scanners  Integrigy AppSentry  Open Vulnerability Assessment System 4  SAINT® Professional and SAINT® Enterprise  Symantec® Control Compliance Suite: Vulnerability Manager  Tenable® Nessus®  Venusense Vulnerability Scanning and Management System
22 AUTOMATED PENETRATION TEST TOOLS  Arachni  CORE IMPACT® Pro  CORE INSIGHT Enterprise  Google® Skipfish  Immunity® CANVAS® Professional  Rapid7® Metasploit®  Rapid7 NeXpose
23 Monitoring Vulnerabilities  Vendor Web sites and mailing lists  Third-party Web sites  Third-party mailing lists and newsgroups  Vulnerability scanners  Vulnerability databases  Enterprise patch management tools  Other notification tools.
24 Monitoring Vulnerabilities  http://web.nvd.nist.gov/  http://secunia.com  http://www.exploit-db.com/

Recommended

Vulnerability Assessment Presentation
Vulnerability Assessment PresentationVulnerability Assessment Presentation
Vulnerability Assessment PresentationLionel Medina
 
Vulnerability Assessment
Vulnerability AssessmentVulnerability Assessment
Vulnerability Assessmentprimeteacher32
 
Security risk management
Security risk managementSecurity risk management
Security risk managementG Prachi
 
Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30timmcguinness
 
Patch and Vulnerability Management
Patch and Vulnerability ManagementPatch and Vulnerability Management
Patch and Vulnerability ManagementMarcelo Martins
 
Guide to Risk Management Framework (RMF)
Guide to Risk Management Framework (RMF)Guide to Risk Management Framework (RMF)
Guide to Risk Management Framework (RMF)MetroStar
 
Vulnerability and Patch Management
Vulnerability and Patch ManagementVulnerability and Patch Management
Vulnerability and Patch Managementn|u - The Open Security Community
 
10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management ProgramBeyondTrust
 

Recommended

Vulnerability Assessment Presentation
Vulnerability Assessment PresentationVulnerability Assessment Presentation
Vulnerability Assessment PresentationLionel Medina
 
Vulnerability Assessment
Vulnerability AssessmentVulnerability Assessment
Vulnerability Assessmentprimeteacher32
 
Security risk management
Security risk managementSecurity risk management
Security risk managementG Prachi
 
Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30timmcguinness
 
Patch and Vulnerability Management
Patch and Vulnerability ManagementPatch and Vulnerability Management
Patch and Vulnerability ManagementMarcelo Martins
 
Guide to Risk Management Framework (RMF)
Guide to Risk Management Framework (RMF)Guide to Risk Management Framework (RMF)
Guide to Risk Management Framework (RMF)MetroStar
 
Vulnerability and Patch Management
Vulnerability and Patch ManagementVulnerability and Patch Management
Vulnerability and Patch Managementn|u - The Open Security Community
 
10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management ProgramBeyondTrust
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity frameworkShriya Rai
 
Mastering Information Technology Risk Management
Mastering Information Technology Risk ManagementMastering Information Technology Risk Management
Mastering Information Technology Risk ManagementGoutama Bachtiar
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesSlideTeam
 
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingIntroduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingRaghav Bisht
 
Risks threats and vulnerabilities
Risks threats and vulnerabilitiesRisks threats and vulnerabilities
Risks threats and vulnerabilitiesManish Chaurasia
 
Patch Management Best Practices
Patch Management Best Practices Patch Management Best Practices
Patch Management Best Practices Ivanti
 
Asset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & ControlAsset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & ControlMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
What is cyber resilience?
What is cyber resilience?What is cyber resilience?
What is cyber resilience?Aaron Clark-Ginsberg
 
MITRE ATT&CK Framework
MITRE ATT&CK FrameworkMITRE ATT&CK Framework
MITRE ATT&CK Frameworkn|u - The Open Security Community
 
NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)April Mardock CISSP
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessmentCAS
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
IBM Qradar
IBM QradarIBM Qradar
IBM QradarCoenraad Smith
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Managementasherad
 
Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskAlienVault
 
Endpoint Security Pres.pptx
Endpoint Security Pres.pptxEndpoint Security Pres.pptx
Endpoint Security Pres.pptxNBBNOC
 
