Ethical Hacking and Pentesting Vladan Nikolić ć ć, CISSP Senior Security Consultant/Architect IBM X-Force PSS EMEA
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Ethical Hacking and Pentesting
Vladan Nikoli ćććć, CISSPSenior Security Consultant/ArchitectIBM X-Force PSS EMEA
©2012 IBM Corporation©2012 IBM Corporation
Hackers and Ethical Hackers
� Typically consists of security professionals and network penetration testers.
� Utilizes hacking skills and technologies to protect the system and defend against intrusions.
� Activities include testing the network and systems security for vulnerabilities.
� Uses the same tools and technologies as a malicious hacker.
Ethical Hacker – a person who attacks a security system on behalf of its owners with the intent of discovering vulnerabilities that can be exploited by a malicious hacker.
©2012 IBM Corporation©2012 IBM Corporation
Penetration Testing in the years� Early pentesting was a black art, nobody saw
the need; employees were trusted
� Early on, true penetration testing skills were
learned mostly in and amongst small,
underground communities
� There was no semblance of a commonly-
accepted methodology, so every pentester
used to write his own
� In late 2000 open source security testing
methodology the OSSTMM
� Pentesting began to gain more widespread
appeal assessment tools have come a long
way since then, pentest became a project!
©2012 IBM Corporation©2012 IBM Corporation
Today: the new pentesting
A good pentesting is made by PEOPLE not by TOOLS
It’s crucial understanding the process of an attack, not just the tools and the vulns but the actual mindset to use to break in
Pentest is not a project, it’s a PROCESS!
There is plenty of companies who will teach you “ethical hacking”, “applied pentesting”, books, tools and so on. None of them will give you the hacking mindset.
©2012 IBM Corporation©2012 IBM Corporation
What IBM can deliver
� In-depth assessment of vulnerabilities only found through source code analysis
� Map with regulations such as PCI, DISA, FISMA, and Sarbanes-Oxley, and best practices including the OWASP Top 10
Application Source Code Assessment
� Functional review of the application from both a client and server perspective
� Comprehensive vulnerability assessment of the application and network infrastructure directly supporting the application
Application and Mobile Security Assessment
Leverages IBM Rational® AppScan® software
Penetration testing
Assessment of application vulnerabilities that jeopardize critical or sensitive data
Leverages IBM Rational®AppScan® Source Edition
� Coporate networks and local infrastructures (remote/onsite)
� WebApplications (blackbox/graybox)
� Mobile and Embedded device testing (e.g. iPhone, Android)
� SCADA control systems for utility and power companies
� Client Server Apps and Mobile apps
©2012 IBM Corporation©2012 IBM Corporation
Control/Office InfrastructureControl/Office InfrastructureControl Bridge
Control Bridge
Plant Infrastructure
Plant Infrastructure
Wireless WiFi
Attacks
Wireless WiFi
AttacksWireless RF
Attacks
Wireless RF
Attacks
Indirect Malware
Infections
Indirect Malware
Infections
Direct Internet
Attacks
Direct Internet
Attacks
Vulnerable
networked
services
Vulnerable
networked
services
Malware
infected hosts
Malware
infected hosts
Indirect Internet
Attacks (e.g. VPN)
Indirect Internet
Attacks (e.g. VPN)
Portable
Media Attacks
Portable
Media AttacksGuessed/stolen
credentials
Guessed/stolen
credentials
Embedded
Command
Attacks
Embedded
Command
Attacks
Device
Contamination
Device
Contamination
6
SCADA Attack Vectors
©2012 IBM Corporation©2012 IBM Corporation
WebApp securityWeb application vulnerabilities dominate enterprise threat landscape
� 41% of all vulnerabilities are in web applications*
� Cross-Site Scripting & SQL injection vulnerabilities continue to dominate
©2012 IBM Corporation©2012 IBM Corporation
Mobile applications have been around for years (think Blackberry)
However, today's popular devices are aimed at the consumer market, not corporate
The ubiquity of these devices makes them an attractive platform for enterprise applications as well as numerous, sensitive consumer apps
The result is a class of device designed with minimal security controls in mind but now requiring the most stringent security capabilities
Mobile Device Hacking
©2012 IBM Corporation©2012 IBM Corporation
Mobile Threat Model
Slide from OWASP meeting© 2012 KRvW Associates LLC
©2012 IBM Corporation©2012 IBM Corporation
Client Values and Deliverables
� IBM penetration testing services can deliver:– An effective, affordable service that provides a “hacker’s-
eye” view of a client’s security posture
– The identification of security issues before they are exploited,providing organizations an opportunity to prevent threats before they can impact the business
– Access to security experts and proven best practices and delivers a detailed action plan with remediation recommendations
– Assistance in ensuring regulatory compliance and business continuity
©2012 IBM Corporation©2012 IBM Corporation
2011: Year of the Security Breach
©2012 IBM Corporation©2012 IBM Corporation
Questions …� Time for you to talk now!
THANK YOU
Related Documents
