IMEC Cybersecurity for Manufacturers Penetration Testing and Top 10

Similar documents
Fundamentals of Information Systems Security Lesson 5 Auditing, Testing, and Monitoring

CYBERSECURITY PENETRATION TESTING - INTRODUCTION

Vulnerability Assessments and Penetration Testing

Protect Your Organization from Cyber Attacks

RiskSense Attack Surface Validation for IoT Systems

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Top 20 Critical Security Controls (CSC) for Effective Cyber Defense. Christian Espinosa Alpine Security

Department of Management Services REQUEST FOR INFORMATION

Penetration Testing: How to Test What Matters Most

CyberSecurity. Penetration Testing. Penetration Testing. Contact one of our specialists for more information CYBERSECURITY SERVICE DATASHEET

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Choosing the Right Security Assessment

EC-Council - EC-Council Certified Security Analyst (ECSA) v8

Ingram Micro Cyber Security Portfolio

REGULATORY COMPLIANCE REGULATORY COMPLIANCE SERVICES. Dynamic Solutions. Superior Results.

Kaspersky Enterprise Cybersecurity. Kaspersky Security Assessment Services. #truecybersecurity

An ICS Whitepaper Choosing the Right Security Assessment

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

All the Cool Kids Are Red Teaming Should You Be Drinking the Kool-aid Too?

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Penetration Testing! The Nitty Gritty. Jeremy Conway Partner/CTO

Vulnerability Management

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

CompTIA. PT0-001 EXAM CompTIA PenTest+ Certification Exam Product: Demo. m/

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

Trustwave Managed Security Testing

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

SYNACK PCI DSS PENETRATION TESTING TECHNICAL WHITE PAPER

Cyber security reviews and the benefits MM-CS-CSR-01

FedRAMP Penetration Test Guidance. Version 1.0.1

IoT & SCADA Cyber Security Services

Cybersecurity Today Avoid Becoming a News Headline

How Breaches Really Happen

to Enhance Your Cyber Security Needs

PROFESSIONAL SERVICES (Solution Brief)

What is Penetration Testing?

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

CROWDSTRIKE FALCON FOR THE PUBLIC SECTOR

10 FOCUS AREAS FOR BREACH PREVENTION

A Passage to Penetration Testing!

CASE STUDY. How 16 Penetration Tests Missed A Vulnerability Which Could ve Cost One Company Over $103 Million In PCI Fines

Security Solutions. Overview. Business Needs

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

hidden vulnerabilities

Penetration Testing. Strengthening your security by identifying potential cyber risks

Sage Data Security Services Directory

De-risk Your Applications. SUBSCRIBE TO EVRY S SECURITY TESTING AS A SERVICE (STaaS) TODAY!

Background FAST FACTS

How Secure is Your Border? An Attack and Penetration Audit Houston IIA Annual Conference

Security. Protect your business from security threats with Pearl Technology. The Connection That Matters Most

Advanced Penetration Testing The Ultimate Penetration Testing Standard

External Supplier Control Obligations. Cyber Security

VULNERABILITY ASSESSMENT: SYSTEM AND NETWORK PENETRATION TESTING. Presented by: John O. Adeika Student ID:

Best Practices in Securing a Multicloud World

Chapter 5: Vulnerability Analysis

n Explain penetration testing concepts n Explain vulnerability scanning concepts n Reconnaissance is the first step of performing a pen test

Securing Privileged Access Securing High Value Assets Datacenter Security Information Protection Information Worker and Device Protection

EXECUTIVE REPORT ADOBE SYSTEMS, INC. COLDFUSION SECURITY ASSESSMENT

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

Are we breached? Deloitte's Cyber Threat Hunting

Security Testing. - a requirement for a secure business. ISACA DAY in SOFIA. Gabriel Mihai Tanase, Director, Cyber Services KPMG in CEE

Business continuity management and cyber resiliency

Spillemyndigheden s Certification Programme. Instructions on Penetration Testing SCP EN.1.1

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

ASSURANCE PENETRATION TESTING

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences

K12 Cybersecurity Roadmap

mhealth SECURITY: STATS AND SOLUTIONS

Matt Walker s All in One Course for the CEH Exam. Course Outline. Matt Walker s All in One Course for the CEH Exam.

