Automation of Penetration Testing

  • View
    178

  • Download
    3

Embed Size (px)

Text of Automation of Penetration Testing

  • @haydnjohnson

    Automation of Pentesting- What | Why | Future

  • @haydnjohnson

    whoami

    @haydnjohnson

    OSCP | GXPN

    Pentester - with an approach to work with blue teams

    Enthusiast

    Presenter - hopefully I will be back

    Australian who lives in cold Canada.

  • @haydnjohnson

    On My Own Time & Dime- My opinions only!

  • @haydnjohnson

    Talk Outline

    The trend for automation of pentesting Pentest Puppy mills Small & Big business reasons for pushing automation Pentesters | Exploit Devs - what does this mean What to do to fight back!

  • @haydnjohnson

    The Trend

  • @haydnjohnson

    Automation of Pentesting - The Trend

    Pentesting - for less $$$$

    Fighting to under-cut each other

    Vulnerability Assessment as a Pentest

    Customers are being sold a VAs not Pentests!

    Not Liable

    If I am hacked, I do not want to be legally liable

  • @haydnjohnson

    Automation of Pentesting - The Trend

    Commoditization

  • @haydnjohnson

    Pentest Puppy Mills

  • @haydnjohnson

    Pentest Puppy Mills

    Scan Scan Scan Report Make report look nice Make report look nicer Send

  • @haydnjohnson

    Outsourcing

    Cheaper

  • @haydnjohnson

    Business Reasons for Automation

  • @haydnjohnson

    Small Business - No money | no budget

  • @haydnjohnson

    Small Business - Cant Keep talent

  • @haydnjohnson

    Large Business - all the money | complex

  • @haydnjohnson

    Large Business - Old policies

  • @haydnjohnson

    Small Business

    I want security, but how? As longs as the network is up!

  • @haydnjohnson

    Big Business

    I am not responsible for security Red Tape galore

  • @haydnjohnson

    Defenders - blinky boxes

    Even for the blue side, they have the culture of buying blinky boxes over human talent.

  • @haydnjohnson

    Terminology Confusion

    http://winterspite.com/security/phrasing/

  • @haydnjohnson

    A whole blog for Terminology!

    Vulnerability Assessment

    Intrusion Detection

    Blue Team

    Penetration Testing

    Adversarial Emulation

    Purple Team

    SRSLY GO READ IT:http://winterspite.com/security/phrasing/

  • @haydnjohnson

    VA Pentest Redteam - what does it mean?

    Firms sell Pentests then execute a VA Clients ask for a VA to be called a

    Pentest Red Team ??

  • @haydnjohnson

    Will we need exploit Devs??

  • @haydnjohnson

    We just Scan right?

    Environments too big to not scan.

    Understand vulnerabilities

    Business risk!

    Quantitative and Qualitative

  • @haydnjohnson

    Expertise needed

    Exploit development

    Bug Hunting

    Finding Vulnerability

    Exploit Found Added to Scanner Scanning for exploit

    Look for other exploits

  • @haydnjohnson

    Skill Spectrum

    Scanning Pentesting Exploit Development

    Scanning

    Now

    Future

  • @haydnjohnson

    World is FUBARed

  • @haydnjohnson

    A more insecure world

    Lack of vulns found Vulns sold on black market

  • @haydnjohnson

    WHAT DO??

  • @haydnjohnson

    What can we do from the front line?

    Educate managers Educate Clients Promote valuable security

  • @haydnjohnson

    Clarity on terms

    Vulnerability Assessment

    The point of a vulnerability assessment is to identify and categorize the vulnerabilities on a system or network.

    Issues identified and categorized.

  • @haydnjohnson

    Clarity on terms

    Penetration Test

    A penetration test, or pen test, is an attempt to evaluate the security of an IT infrastructure by safely trying to exploit vulnerabilities.

    Tests are goal-oriented

    https://www.coresecurity.com/penetration-testing-overview

  • @haydnjohnson

    The differences

    Vulnerability Assessment

    List Oriented

    Penetration Testing

    Goal Oriented

    https://danielmiessler.com/study/vulnerability-assessment-penetration-test/

    VULN A

    VULN B

    VULN C

    Phishing

    Local Admin

    Dump Hashes

    Domain Admin

  • @haydnjohnson

    Education - Sales / Managers

    Yes VA brings money, but it's small $$ and small value.

    Great to show different potential vulns.

    What about show the business impact?

    Can it be exploited?

    Difficult of exploitation?

    Any controls to mitigate damage?

  • @haydnjohnson

    Thank you

    Remember to provide real security

    Fight against the PenTest Puppy Mills.

  • @haydnjohnson

    Questions?

    Please ask away

    Tell me I am wrong, discuss.

    Got an opinion? Share it

    Clapping, welcome!