ATTAKAATTAKA

Vulnerability Assessment and Vulnerability Assessment and Management PlatformManagement Platform

What is a Vulnerability What is a Vulnerability Assessment? (VA)Assessment? (VA)

It is a process for the identification of networks and devices vulnerabilities, performed before intruders may exploit such security flaws

It is a process to detect possible flaws in security policies

Its result must prove whether the network security complies with the established policies.

The 4 Laws of VulnerabilitiesThe 4 Laws of Vulnerabilities

Half LifeThe half-life identifies the length of time it takes users to patch half of their systems, reducing their exposures

Prevalence50 percent of the most prevalent and critical vulnerabilities are replaced by new vulnerabilities on an annual basis

PersistenceSome of critical vulnerabilities remain persistent and their lifespan is unlimited

ExploitationAutomated attacks create 85 percent of their damage within the first fifteen days from the outbreak and have an unlimited life time

Creating a Balanced Security Creating a Balanced Security EcosystemEcosystem

End

Poin

tEn

d Po

int

Inte

llige

nce

Inte

llige

nce

Topo

logy

Topo

logy

Inte

llige

nce

Inte

llige

nce

ThreatThreat

Intelligence

Intelligence

Regulations/Regulations/

PoliciesPolicies

AccessAccessControls

Controls

TrafficTraffic

Inspection

Inspection

Blo

ckin

gB

lock

ing

Aler

ting

Aler

ting

ForensicsForensics

ProactiveProactive ReactiveReactive

Light Spending

Heavy Spending

“Current enterprise security spending tends to be focused on reactive technologies more than proactive technologies” – Amrit Williams, Gartner

Threat Feeds

Threat Feeds

Conf

igur

atio

n

Man

agem

ent

Vuln

erab

ility

Man

agem

ent

Networ

kDisc

over

y

IPSFirew

all

Anti-

Viru

s

IDS

SIM/SEM

Identification/Authentication PKI

Incident

Response

Compliance

SystemsNAC

Asset Intelligence&

Risk Reduction

Blocking&

Event Mgmt.

“Stop the Bullets”“Shrink the Targets”

The Experts Say...The Experts Say... "Enterprises that implement a vulnerability

management process will experience 90 percent fewer successful attacks than those that make an equal investment only in intrusion detection systems"

Gartner “99% of network intrusions result from exploitation of known

vulnerabilities or configuration errors where

countermeasures were available.”

Carnegie Mellon Univ.

“The Yankee Group recommends vulnerability management services for enterprises that would incur financial risk if their network or key business applications were to become unavailable due to a misconfiguration or cyberattack..”

CERT Recommends Vulnerability Assessment

Mastercard and VISA demand periodic Mastercard and VISA demand periodic VA to maintain active e-commerce VA to maintain active e-commerce

websiteswebsites

Why Subscribe to a Why Subscribe to a Vulnerability Assessment Service?Vulnerability Assessment Service?

To detect possible failures in security policies To preserve the uninterrupted operation of your business

and intangible assets To fix software failures that affect your company's

security, performance or functionality To enhance antivirus software, firewalls, IDS/IPS and

VPNs To achieve compliance with quality and management

standards such as ISO17799/27000, Sarbanes Oxley, etc

Obtain Information

VulnerabilityAssessment

Information Planning

Attack

Report and Analyze resultsClean

Pivot

Collect all the possible information about the target

Obtain administrator privileges on the attack system

Take advantages of privileges

Planning the attack

Target definition Target definition

Vulnerability Assessment

Report

YES

NO

What to probe? Attacker skill.

Vulnerability Assessment Penetration Testing

Obtain Information

Differences between a Vulnerability Differences between a Vulnerability Assessment and a Pen. TestAssessment and a Pen. Test

Source: Core

Ready?