What every IT professional needs to know about penetration tests

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

The Rise of the Purple Team

with Advanced Protection

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

2018 HIPAA One All Rights Reserved. Beyond HIPAA Compliance to Certification

Cyber Security Program

Building Resilience in a Digital Enterprise

A Comprehensive Guide to Remote Managed IT Security for Higher Education

Global Security Consulting Services, compliancy and risk asessment services

Information Technology General Control Review

Principles of ICT Systems and Data Security

DHS Hackers and the Lawyers Who Advise Them

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

SOLUTION BRIEF Virtual CISO

MIS Week 9 Host Hardening

EC-Council C EH. Certified Ethical Hacker. Program Brochure

A Model for Penetration Testing

CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security

EC-Council Certified Security Analyst (Practical)

ANATOMY OF AN ATTACK!

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

Addressing penetration testing and vulnerabilities, and adding verification measures

Indicate whether the statement is true or false.

Penetration testing a building automation system

Cyber Liability Preventive Services & Tools Specific & Pre-Emptive Considerations BEFORE the Inevitable Cyber Event.

Tackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud

Pass4suresVCE. Pass4sures exam vce dumps for guaranteed success with high scores

Transcription:

IMEC Cybersecurity for Manufacturers Penetration Testing and Top 10 Christian Espinosa, Alpine Security www.alpinesecurity.com 1

Objectives Learn about penetration testing Learn what to consider when selecting a penetration testing vendor www.alpinesecurity.com 2

Overview Background What is a Penetration Test? Why do a Penetration Test? Vulnerability Assessment vs Penetration Test Types of Penetration Tests Top 10 Items to Look for in a Penetration Testing Vendor www.alpinesecurity.com 3

Background Christian Espinosa, CEO, Alpine Security Air Force Red Team Veteran Extensive cybersecurity experience and pen testing with multiple industries, including: Manufacturing Energy Healthcare Finance Aerospace Alpine Security offers cybersecurity training, penetration testing, incident response, auditing, and cyberstrategy www.alpinesecurity.com 4

What is a Penetration Test ( Pentest ) An attempt to compromise the security of an organization, computer network, or computer system with full permission of the owner(s) in order to assess security posture. Automated and manual methods to mimic those of actual attackers, such as hackers Goal is to improve security posture by exposing vulnerabilities by proving they can be exploited to cause (simulate) harm www.alpinesecurity.com 5

Why do Penetration Testing? Gives you an accurate and holistic security assessment from attacker s POV System developers and defenders do not always understand how attackers exploit vulnerabilities; helps educate them in how to build better defenses Mandated by many standards: PCI DSS 3.2 Requires external and internal penetration testing at least annually Or, if a significant upgrade takes place HIPAA 45 CFR 164.308(a)(8) Requires a covered entity to conduct a periodic technical evaluation of controls NIST 800-171 Requires organization to test incident response capability Requires organization perform periodic security assessments to determine control effectiveness www.alpinesecurity.com 6

Vulnerability Assessment vs Pentest A Vulnerability Assessment: Looks for weaknesses without attempting to exploit them Is less intrusive and potentially damaging than a Pentest A Pentest exploit may rely on multiple vulnerabilities to exist in order to successfully gain access to a system A Vulnerability Assessment usually cannot detect such weaknesses www.alpinesecurity.com 7

Types of Pentests Location: Internal vs External Internal From the viewpoint of an attacker on the inside External From the viewpoint of an external attacker Knowledge / Access Level: Box Colors White Box usually has best potential to uncover the most exploitable vulnerabilities www.alpinesecurity.com 8

Types of Pentests (cont.) Web vs Wired vs Wireless Web tests one or more web servers or web applications Wired tests one or more (wired) networked systems Wireless tests one or more wireless access points from close proximity Social Engineering Phishing Campaign attempt at getting users to respond to an unsolicited malicious email, text, or other electronic communication Vishing Campaign Voice Phishing ; attempt to use the telephone to get users to violate company s security policy www.alpinesecurity.com 9

Types of Pentests (cont.) Physical Campaign attempt to physically penetrate the boundaries of an organization or trick employees into violating company s security policies Comprehensive Penetration Test Aka Red Team Uses any combination of tactics desired Most realistic Test may be part phishing, part in-person social engineering, part physical, etc. www.alpinesecurity.com 10

Sample Pentest Activities Look for holes and running services to determine if they are vulnerable to exploits Attempt to crack passwords and bypass authentication using multiple methods Attempt to access sensitive data that could be exfiltrated Attempt to maintain access by planting backdoors or creating accounts Attempt to elude detection by covering tracks; deleting log file entries, etc. www.alpinesecurity.com 11

