attaka managed va eng v2
DESCRIPTION
Attaka presentation. A great framework to use with Nessus reportsTRANSCRIPT
ATTAKAATTAKA
Vulnerability Assessment and Vulnerability Assessment and Management PlatformManagement Platform
What is a Vulnerability What is a Vulnerability Assessment? (VA)Assessment? (VA)
It is a process for the identification of networks and devices vulnerabilities, performed before intruders may exploit such security flaws
It is a process to detect possible flaws in security policies
Its result must prove whether the network security complies with the established policies.
The 4 Laws of VulnerabilitiesThe 4 Laws of Vulnerabilities
Half LifeThe half-life identifies the length of time it takes users to patch half of their systems, reducing their exposures
Prevalence50 percent of the most prevalent and critical vulnerabilities are replaced by new vulnerabilities on an annual basis
PersistenceSome of critical vulnerabilities remain persistent and their lifespan is unlimited
ExploitationAutomated attacks create 85 percent of their damage within the first fifteen days from the outbreak and have an unlimited life time
Creating a Balanced Security Creating a Balanced Security EcosystemEcosystem
End
Poin
tEn
d Po
int
Inte
llige
nce
Inte
llige
nce
Topo
logy
Topo
logy
Inte
llige
nce
Inte
llige
nce
ThreatThreat
Intelligence
Intelligence
Regulations/Regulations/
PoliciesPolicies
AccessAccessControls
Controls
TrafficTraffic
Inspection
Inspection
Blo
ckin
gB
lock
ing
Aler
ting
Aler
ting
ForensicsForensics
ProactiveProactive ReactiveReactive
Light Spending
Heavy Spending
“Current enterprise security spending tends to be focused on reactive technologies more than proactive technologies” – Amrit Williams, Gartner
Threat Feeds
Threat Feeds
Conf
igur
atio
n
Man
agem
ent
Vuln
erab
ility
Man
agem
ent
Networ
kDisc
over
y
IPSFirew
all
Anti-
Viru
s
IDS
SIM/SEM
Identification/Authentication PKI
Incident
Response
Compliance
SystemsNAC
Asset Intelligence&
Risk Reduction
Blocking&
Event Mgmt.
“Stop the Bullets”“Shrink the Targets”
The Experts Say...The Experts Say... "Enterprises that implement a vulnerability
management process will experience 90 percent fewer successful attacks than those that make an equal investment only in intrusion detection systems"
Gartner “99% of network intrusions result from exploitation of known
vulnerabilities or configuration errors where
countermeasures were available.”
Carnegie Mellon Univ.
“The Yankee Group recommends vulnerability management services for enterprises that would incur financial risk if their network or key business applications were to become unavailable due to a misconfiguration or cyberattack..”
CERT Recommends Vulnerability Assessment
Mastercard and VISA demand periodic Mastercard and VISA demand periodic VA to maintain active e-commerce VA to maintain active e-commerce
websiteswebsites
Why Subscribe to a Why Subscribe to a Vulnerability Assessment Service?Vulnerability Assessment Service?
To detect possible failures in security policies To preserve the uninterrupted operation of your business
and intangible assets To fix software failures that affect your company's
security, performance or functionality To enhance antivirus software, firewalls, IDS/IPS and
VPNs To achieve compliance with quality and management
standards such as ISO17799/27000, Sarbanes Oxley, etc
Obtain Information
VulnerabilityAssessment
Information Planning
Attack
Report and Analyze resultsClean
Pivot
Collect all the possible information about the target
Obtain administrator privileges on the attack system
Take advantages of privileges
Planning the attack
Target definition Target definition
Vulnerability Assessment
Report
YES
NO
What to probe? Attacker skill.
Vulnerability Assessment Penetration Testing
Obtain Information
Differences between a Vulnerability Differences between a Vulnerability Assessment and a Pen. TestAssessment and a Pen. Test
Source: Core
Ready?