20042001

IP360Product

2002

FoundscanService/Product

QualysScanService/Product

2003

REM/RetinaProduct

Lightning Console/Nessus

Attaka

2005

The Birth of Vulnerability Management The Birth of Vulnerability Management (agent-less)(agent-less)

Buffer Overflows Increase Sophistication

New Attack Vectors emerge

ATTAKA, a different kind of ATTAKA, a different kind of Vulnerability AssessmentVulnerability Assessment

VA with “service centric” vision Attaka allows now to integrate all the participants through

internal/external remediation, documentation and reporting workflows

They are not expensive, which allows to repeat them frequently, reinforcing the concept of "security = process", and they help carry out the complex processes to "be in compliance"

Integrates with company's Help Desk to provide greater support to clients

Gives users the possibility of interacting with their companies' security status, in a continuous and cooperative process

ATTAKA transform in “ “An integrated, collaborative and management An integrated, collaborative and management

PlatformPlatform””

ATTAKA assesses more than 15000 security vulnerabilities on network environmentsIt consists of the following modules:

Discovery: •Asset consolidation and assessment (internal and external).

Reporting: •Interactive, historical and dashboard reports with key indicators and summarized information on vulnerabilities, statistics and current infrastructure state

Remediation: •This includes documentation and workflow. Follow-up, improvement and resolution of issues are recorded in the Patch Management process (vulnerability remediation)

Support: •24/7 on-line access based on a ITIL – Help Desk that provides support

ATTAKA, a different kind of ATTAKA, a different kind of Vulnerability AssessmentVulnerability Assessment

ATTAKA is the only platform in Latin America in process of being recognized by MITRE (http://cve.mitre.org)

Segmentation for Servers and Workstations

3 flavors:Professional (Reporting)Business (Reporting + Remediation)Corporate (Reporting + Remediation + Support)

ATTAKA, a different kind of ATTAKA, a different kind of Vulnerability AssessmentVulnerability Assessment

Dashboard reportPossibility of performing remote vulnerability assessments in LAN networks (ATTAKA indoor) without complex proceduresSearches by CVE codeVulnerabilities remediation module (patch management)Performs external and internal audits under the company management supervisionSecurity news module Performance and scalabilityPossibility of assessing hundreds of IPs per report/session Integrate 24/7 on-line access based on a ITIL – Help Desk that provides supportMulti-language capability – Spanish and English

ATTAKA, key featuresATTAKA, key features

ATTAKA OutdoorATTAKA Outdoor

The Block, VA Indoor ApplianceThe Block, VA Indoor Appliance

“The BlockThe Block”, full proof appliance to deliver LAN´s Remote vulnerability Assesments

•Always up-to-date: periodically updated, including improvements and new attack patterns.•Impenetrable: can only be accessed from Openware’s Security Operation Center (SOC), and managed by authorized personnel. •Low impact: does not overload clients' network traffic or Internet links. •Flexible: can complement other security devices (firewalls) already working, or replace them providing complex functions. •Simple installation: transparent installation in front panel takes no more than 15 minutes and does not require installing agents in any server. •Integrated: it integrates with Openware’s managed security ecosystem, through monitoring and centralized platform (Blockware). •Secure: double internal Watchdog ensures high-availability. •High performance: high performance and throughput, allowing high-speed data processing without loss or bottlenecks.

ATTAKA IndoorATTAKA Indoor

ATTAKA, ScreenshotsATTAKA, Screenshots

ATTAKA, benefits for your ATTAKA, benefits for your business !business !

Reduces operating costs, minimizing TCO for vulnerability assessment and management tasks

Reduces human error and false positives, by a double checking with our security specialists and knowledge databases

Easy operation and implementation – it does not require network changes, special software or experts to make it works

Complements and adds value to firewalls, IDS and antivirus software, by detecting failures in their configuration

Speeds up security troubleshooting processes, presenting added information for a quick view the company's vulnerability state, complete details for each vulnerability ranked by risk level, and the recommended action for solving it   

THANK YOU!

For further informationFor further informationhttp://www.openware.biz

ATTAKA DemoATTAKA DemoURL: https://security.openware.bizUsername: 123456789-attakaPassword: attaka414

ContactContactinfoeurope@openware.bizinfoeurope@openware.biz