Patch Management Best Practices 2019
Patch Management Best Practices 2019Patch Management Best Practices 2019
Patch Management Best Practices 2019Ivanti
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
 
Sqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar UsersSqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar UsersSqrrl
 
what is security
what is securitywhat is security
what is securityDedi Dwianto
 
Vulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) OverviewVulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) OverviewSusan Rantall
 

More Related Content

What's hot

NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity frameworkShriya Rai
 
Mastering Information Technology Risk Management
Mastering Information Technology Risk ManagementMastering Information Technology Risk Management
Mastering Information Technology Risk ManagementGoutama Bachtiar
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesSlideTeam
 
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingIntroduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingRaghav Bisht
 
Risks threats and vulnerabilities
Risks threats and vulnerabilitiesRisks threats and vulnerabilities
Risks threats and vulnerabilitiesManish Chaurasia
 
Patch Management Best Practices
Patch Management Best Practices Patch Management Best Practices
Patch Management Best Practices Ivanti
 
NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)April Mardock CISSP
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessmentCAS
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Managementasherad
 
Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskAlienVault
 
Endpoint Security Pres.pptx
Endpoint Security Pres.pptxEndpoint Security Pres.pptx
Endpoint Security Pres.pptxNBBNOC
 
Patch Management Best Practices 2019
Patch Management Best Practices 2019Patch Management Best Practices 2019
Patch Management Best Practices 2019Ivanti
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
 
Sqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar UsersSqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar UsersSqrrl
 

What's hot (20)

NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity framework
 
Mastering Information Technology Risk Management
Mastering Information Technology Risk ManagementMastering Information Technology Risk Management
Mastering Information Technology Risk Management
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation Slides
 
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingIntroduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration Testing
 
Risks threats and vulnerabilities
Risks threats and vulnerabilitiesRisks threats and vulnerabilities
Risks threats and vulnerabilities
 
Patch Management Best Practices
Patch Management Best Practices Patch Management Best Practices
Patch Management Best Practices
 
Asset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & ControlAsset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & Control
 
What is cyber resilience?
What is cyber resilience?What is cyber resilience?
What is cyber resilience?
 
MITRE ATT&CK Framework
MITRE ATT&CK FrameworkMITRE ATT&CK Framework
MITRE ATT&CK Framework
 
NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
 
IBM Qradar
IBM QradarIBM Qradar
IBM Qradar
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 
Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize Risk
 
Endpoint Security Pres.pptx
Endpoint Security Pres.pptxEndpoint Security Pres.pptx
Endpoint Security Pres.pptx
 
Patch Management Best Practices 2019
Patch Management Best Practices 2019Patch Management Best Practices 2019
Patch Management Best Practices 2019
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
 
Sqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar UsersSqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar Users
 

Viewers also liked

Vulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) OverviewVulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) OverviewSusan Rantall
 
Vulnerability Analysis
Vulnerability AnalysisVulnerability Analysis
Vulnerability AnalysisYash Mahendra
 
Nist 800 60 data types catgorization tables
Nist 800 60 data types catgorization tablesNist 800 60 data types catgorization tables
Nist 800 60 data types catgorization tablesDaniel Kerberos
 
04 damage assessment methodology
04 damage assessment methodology04 damage assessment methodology
04 damage assessment methodologyviandrito
 
Mkgirlsnightin2015 2
Mkgirlsnightin2015 2Mkgirlsnightin2015 2
Mkgirlsnightin2015 2Marian Price
 
Leadpreneur and discussion Global Top Leader Challenge
Leadpreneur and discussion Global Top Leader ChallengeLeadpreneur and discussion Global Top Leader Challenge
Leadpreneur and discussion Global Top Leader ChallengeReynaldo Rayne
 
Guide for Applying The Risk Management Framework to Federal Information Systems
Guide for Applying The Risk Management Framework to Federal Information SystemsGuide for Applying The Risk Management Framework to Federal Information Systems
Guide for Applying The Risk Management Framework to Federal Information SystemsGuillermo Remache
 
E-Gov Project Management Essentials
E-Gov Project Management EssentialsE-Gov Project Management Essentials
E-Gov Project Management EssentialsJohn Macasio
 
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6aCritical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6aJames W. De Rienzo
 
Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)
Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)
Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)James W. De Rienzo
 
RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...
RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...
RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...James W. De Rienzo
 
Let's Hack School: Learner Agency in a Time of New Technologies
Let's Hack School: Learner Agency in a Time of New TechnologiesLet's Hack School: Learner Agency in a Time of New Technologies
Let's Hack School: Learner Agency in a Time of New Technologiesbudtheteacher
 
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...James W. De Rienzo
 
Setting local domain di virtual host
Setting local domain di virtual hostSetting local domain di virtual host
Setting local domain di virtual hostFgroupIndonesia
 

Viewers also liked (20)

what is security
what is securitywhat is security
what is security
 
Vulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) OverviewVulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) Overview
 
Vulnerability Analysis
Vulnerability AnalysisVulnerability Analysis
Vulnerability Analysis
 
Nist 800 60 data types catgorization tables
Nist 800 60 data types catgorization tablesNist 800 60 data types catgorization tables
Nist 800 60 data types catgorization tables
 
04 damage assessment methodology
04 damage assessment methodology04 damage assessment methodology
04 damage assessment methodology
 
The first three years of national VET regulation
The first three years of national VET regulationThe first three years of national VET regulation
The first three years of national VET regulation
 
Mkgirlsnightin2015 2
Mkgirlsnightin2015 2Mkgirlsnightin2015 2
Mkgirlsnightin2015 2
 
Leadpreneur and discussion Global Top Leader Challenge
Leadpreneur and discussion Global Top Leader ChallengeLeadpreneur and discussion Global Top Leader Challenge
Leadpreneur and discussion Global Top Leader Challenge
 
Guide for Applying The Risk Management Framework to Federal Information Systems
Guide for Applying The Risk Management Framework to Federal Information SystemsGuide for Applying The Risk Management Framework to Federal Information Systems
Guide for Applying The Risk Management Framework to Federal Information Systems
 
Risk assesment
Risk assesmentRisk assesment
Risk assesment
 
Java basic introduction
Java basic introductionJava basic introduction
Java basic introduction
 
Building Web Hack Interfaces
Building Web Hack InterfacesBuilding Web Hack Interfaces
Building Web Hack Interfaces
 
E-Gov Project Management Essentials
E-Gov Project Management EssentialsE-Gov Project Management Essentials
E-Gov Project Management Essentials
 
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6aCritical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
 
Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)
Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)
Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)
 
RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...
RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...
RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...
 
Let's Hack School: Learner Agency in a Time of New Technologies
Let's Hack School: Learner Agency in a Time of New TechnologiesLet's Hack School: Learner Agency in a Time of New Technologies
Let's Hack School: Learner Agency in a Time of New Technologies
 
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
 
NSA and PT
NSA and PTNSA and PT
NSA and PT
 
Setting local domain di virtual host
Setting local domain di virtual hostSetting local domain di virtual host
Setting local domain di virtual host
 

Similar to Vulnerability Assesment

RADAR - Le nouveau scanner de vulnérabilité par F-Secure
RADAR - Le nouveau scanner de vulnérabilité par F-SecureRADAR - Le nouveau scanner de vulnérabilité par F-Secure
RADAR - Le nouveau scanner de vulnérabilité par F-SecureNRC
 
Monitoring threats for pci compliance
Monitoring threats for pci complianceMonitoring threats for pci compliance
Monitoring threats for pci complianceShiva Hullavarad
 
Monitoring threats for pci compliance
Monitoring threats for pci complianceMonitoring threats for pci compliance
Monitoring threats for pci complianceShiva Hullavarad
 
2 20613 qualys_top_10_reports_vm
2 20613 qualys_top_10_reports_vm2 20613 qualys_top_10_reports_vm
2 20613 qualys_top_10_reports_vmazfayel
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4Lisa Niles
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Ricardo Resnik
 
Darktrace_Threat_Visualizer_User_Guide.pdf
Darktrace_Threat_Visualizer_User_Guide.pdfDarktrace_Threat_Visualizer_User_Guide.pdf
Darktrace_Threat_Visualizer_User_Guide.pdfLeninHernnCortsLlang
 
Ivanti Security Controls.pptx
Ivanti Security Controls.pptxIvanti Security Controls.pptx
Ivanti Security Controls.pptxFarhanSaifudin2
 
website vulnerability scanner and reporter research paper
website vulnerability scanner and reporter research paperwebsite vulnerability scanner and reporter research paper
website vulnerability scanner and reporter research paperBhagyashri Chalakh
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersIBM Security
 
Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Laura Arrigo
 
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical ApproachIRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical ApproachIRJET Journal
 
5 howtomitigate
5 howtomitigate5 howtomitigate
5 howtomitigatericharddxd
 
Exploits Attack on Windows Vulnerabilities
Exploits Attack on Windows VulnerabilitiesExploits Attack on Windows Vulnerabilities
Exploits Attack on Windows VulnerabilitiesAmit Kumbhar
 
What is the process of Vulnerability Assessment and Penetration Testing.pdf
What is the process of Vulnerability Assessment and Penetration Testing.pdfWhat is the process of Vulnerability Assessment and Penetration Testing.pdf
What is the process of Vulnerability Assessment and Penetration Testing.pdfElanusTechnologies
 
USPS CISO Academy - Vulnerability Management
USPS CISO Academy - Vulnerability ManagementUSPS CISO Academy - Vulnerability Management
USPS CISO Academy - Vulnerability ManagementJim Piechocki
 
How to Audit
How to AuditHow to Audit
How to Auditayousif
 

Similar to Vulnerability Assesment (20)

RADAR - Le nouveau scanner de vulnérabilité par F-Secure
RADAR - Le nouveau scanner de vulnérabilité par F-SecureRADAR - Le nouveau scanner de vulnérabilité par F-Secure
RADAR - Le nouveau scanner de vulnérabilité par F-Secure
 
FALCON.pptx
FALCON.pptxFALCON.pptx
FALCON.pptx
 
Monitoring threats for pci compliance
Monitoring threats for pci complianceMonitoring threats for pci compliance
Monitoring threats for pci compliance
 
Monitoring threats for pci compliance
Monitoring threats for pci complianceMonitoring threats for pci compliance
Monitoring threats for pci compliance
 
2 20613 qualys_top_10_reports_vm
2 20613 qualys_top_10_reports_vm2 20613 qualys_top_10_reports_vm
2 20613 qualys_top_10_reports_vm
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #4
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
 
Darktrace_Threat_Visualizer_User_Guide.pdf
Darktrace_Threat_Visualizer_User_Guide.pdfDarktrace_Threat_Visualizer_User_Guide.pdf
Darktrace_Threat_Visualizer_User_Guide.pdf
 
Globally.docx
Globally.docxGlobally.docx
Globally.docx
 
Ivanti Security Controls.pptx
Ivanti Security Controls.pptxIvanti Security Controls.pptx
Ivanti Security Controls.pptx
 
website vulnerability scanner and reporter research paper
website vulnerability scanner and reporter research paperwebsite vulnerability scanner and reporter research paper
website vulnerability scanner and reporter research paper
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
 
Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12
 
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical ApproachIRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
 
5 howtomitigate
5 howtomitigate5 howtomitigate
5 howtomitigate
 
Exploits Attack on Windows Vulnerabilities
Exploits Attack on Windows VulnerabilitiesExploits Attack on Windows Vulnerabilities
Exploits Attack on Windows Vulnerabilities
 
What is the process of Vulnerability Assessment and Penetration Testing.pdf
What is the process of Vulnerability Assessment and Penetration Testing.pdfWhat is the process of Vulnerability Assessment and Penetration Testing.pdf
What is the process of Vulnerability Assessment and Penetration Testing.pdf
 
Information Security 201
Information Security 201Information Security 201
Information Security 201
 
USPS CISO Academy - Vulnerability Management
USPS CISO Academy - Vulnerability ManagementUSPS CISO Academy - Vulnerability Management
USPS CISO Academy - Vulnerability Management
 