20042001
IP360Product
2002
FoundscanService/Product
QualysScanService/Product
2003
REM/RetinaProduct
Lightning Console/Nessus
Attaka
2005
The Birth of Vulnerability Management The Birth of Vulnerability Management (agent-less)(agent-less)
Buffer Overflows Increase Sophistication
New Attack Vectors emerge
ATTAKA, a different kind of ATTAKA, a different kind of Vulnerability AssessmentVulnerability Assessment
VA with “service centric” vision Attaka allows now to integrate all the participants through
internal/external remediation, documentation and reporting workflows
They are not expensive, which allows to repeat them frequently, reinforcing the concept of "security = process", and they help carry out the complex processes to "be in compliance"
Integrates with company's Help Desk to provide greater support to clients
Gives users the possibility of interacting with their companies' security status, in a continuous and cooperative process
ATTAKA transform in “ “An integrated, collaborative and management An integrated, collaborative and management
PlatformPlatform””
ATTAKA assesses more than 15000 security vulnerabilities on network environmentsIt consists of the following modules:
Discovery: •Asset consolidation and assessment (internal and external).
Reporting: •Interactive, historical and dashboard reports with key indicators and summarized information on vulnerabilities, statistics and current infrastructure state
Remediation: •This includes documentation and workflow. Follow-up, improvement and resolution of issues are recorded in the Patch Management process (vulnerability remediation)
Support: •24/7 on-line access based on a ITIL – Help Desk that provides support
ATTAKA, a different kind of ATTAKA, a different kind of Vulnerability AssessmentVulnerability Assessment
ATTAKA is the only platform in Latin America in process of being recognized by MITRE (http://cve.mitre.org)
Segmentation for Servers and Workstations
3 flavors:Professional (Reporting)Business (Reporting + Remediation)Corporate (Reporting + Remediation + Support)
ATTAKA, a different kind of ATTAKA, a different kind of Vulnerability AssessmentVulnerability Assessment
Dashboard reportPossibility of performing remote vulnerability assessments in LAN networks (ATTAKA indoor) without complex proceduresSearches by CVE codeVulnerabilities remediation module (patch management)Performs external and internal audits under the company management supervisionSecurity news module Performance and scalabilityPossibility of assessing hundreds of IPs per report/session Integrate 24/7 on-line access based on a ITIL – Help Desk that provides supportMulti-language capability – Spanish and English
ATTAKA, key featuresATTAKA, key features
ATTAKA OutdoorATTAKA Outdoor
The Block, VA Indoor ApplianceThe Block, VA Indoor Appliance
“The BlockThe Block”, full proof appliance to deliver LAN´s Remote vulnerability Assesments
•Always up-to-date: periodically updated, including improvements and new attack patterns.•Impenetrable: can only be accessed from Openware’s Security Operation Center (SOC), and managed by authorized personnel. •Low impact: does not overload clients' network traffic or Internet links. •Flexible: can complement other security devices (firewalls) already working, or replace them providing complex functions. •Simple installation: transparent installation in front panel takes no more than 15 minutes and does not require installing agents in any server. •Integrated: it integrates with Openware’s managed security ecosystem, through monitoring and centralized platform (Blockware). •Secure: double internal Watchdog ensures high-availability. •High performance: high performance and throughput, allowing high-speed data processing without loss or bottlenecks.
ATTAKA IndoorATTAKA Indoor
ATTAKA, ScreenshotsATTAKA, Screenshots
ATTAKA, benefits for your ATTAKA, benefits for your business !business !
Reduces operating costs, minimizing TCO for vulnerability assessment and management tasks
Reduces human error and false positives, by a double checking with our security specialists and knowledge databases
Easy operation and implementation – it does not require network changes, special software or experts to make it works
Complements and adds value to firewalls, IDS and antivirus software, by detecting failures in their configuration
Speeds up security troubleshooting processes, presenting added information for a quick view the company's vulnerability state, complete details for each vulnerability ranked by risk level, and the recommended action for solving it
THANK YOU!
For further informationFor further informationhttp://www.openware.biz
ATTAKA DemoATTAKA DemoURL: https://security.openware.bizUsername: 123456789-attakaPassword: attaka414
[email protected]@openware.biz