Upload
se-cts-cert-gov-md
View
779
Download
10
Embed Size (px)
DESCRIPTION
Maxim Catanoi| IT Security Consultant
Citation preview
Penetration testing &Ethical Hacking
Security Week 2013
• Hacked Companies
• Penetration Testing
• Vulnerability Scanning
• Security Services offered by Endava
Agenda
2
IN YOUR ZONE
Who I am
3
•Catanoi Maxim – Information Security Consultant at Endava
•Certifications:
• EC-Council, Certified Ethical Hacker
• EC-Council, Certified Security Analyst
• EC-Council, Licensed Penetration Tester
• SANS/GIAC Penetration Tester
• PCI-DSS, PCI Professional (Payment Card Industry)
•Over 9 years of experience in IT Security
IN YOUR ZONE
Hacked companies – 2011-2013
4
• 90% of 600 companies suffered a computer hack in the past 12 months
• 77% of companies were actually hacked multiple times
• The respondents reported having a very low confidence in their ability to prevent attacks
• Many believe they simply aren’t prepared
• 53% also believe they will experience an attack in the next 12 months.
IN YOUR ZONE
Who Attacked and Where
5
• 27% of respondents were willing to blame 3rd party business partners
• 40% could not conclusively determine the source of the attacks
IN YOUR ZONE
Increase in Attacks
6
• The last 12 – 18 months has seen an increase in the severity of the attacks
• 77% of companies reported that they were now losing more money with every attack
• 78% also said that the frequency of attacks was also on the increase
• Theft of information and business disruptions were the most serious results of a hack
IN YOUR ZONE
Hacked Companies – 2011-2013
7
• Sony and the PlayStation Network
• WordPress.com
• RSA
• Voice of America
IN YOUR ZONE
What is a Penetration Testing?
• A penetration test is a method of evaluating the security of a computer system or
network by simulating an attack from a malicious source
8
IN YOUR ZONE
Why Penetration Testing?
• Find Holes Now Before Somebody Else Does
• To make a point to decision makers about the need for action or resources
• Real-world proof of need for action
• Report Problems to Management
• Evaluate efficiency of security protection
• Security Training For Network Staff
• Discover Gaps In Compliance
• Testing New Technology
• Adopt best practice by confirming to legal regulations
9
IN YOUR ZONE
Penetration Testing types
• Network services test
• Client-side security test
• Application security test
• Passwords attack
•Wireless & Remote Access security test
• Social engineering test
• Physical security test
10
IN YOUR ZONE
Penetration Testing area
11
Security policies, procedures, and education
Policies, procedures, and awareness
Guards, locks, tracking devicesPhysical security
Application hardeningApplication
OS hardening, authentication, security update management, antivirus updates, auditing
Host
Network segments, NIDSInternal network
Firewalls, boarder routers, VPNs with quarantine procedures
Perimeter
Strong passwords, ACLs, backup and restore strategy
Data
IN YOUR ZONE
Penetration Testing profile
•Black Box
•White Box
•Grey Box
12
•External
• Internal
•Destructive
•None-destructive
•Announced
•Unannounced
IN YOUR ZONE
Penetration Testing methodology
• Proprietary methodologies:
• IBM
• ISS
• Found Stone
• EC-Council LPT
• Open source and public methodologies:
• OSSTIMM
• CISSP
• CISA
• CHECK
• OWASP
13
IN YOUR ZONE
Penetration Testing flow
• Scope/Goal Definition
• Information Gathering
• Vulnerability Detection/Scanning
• Information Analysis and Planning
• Attack& Penetration/Privilege Escalation
• Result Analysis & Reporting.
• Clean-up
14
REPEAT
IN YOUR ZONE
LPT Penetration Testing roadmap
15
IN YOUR ZONE
LPT Penetration Testing roadmap (cont)
16
IN YOUR ZONE
Who should perform a Penetration Test?
• This is a highly manual process
• Art of finding an open door
• An qualified expert from outside holding recognized certifications like CEH, ECSA, CISSP, CISA, CHECK
• Networking – TCP/IP contepts, cabling techniques
• Routers, firewalls, IDS
• Ethical Hacking techniques – exploits, hacking tools, etc…
• Databases – Oracle, MSSQL, mySQL
• Operation Systems – Windows, Linux, Mainframe, Mac
• Wireless protocols – Wifi, Bluetooth
• Web servers, mail servers, access devices
• Programming languages
• other
17
IN YOUR ZONE
What makes a good Penetration Test
• Establishing the parameter for penetration test such as objectives and limitation
• Hiring skilled and experienced professional to perform the test
• Choosing suitable set of tests that balance cost and benefits
• Following a methodology with proper planning and documentation
• Documenting the result carefully and making it comprehensible for the client
• Stating the potential risk and findings clearly in the final report
18
IN YOUR ZONE
Vulnerability Scanning – standalone service
• An established process for identifying
vulnerabilities on internal and external
systems
• Reduce the likelihood of a vulnerability
being exploited and potential compromise
of a system component
• Internal vulnerability scans should be
performed at least quarterly
19
IN YOUR ZONE
How often?
• On regular basis, at least annually
• Internal penetration test
• External penetration test
• Vulnerability scanning at least quarterly
• New network infrastructure or applications are added
• Significant upgrades or modifications are applied to infrastructure or applications
• New office locations are established
• Security patches are applied
• End user policies are modified
20
IN YOUR ZONE
Security Services Offered by Endava
21
• Regular External and Internal Vulnerability Scans
• Regular Penetration Tests
• PCI-DSS Assessment
• Implementing ISO 27001 and/or ISO 9001 Standards
• Security Trainings
• Security Consultation
• Security Audits
• Custom Security Solution
• Intrusion Monitoring Solution
• 24/7 Incident responding team
IN YOUR ZONE
Questions
22
IN YOUR ZONE
The end
23
Maxim Catanoi| IT Security Consultant
Tel +373 797 02900 |Skype en_mcatanoi
thank you