How to Audit
How to AuditHow to Audit
How to Audit
 

More from Dedi Dwianto

Application Security Trends and Issues
Application Security Trends and IssuesApplication Security Trends and Issues
Application Security Trends and IssuesDedi Dwianto
 
Trend Kejahatan Cyber 2015
Trend Kejahatan Cyber 2015Trend Kejahatan Cyber 2015
Trend Kejahatan Cyber 2015Dedi Dwianto
 
Security Awareness
Security Awareness Security Awareness
Security Awareness Dedi Dwianto
 
Ancaman & kelemahan server
Ancaman & kelemahan serverAncaman & kelemahan server
Ancaman & kelemahan serverDedi Dwianto
 
Network Security Risk
Network Security RiskNetwork Security Risk
Network Security RiskDedi Dwianto
 

More from Dedi Dwianto (6)

Application Security Trends and Issues
Application Security Trends and IssuesApplication Security Trends and Issues
Application Security Trends and Issues
 
Trend Kejahatan Cyber 2015
Trend Kejahatan Cyber 2015Trend Kejahatan Cyber 2015
Trend Kejahatan Cyber 2015
 
Security Awareness
Security Awareness Security Awareness
Security Awareness
 
Ancaman & kelemahan server
Ancaman & kelemahan serverAncaman & kelemahan server
Ancaman & kelemahan server
 
Network Security Risk
Network Security RiskNetwork Security Risk
Network Security Risk
 