Top 10 for Selecting a Penetration Testing Vendor 1. Uses Certified and Experienced Personnel 2. Delivers Clear Reports with Risk-Based Prioritized Recommendations 3. Performs Both Manual and Automated Testing 4. Follows a Documented Process 5. Uses a Rules of Engagement (ROE) Document for Clear Expectations 6. Communicates Clearly and Frequently 7. Demonstrates Professionalism and Respect 8. Identifies and Eliminates False Positive Findings 9. Offers Retest Options 10. Protects Your Data During and After the Test www.alpinesecurity.com 12

1. Uses Certified and Experienced Personnel Certified Penetration Testers should have appropriate penetration and cybersecurity credentials, such as: CISSP Licensed Penetration Tester (LPT) (Master) Certified Ethical Hacker (CEH) Offensive Security Certified Professional (OSCP) Experienced Should understand various network, web, operating system, and platform technologies Should understand your business Should have experience with complex environments www.alpinesecurity.com 13

2. Delivers Clear Reports with Risk-Based Prioritized Recommendations Reports should be easy to understand for both executives and technical personnel Reports should have a prioritized list of recommendations Should not just be automated output from tools, but tailored recommendations that have been validated Vendor can provide sample, redacted reports, upon request Should contain detailed steps to allow engineers to reproduce the exploit fully, including screenshots www.alpinesecurity.com 14

3. Performs for Manual and Automated Testing Automated tools generate false positives Recommendations from automated tools are not always easily understandable Vendor should have in-depth knowledge of industry-standard automated testing tools Vendor should have in-depth knowledge of manual testing methods; able to exercise web or thick client applications to look for functionality or configurations that can be abused to gain access Automated tools will not easily find these types of vulnerabilities www.alpinesecurity.com 15

4. Follows a Documented Process Documented processes ensure completeness, accuracy, and test repeatability Process should be followed pre, during, and post-engagement The vendor should use a well-defined methodology www.alpinesecurity.com 16

5. Uses a Rules of Engagement (ROE) Document for Clear Expectations Rules of Engagement (ROEs) are designed to ensure everyone is on the same page and that expectations are clear Provides clarity on test parameters Timing Escalation Procedures Systems to be Tested Scope Etc. Should consider customer sensitivity with levels of testing Ideally, testing should be conducted on test systems rather than live systems, but this is not always possible; extra care and consideration should be taken in exploiting live systems www.alpinesecurity.com 17

6. Communicates Clearly and Frequently You are never left wondering what the status of testing is Vendor communicates with you based on parameters determined in the ROE Critical findings should be communicated immediately Vendor should be able to clearly explain all mitigations that they recommend www.alpinesecurity.com 18

7. Demonstrates Professionalism and Respect Test focus should be on helping you secure your environment Vendor can provide a list of references from prior work Vendor should prove an exploit exists without spiking the football (causing excessive damage to prove a point, demonstrate prowess, or mock the client) Vendor should prove a vulnerability is exploitable in the least disruptive way possible Vendor should clean up any files or modifications they made to the systems under test www.alpinesecurity.com 19

8. Identifies and Eliminates False Positive Findings Automated tools often generate false positives Cannot always distinguish desired behavior from undesired behavior Can trigger on vulnerable code inside of comments or make inferences based on differences in timing of requests to application Vendors should recognize and remove false positives to save the customer s development and deployment team from engaging in wild-goose chases Questionable findings should be labeled A report riddles with false positives wastes time www.alpinesecurity.com 20

9. Offers Retest Options Once you remediate the findings in the penetration test report, it is critical to validate your fix actions actually worked Without a retest, vulnerabilities that were supposedly fixed, remain open for exploitation www.alpinesecurity.com 21

10. Protects Your Data During and After the Test Data on your systems, data about your systems, and vulnerability data should be protected appropriately A penetration testing report contains not only identified vulnerabilities, but how to exploit them www.alpinesecurity.com 22

Summary Background What is a Penetration Test? Why do a Penetration Test? Vulnerability Assessment vs Penetration Test Types of Penetration Tests Top 10 Items to Look for in a Penetration Testing Vendor www.alpinesecurity.com 23

Christian Espinosa christian.espinosa@alpinesecurity.com www.alpinesecurity.com www.alpinesecurity.com 24

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback