Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
E-SPIN Vulnerability Management (VM) Acunetix Product Overview
Ver. 11.xUpdated
© Since 2005 E-SPIN SDN BHD. All Right Reserved. www.e-spincorp.com
Copyrighted
Copyright © 2005 - 2017 by E-SPIN Group. All rights reserved.
No part of this training presentation/handout may be reproduced, stored in a retrieval system, or transmitted in any form or by an means, electronic, mechanical, photocopying, recording, scanning, or otherwise, without either the prior written permission of E-SPIN, or authorization through payment of the appropriate per-copy fee to E-SPIN, or on the web at www.e-spincorp.com
Limit of Liability / Disclaimer of Warranty: While the author have used their best efforts in preparing this training presentation/handout, they make no representations or warranties with respect to the accuracy or completeness of the contents and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for any situation. You should consult with a professional where appropriate. Neither the author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.
For general information on our other products and services or for technical support, please contact our customer service officer or email [email protected].
What can you expect from the presentation?
Product In Depth●
Actual Requirement Address
End to End Solution Proposal
● Product know how and usage specific apply to achieve the web application security testing / vulnerability / penetration testing requirement
● assessment task in hand
● First hand experience address your actual project/ operation requirement with our Consultant assistance
● Holistic and end to end address you project/operation requirement with various option
Company Overview
Product Overview
Why Web Application Security
● Hackers concentrating on web applications
● Shopping carts and login pages at risk
● Web apps are publically available 24/7
● Web apps are often custom made and therefore less tested
● Firewalls/network level defense provide no protection!
You must audit your web applications!
Why Hackers Hack?
● Gain access to sensitive data (credit card data)
● Run phishing sites
● Run botnets
● Distribute illegal content
● Improve ranking
The Cost of Being Hacked
• Loss of customer confidence and thus revenue
• Loss of ability to accept VISA, MC, AMEX and PayPal
• Significant website downtime
• Cost of rebuilding website and server
• Loss of customer data can result in court cases
What do hackers do?
Hackers use a systematic plan of action:
1. Study Server Infrastructure and Server Operating System/type.
2. Survey the website/application.3. Check for presence of vulnerabilities.4. Plan and Mount the attack.
How do Hackers Work?
How to limit breach damage?
● Web assessment and hacking yourself to found out all vulnerabilities
● fix them before hacker found it and exploit them and cause the damage
Web Application Architecture
The end to end components of a typical web application architecture
Potential weak sports
Client analysis
Transport analysis
Web server / web services analysis
Database server analysis
Exploitation analysis
Source code analysis
Web / application server analysis
Web Hacking Methodology
Web Hacking Tools and Techniques
What is a Web Vulnerability Scanner?
● Hacking is an ever-growing threat against web applications. Any user browsing a website can be a potential hacker, so a preventive approach is the first defence.
● A Web Vulnerability Scanner is an automated security application that searches for vulnerabilities within web applications, web technologies and web servers.
How Acunetix Web Scanner Help?
● Acunetix WVS acts like a Hacker by trying to find vulnerabilities on the web application, web technology (e.g. PHP, Apache etc), web server or any network service (e.g. DNS, FTP etc) running on the web server.
Popular Hacking Techniques
● Known static methods:● Specific Web Applications known
exploits
● Directory enumeration
● Known Web Server exploits
● Known Web technology exploits (e.g. php vulnerabilities)
● Known network services exploits (e.g. DNS, FTP, SMTP)
● Unknown dynamic methods:● SQL Injection● Cross-site Scripting● Directory and Link Traversal● File Inclusion● Source Code Disclosure● Code Execution● Common File Checks● Parameter Manipulation● Arbitrary file creation or deletion● CRLF Injection● Path Truncation● Java Applet reverse engineering● Session Hijacking● Authentication Attacks● Google Hacking Database
Acunetix WVS searches for all of the above hacking methods and much more.
The Acunetix WVS
Acunetix WVS is an easy-to-use Heuristic Methodology Scanner allowing automatic and manual scans and audits.
By replicating hacking attacks in a non-destructive manner, Acunetix WVS is an essential tool to help you find vulnerabilities in your web environment.
A whole web security solution
● Acunetix checks● Web server
configuration● Web technology
configuration (.NET, PHP etc)
● Port scanner and Network Alerts
Web Server (Web Service)
(Web) Application ServerDatabase Server
Network Port AnalysisTransport Analysis
Source Code Analysis
IIS/Apache & others HTTP server
MS SQL, MySQL etc
How Acunetix WVS Work
● Discovery and Crawling Process Stage● Automated Scan Stage● Specific Manual Testing Stage (optional)● Reporting Stage
Industry leading crawler
• State of art crawler technology• Client Script Analyzer (CSA)
• Good crawler reduces false positives• Web 2.0, JavaScript, JQuery and Ajax
supported with CSA engine• Detection of custom 404• Able to traverse log in areas using the
log on recorder• Can handle CAPTCHA forms• Supports single sign on and security
token mechanisms• Understands scope of page and can
act accordingly• AcuSensor technology can find
unlinked files too and can deal with URL rewriting rules
• Out-of-Band vulnerabilities detection (AcuMonitor)
• SPA, HTML5 Mobile website scanning• 3rd party tool integration to extend
functionality• web dashboard scalable for multiple
user and multi scan engine (for high end advanced version option)
• CVSS v3 ready• and many more
Acunetix Web Centralized Dashboard
Acunetix AcuSensor Technology
● Combines black box scanning & source code analysis
● Analyzes code whilst it is executed!
