vulnerability management: how to think like a hacker to reduce risk
TRANSCRIPT
Vulnerability Management:
How to Think Like a Hacker to Reduce Risk
Paula Januszkiewicz CQURE: CEO, Penetration Tester / Security Expert
CQURE Academy: Trainer
MVP: Enterprise Security, MCT
Contact: [email protected] | http://cqure.us
@paulacqure @CQUREAcademy
New York, Dubai, Warsaw
@paulacqure
@CQUREAcademy
Upcoming Workshops 2nd – 6th of November 2015, New York, NY – Troubleshooting and Monitoring Windows
Infrastructure
15th – 19th of February 2016, New York, NY – Hacking and Securing Windows
Infrastructure
Please Contact our office in United States and mention BeyondTrust!
Exclusive discounts for all attendees in today’s seminar.
TOP 13 TO-DO INFRASTRUCTURE SECURITY LIST
1. Offline access protection, implementation of solutions like BitLocker.
2. Implementation of the process execution prevention (AppLocker etc.)
3. Log centralization, log reviews - searching for the anomalies, certain
log error codes. Performing the regular audits of code running on the
servers (fe. Autoruns).
4. Maintenance: Backup implementation and regular updating.
5. Review of the services running on the accounts that are not built in.
Changing them to gMSAs where possible.
6. Client protection: Implementation of the anti-exploit solutions like
EMET and anti-virus solutions. Reviewing the confirmation of client-
side firewall and enabling the programs that can communicate
through the network.
1 - 6
7. Implementation of the Local Administrator password management.
8. Implementation of the Security Awareness Program among
employees and technical training for administrators.
9. Limitation of the amount of services running on the servers (SCW
and manual activities).
10. Implementation of scoping (role management) for permissions and
employee roles (SQL Admins, Server Admins etc.).
11. Network segmentation (+ IPSec Isolation, DNSSec etc.)
12. Data protection (fe. ADRMS etc.)
13. Perform periodical configuration reviews and penetration tests
(security checks)
7 - 13
Best Practices
Vulnerability Management Continuous vulnerability discovery
Context-Aware Analysis
Prioritization
Remediation and Tracking
Put of the Hacker’s Shoes External + Internal + Web Penetration tests
Configuration reviews
Prevention
13
13
BeyondTrust Overview Alex DaCosta, Retina Product Manager
14
Network Security
Scanning
Enterprise Vulnerability
Management
Dynamic Web
Application Scanning
Cloud-Based Perimeter
Scanning
Privileged Password
Management
Privilege
Management
Auditing &
Protection Active Directory Bridging
The BeyondInsight IT Risk Management Platform
EXTENSIVE
REPORTING
CENTRAL DATA
WAREHOUSE
ASSET
DISCOVERY
ASSET
PROFILING
ASSET SMART
GROUPS
USER
MANAGEMENT
WORKFLOW &
NOTIFICATION
THIRD-PARTY
INTEGRATION
Retina Vulnerability Management Solutions
PowerBroker Privileged Account Management Solutions
ADVANCED THREAT
ANALYTICS
NETWORK
INFRASTRUCTURE
MOBILE, VIRTUAL
AND CLOUD
APPLICATIONS &
DATABASES SERVERS & DESKTOPS
ACTIVE DIRECTORY,
EXCHANGE, FILE SYS.
© 2015 BeyondTrust Software
15
15
Live Demo
16
16
Poll Question
17
17
Q&A
Thank you for attending!