E-SPIN Vulnerability Management (VM) Acunetix Product Overview

Ver. 11.xUpdated

© Since 2005 E-SPIN SDN BHD. All Right Reserved. www.e-spincorp.com

Copyrighted

Copyright © 2005 - 2017 by E-SPIN Group. All rights reserved.

No part of this training presentation/handout may be reproduced, stored in a retrieval system, or transmitted in any form or by an means, electronic, mechanical, photocopying, recording, scanning, or otherwise, without either the prior written permission of E-SPIN, or authorization through payment of the appropriate per-copy fee to E-SPIN, or on the web at www.e-spincorp.com

Limit of Liability / Disclaimer of Warranty: While the author have used their best efforts in preparing this training presentation/handout, they make no representations or warranties with respect to the accuracy or completeness of the contents and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for any situation. You should consult with a professional where appropriate. Neither the author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.

For general information on our other products and services or for technical support, please contact our customer service officer or email info@e-spincorp.com.

What can you expect from the presentation?

Product In Depth●

Actual Requirement Address

End to End Solution Proposal

● Product know how and usage specific apply to achieve the web application security testing / vulnerability / penetration testing requirement

● assessment task in hand

● First hand experience address your actual project/ operation requirement with our Consultant assistance

● Holistic and end to end address you project/operation requirement with various option

Company Overview

Product Overview

Why Web Application Security

● Hackers concentrating on web applications

● Shopping carts and login pages at risk

● Web apps are publically available 24/7

● Web apps are often custom made and therefore less tested

● Firewalls/network level defense provide no protection!

You must audit your web applications!

Why Hackers Hack?

● Gain access to sensitive data (credit card data)

● Run phishing sites

● Run botnets

● Distribute illegal content

● Improve ranking

The Cost of Being Hacked

• Loss of customer confidence and thus revenue

• Loss of ability to accept VISA, MC, AMEX and PayPal

• Significant website downtime

• Cost of rebuilding website and server

• Loss of customer data can result in court cases

What do hackers do?

Hackers use a systematic plan of action:

1. Study Server Infrastructure and Server Operating System/type.

2. Survey the website/application.3. Check for presence of vulnerabilities.4. Plan and Mount the attack.

How do Hackers Work?

How to limit breach damage?

● Web assessment and hacking yourself to found out all vulnerabilities

● fix them before hacker found it and exploit them and cause the damage

Web Application Architecture

The end to end components of a typical web application architecture

Potential weak sports

Client analysis

Transport analysis

Web server / web services analysis

Database server analysis

Exploitation analysis

Source code analysis

Web / application server analysis

Web Hacking Methodology

Web Hacking Tools and Techniques

What is a Web Vulnerability Scanner?

● Hacking is an ever-growing threat against web applications. Any user browsing a website can be a potential hacker, so a preventive approach is the first defence.

● A Web Vulnerability Scanner is an automated security application that searches for vulnerabilities within web applications, web technologies and web servers.

How Acunetix Web Scanner Help?

● Acunetix WVS acts like a Hacker by trying to find vulnerabilities on the web application, web technology (e.g. PHP, Apache etc), web server or any network service (e.g. DNS, FTP etc) running on the web server.

Popular Hacking Techniques

● Known static methods:● Specific Web Applications known

exploits

● Directory enumeration

● Known Web Server exploits

● Known Web technology exploits (e.g. php vulnerabilities)

● Known network services exploits (e.g. DNS, FTP, SMTP)

● Unknown dynamic methods:● SQL Injection● Cross-site Scripting● Directory and Link Traversal● File Inclusion● Source Code Disclosure● Code Execution● Common File Checks● Parameter Manipulation● Arbitrary file creation or deletion● CRLF Injection● Path Truncation● Java Applet reverse engineering● Session Hijacking● Authentication Attacks● Google Hacking Database

Acunetix WVS searches for all of the above hacking methods and much more.

The Acunetix WVS

Acunetix WVS is an easy-to-use Heuristic Methodology Scanner allowing automatic and manual scans and audits.

By replicating hacking attacks in a non-destructive manner, Acunetix WVS is an essential tool to help you find vulnerabilities in your web environment.

A whole web security solution

● Acunetix checks● Web server

configuration● Web technology

configuration (.NET, PHP etc)

● Port scanner and Network Alerts

Web Server (Web Service)

(Web) Application ServerDatabase Server

Network Port AnalysisTransport Analysis

Source Code Analysis

IIS/Apache & others HTTP server

MS SQL, MySQL etc

How Acunetix WVS Work

● Discovery and Crawling Process Stage● Automated Scan Stage● Specific Manual Testing Stage (optional)● Reporting Stage

Industry leading crawler

• State of art crawler technology• Client Script Analyzer (CSA)

• Good crawler reduces false positives• Web 2.0, JavaScript, JQuery and Ajax

supported with CSA engine• Detection of custom 404• Able to traverse log in areas using the

log on recorder• Can handle CAPTCHA forms• Supports single sign on and security

token mechanisms• Understands scope of page and can

act accordingly• AcuSensor technology can find

unlinked files too and can deal with URL rewriting rules

• Out-of-Band vulnerabilities detection (AcuMonitor)

• SPA, HTML5 Mobile website scanning• 3rd party tool integration to extend

functionality• web dashboard scalable for multiple

user and multi scan engine (for high end advanced version option)

• CVSS v3 ready• and many more

Acunetix Web Centralized Dashboard

Acunetix AcuSensor Technology

● Combines black box scanning & source code analysis

● Analyzes code whilst it is executed!