● Detection of more vulnerabilities
● Less false positives● Find configuration
issues in the web server or run time environment
AcuSensor Reports Advanced Debug Info
● Reports the SQL query vulnerable to SQL Injection, the POST variable, stack trace
AcuSensor Reports Advanced Debug Info
● Indicates where in your code the vulnerability is
Combatting the Web Vulnerability Threat www.acunetix.com
Detection of Blind XSS - 3 of 3
VVSAdmin
Scan Web Site
XSS stored in DB
XSS loaded in backend webapp
Script informs VVSVVS informs admin by email
E-SPIN Group of Companies( Enterprise Solution Professional on Information and Network )
www.e-spincorp.com
Acunetix AcuMonitor
Detection of Out-of-Band Vulnerability, eg, Blind XSS
VVSAdmin
Scan Web Site
XSS stored in DB
XSS loaded in backend webapp
Script informs VVSVVS informs admin by email
Acunetix Product Overview
● Support for various development architectures and web services change
(Restful web services etc)
● Detection of Malware and Phishing URLs (leverage Google and Yandex
Safe Browsing Database)
Acunetix Product Overview
Wordpress, Drupal and Joomla! vulnerability checks to this widely adopted Content Management System (CMS) Framework and Platform since v10, and v10.5 onward
Acunetix Product Overview
now scores vulnerabilities using CVSS 3.0 scoring system, widely used for compliance purposes and to prioritize the fixing of vulnerabilities (now AWVS using both CVSSv2 and the new CVSSv3)
E-SPIN Solution Unique Value Proposition
IAST Security Testing
E-SPIN Solution cover Application Security Solution Domain in Depth End to End, Breadth and Depth (Vertical and Horizontal)
E-SPIN Solution Unique Value Proposition
E-SPIN Solution cover Application Security Solution Domain in Depth End to End, Breadth and Depth (Vertical and Horizontal)
(DAST, IAST, SAST)
(SAST)
Client Requirement
Typical Client Requirement
Requirement● Web Application / portal / custom web
application● regulatory compliance report● one off or ongoing report?● 3rd party web scan report or internal
scanning?● volume of website and report frequency● Web technologies● Commercial off the shelf web app without
source code or custom self development with source code
● Mobile HTML5 ready?● Web services technologies ready?● SPA website?● Product knowledge transfer (basic, standard
or advanced)● Consultancy on the scan result?● require integration for static source code
analysis for developer?● require integration for server and network
assessment?
Solution● Web scanner by 1 target to unlimited by per
install base or just outsourced as managed service
● license subscription (LS) or perpetual license (PL)
● Product 1 Day Basic / 3 Days Standard / 5 Days Advanced Training by pax or class
● E-SPIN local product extended 8x5xNBD or 24x7 support SLA
● Extended service to include actual scan report consultancy by scope
● integration or complementary solution for end to end solution
Your Requirement
Requirement●
Solution●
Solution Proposal
Solutions Adoption Option
● The solutions can be deployed in the following options
On Premise On Line
Laptop Desktop Server
Enterprise usually AWVS StdX2 / ProX5 or EntX10Consultant or Power User usually AWVS ProX5Large Enterprise multi user usually AWVS EntX10
AWVS Online v1.0
Advanced & Full feature Online & with Free OpenVAS (Network Scanner built in)
E-SPIN 1U Web Security Scanner Appliance
E-SPIN Security Pro Laptop X
Ver. 11.xUpdated
Acunetix 5 DaysA
dvanced 5 Days
Standard 3 days
Standard 1
Day
Acunetix Day 1
Acunetix Day 2
Acunetix Day 3
Acunetix Day 4
Acunetix Day 5
OpenVAS and Acunetix OVS
OVS (feat. OpenVAS)
WVS (feat. built in Port
scanner & network alert)
● WVS built in network port scanner and alert since version 6
● OVS 1.0 bundled with OpenVAS backend, but OVS front web interface and report presentment
=
● Acunetix is web vulnerability scanner (WVS), not network vulnerability scanner (NVS)
● from the recent OVS v1 is leverage OpenVAS (ie “Open Nessus”)
OpenVAS
Acunetix OVS
Web Scanner + Network Scanner
Network Scanner: Nessus/SC/Retina/Retina
CS/GFI LanGuard
Web Scanner: Acunetix WVS / OVS
● web application security testing
● OS vulnerability assessment
+
● Despite the term “Network Scanner” is used, it is common use for conduct OS assessment for system/server.
Comprehensive application server security testing and assessment coverage
Thank You
TM