Workshop “Inzet van kennisportals tussen organisatie en klant” Boyd Hendriks Vogin-IP lezing 3 maart 2016
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Workshop “Inzet van kennisportals tussen organisatie en klant”
Boyd HendriksVogin-IP lezing 3 maart 2016
KlantOf
gebruiker
€Dienstverlener
Traditioneel verdienmodel van dienstverlening
taxonomie
K-kaart
I-kaartKennis/dossiers
adviseur
Dienstverlener 100% advies
100% informatie
Klant of gebruiker
Kennismanagement
Verbreed verdienmodel van dienstverlening
Klant of relatieportaal
Kennis/dossiers
adviseur
Dienstverlener 100% advies
100% informatie
Klant of gebruiker
Kennismanagement
Wie is de klantof de gebruiker
regio
organisatieTeam / afdeling
individu
global
Dienst-verlener
Klant of gebruiker
Private-cloud
Public-cloud
Architectuur
InformationListed clustered prioritised
abstracted
Alerted
analysed
recommended
concluded
Information value chain
Dienst-verlener
Klant of gebruiker
Private-cloud
Public-cloud
Security
Private-cloud
Public-cloud
1-Footprinting - Determining the targets footprint, e.g. DNS records, IP scope, public information, contact information, etc.
2-Scanning - Determining the targets openings, e.g. service ports, wireless networks, modems pools, vpn servers, etc.
3-Enumeration - Determining the services behind the openings, e.g. webservers, systems, routers, firewalls, wifi authentication, etc.
4-Penetration - Selecting appropiate exploits and penetrate the target, e.g. SQL injection, buffer overflow, password attacks, etc.
5-Escalation - Escalation of the credentials to admin or root, e.g. dll injection, local exploit, configuration change, sceduled jobs, etc.
6-Getting Interactive - Getting a remote shell or GUI on the target, e.g. RDP, VNC, NetCat, etc.7-Expanding Influence - Moving from the initial target as a foothold or beach-head to the rest
of the network taking over the domain.8-Cleaning Up - Ensuring backdoors and removing evidence, e.g. rootkits, log removal,
log editing, etc.9-Reporting - Writing and presenting a report on the pen-test to the owners of the network
one had authoritation to test.
Pentest
2% aanjagers
14% snelle instappers
34% vroege helft
34% late helft
16% onwilligen
stagnatie
Het gebruik van het klantportaal
Acceptatie
Tijd
Dank voor uw aandachtVragen ?
Related Documents