● Detection of more vulnerabilities

● Less false positives● Find configuration

issues in the web server or run time environment

AcuSensor Reports Advanced Debug Info

● Reports the SQL query vulnerable to SQL Injection, the POST variable, stack trace

AcuSensor Reports Advanced Debug Info

● Indicates where in your code the vulnerability is

Combatting the Web Vulnerability Threat www.acunetix.com

Detection of Blind XSS - 3 of 3

VVSAdmin

Scan Web Site

XSS stored in DB

XSS loaded in backend webapp

Script informs VVSVVS informs admin by email

E-SPIN Group of Companies( Enterprise Solution Professional on Information and Network )

www.e-spincorp.com

Acunetix AcuMonitor

Detection of Out-of-Band Vulnerability, eg, Blind XSS

VVSAdmin

Scan Web Site

XSS stored in DB

XSS loaded in backend webapp

Script informs VVSVVS informs admin by email

Acunetix Product Overview

● Support for various development architectures and web services change

(Restful web services etc)

● Detection of Malware and Phishing URLs (leverage Google and Yandex

Safe Browsing Database)

Acunetix Product Overview

Wordpress, Drupal and Joomla! vulnerability checks to this widely adopted Content Management System (CMS) Framework and Platform since v10, and v10.5 onward

Acunetix Product Overview

now scores vulnerabilities using CVSS 3.0 scoring system, widely used for compliance purposes and to prioritize the fixing of vulnerabilities (now AWVS using both CVSSv2 and the new CVSSv3)

E-SPIN Solution Unique Value Proposition

IAST Security Testing

E-SPIN Solution cover Application Security Solution Domain in Depth End to End, Breadth and Depth (Vertical and Horizontal)

E-SPIN Solution Unique Value Proposition

E-SPIN Solution cover Application Security Solution Domain in Depth End to End, Breadth and Depth (Vertical and Horizontal)

(DAST, IAST, SAST)

(SAST)

Client Requirement

Typical Client Requirement

Requirement● Web Application / portal / custom web

application● regulatory compliance report● one off or ongoing report?● 3rd party web scan report or internal

scanning?● volume of website and report frequency● Web technologies● Commercial off the shelf web app without

source code or custom self development with source code

● Mobile HTML5 ready?● Web services technologies ready?● SPA website?● Product knowledge transfer (basic, standard

or advanced)● Consultancy on the scan result?● require integration for static source code

analysis for developer?● require integration for server and network

assessment?

Solution● Web scanner by 1 target to unlimited by per

install base or just outsourced as managed service

● license subscription (LS) or perpetual license (PL)

● Product 1 Day Basic / 3 Days Standard / 5 Days Advanced Training by pax or class

● E-SPIN local product extended 8x5xNBD or 24x7 support SLA

● Extended service to include actual scan report consultancy by scope

● integration or complementary solution for end to end solution

Your Requirement

Requirement●

Solution●

Solution Proposal

Solutions Adoption Option

● The solutions can be deployed in the following options

On Premise On Line

Laptop Desktop Server

Enterprise usually AWVS StdX2 / ProX5 or EntX10Consultant or Power User usually AWVS ProX5Large Enterprise multi user usually AWVS EntX10

AWVS Online v1.0

Advanced & Full feature Online & with Free OpenVAS (Network Scanner built in)

E-SPIN 1U Web Security Scanner Appliance

E-SPIN Security Pro Laptop X

Ver. 11.xUpdated

Acunetix 5 DaysA

dvanced 5 Days

Standard 3 days

Standard 1

Day

Acunetix Day 1

Acunetix Day 2

Acunetix Day 3

Acunetix Day 4

Acunetix Day 5

OpenVAS and Acunetix OVS

OVS (feat. OpenVAS)

WVS (feat. built in Port

scanner & network alert)

● WVS built in network port scanner and alert since version 6

● OVS 1.0 bundled with OpenVAS backend, but OVS front web interface and report presentment

=

● Acunetix is web vulnerability scanner (WVS), not network vulnerability scanner (NVS)

● from the recent OVS v1 is leverage OpenVAS (ie “Open Nessus”)

OpenVAS

Acunetix OVS

Web Scanner + Network Scanner

Network Scanner: Nessus/SC/Retina/Retina

CS/GFI LanGuard

Web Scanner: Acunetix WVS / OVS

● web application security testing

● OS vulnerability assessment

+

● Despite the term “Network Scanner” is used, it is common use for conduct OS assessment for system/server.

Comprehensive application server security testing and assessment coverage

Thank You

TM