Networking recap
Networking recapNetworking recap
Networking recap
 

Vulnerability Assesment

  • 1.  Vulnerability Assesment Network Security Workshop Dedi Dwianto, C|EH, OSCP Daftar ISI
  • 2. 2 Contents  Technical Vulnerability Management  Vulnerability analysis tools
  • 3. 3 Technical Vulnerability Management  vulnerability analysis and assessment is an important element of each required activity in the NIST Risk Management Framework (RMF).  This RMF comprises six steps, into each of which vulnerability analysis and assessment is to be integrated:
  • 4. 4 Technical Vulnerability Management  Step 1: Categorize Information Systems.  Step 2: Select Security Controls  Step 3: Implement Security Controls.  Step 4: Assess Security Controls.  Step 5: Authorize Information Systems.  Step 6: Monitor Security Controls.
  • 5. 5 Technical Vulnerability Management  To reduce risks resulting from exploitation of published technical vulnerabilities.  Technical vulnerability management should be implemented in an effective, systematic, and repeatable way with measurements taken to confirm its effectiveness.  These considerations should include operating systems, and any other applications in use.
  • 6. 6 Technical Vulnerability Management  A current and complete inventory of assets is a prerequisite for effective technical vulnerability management.  Specific information needed to support technical vulnerability management includes the software vendor, version numbers, current state of deployment (e.g. what software is installed on what systems), and the person(s) within the organization responsible for the software.
  • 7. 7 Technical Vulnerability Management  The following guidance should be followed to establish an effective management process for technical vulnerabilities  the organization should define and establish the roles and responsibilities associated with technical vulnerability management, including vulnerability monitoring, vulnerability risk assessment, patching, asset tracking, and any coordination responsibilities required;
  • 8. 8 Technical Vulnerability Management  information resources that will be used to identify relevant technical vulnerabilities and to maintain awareness about them should be identified for software and other technology  a timeline should be defined to react to notifications of potentially relevant technical vulnerabilities;  once a potential technical vulnerability has been identified, the organization should identify the associated risks and the actions to be taken; such action could involve patching of vulnerable systems and/or applying other controls;
  • 9. 9 Technical Vulnerability Management  depending on how urgently a technical vulnerability needs to be addressed, the action taken should be carried out according to the controls related to change management  a timeline should be defined to react to notifications of potentially relevant technical vulnerabilities;  an audit log should be kept for all procedures undertaken  systems at high risk should be addressed first.
  • 10. 10 The Patch and Vulnerability Group  The PVG should be a formal group that incorporates representatives from information security and operations.  These representatives should include individuals with knowledge of vulnerability and patch management, as well as system administration, intrusion detection, and firewall management.
  • 11. 11 The duties of the PVG  Create a System Inventory.  Monitor for Vulnerabilities, Remediations, and Threats.  Prioritize Vulnerability Remediation.  Create an Organization-Specific Remediation Database  Conduct Generic Testing of Remediations.  Deploy Vulnerability Remediations.  Distribute Vulnerability and Remediation Information to Local Administrators.  Perform Automated Deployment of Patches.
  • 12. 12 The duties of the PVG  Configure Automatic Update of Applications Whenever Possible and Appropriate.  Verify Vulnerability Remediation Through Network and Host Vulnerability Scanning.  Vulnerability Remediation Training.
  • 13. 13 Report Organization Section1 Introduction to purpose, organization, scope, and assumptions for this Report. Section 2 Overview of automated vulnerability assessment tools—including descriptions of the various types of automated vulnerability assessment tools currently available Section 3 Catalogue of descriptions of current vulnerability assessment tools, categorized by type. Section 4 Representative listing of vulnerability assessment tools Section 5 List of resources to additional detailed information about IT and network vulnerability assessment and assessment tools.
  • 14. 14 Vulnerability Analysis tools  Vulnerability assessment tools generally work by attempting to automate the steps often employed to exploit vulnerabilities: they begin by performing a “footprint” analysis to determine what network services and/or software programs (including versions and patch levels) run on the target.  Vulnerability assessment tools help in that integration, by automating the detection, identification, measurement, and understanding of vulnerabilities found in ICT components at various levels of a target ICT system or infrastructure.
  • 15. 15 Vulnerability Analysis tools  Most vulnerability assessment tools are capable of scanning a number of network nodes, including networking and networked devices (switches, routers, firewalls, printers, etc.), as well as server, desktop, and portable computers.  The type and level of detail of a vulnerability assessment tool’s findings varies from tool to tool.
  • 16. 16 Tool type  Network Scanners  Host Scanners  Database Scanners  Web Application Scanners  Multilevel Scanners  Automated Penetration Test Tools  Vulnerability Scan Consolidators
  • 17. 17 Network Scanners  Assuria Auditor and Auditor RA  Infiltration Systems Infiltrator for Home Users  Microsoft® Attack Surface Analyzer  NileSOFT Secuguard SSE  Numara® Vulnerability Manager  SoftRun Inciter Vulnerability Manager  ThreatGuard® Secutor
  • 18. 18 Host Scanners  Beyond Security® Automated Vulnerability Detection System Host Scanners  Black Falcon/Net Security Suite Falcon Vulnerability Analysis  DragonSoft Vulnerability Management  eEye® Retina® Network  Fortinet® FortiScan 4.1.0  FuJian RongJi RJ-iTOP  GFI LANguard®
  • 19. 19 Database Scanners  Application Security AppDetectivePro  DBAPPSecurity MatriXay 3.6  Fortinet FortiDB  Imperva® Scuba  McAfee Repscan and McAfee Vulnerability Manager for Databases  NGSSecure NGS SQuirreL  Safety-Lab Shadow Database Scanner
  • 20. 20 Web Application Scanners  Acunetix® Web Vulnerability Scanner  Casaba Watcher 1.5.1  Cenzic® Hailstorm® Enterprise Application Risk Controller  eEye Retina Web  Grabber  Mavutina Netsparker®  HP WebInspect®
  • 21. 21 Multilevel Scanners  Integrigy AppSentry  Open Vulnerability Assessment System 4  SAINT® Professional and SAINT® Enterprise  Symantec® Control Compliance Suite: Vulnerability Manager  Tenable® Nessus®  Venusense Vulnerability Scanning and Management System
  • 22. 22 AUTOMATED PENETRATION TEST TOOLS  Arachni  CORE IMPACT® Pro  CORE INSIGHT Enterprise  Google® Skipfish  Immunity® CANVAS® Professional  Rapid7® Metasploit®  Rapid7 NeXpose
  • 23. 23 Monitoring Vulnerabilities  Vendor Web sites and mailing lists  Third-party Web sites  Third-party mailing lists and newsgroups  Vulnerability scanners  Vulnerability databases  Enterprise patch management tools  Other notification tools.
  • 24. 24 Monitoring Vulnerabilities  http://web.nvd.nist.gov/  http://secunia.com  http://www.exploit-db.com/