vulnerability management: how to think like a hacker to reduce risk

Vulnerability Management:

How to Think Like a Hacker to Reduce Risk

Paula Januszkiewicz CQURE: CEO, Penetration Tester / Security Expert

CQURE Academy: Trainer

MVP: Enterprise Security, MCT

Contact: paula@cqure.us | http://cqure.us

@paulacqure @CQUREAcademy

New York, Dubai, Warsaw

@paulacqure

@CQUREAcademy

Upcoming Workshops 2nd – 6th of November 2015, New York, NY – Troubleshooting and Monitoring Windows

Infrastructure

15th – 19th of February 2016, New York, NY – Hacking and Securing Windows

Infrastructure

Please Contact our office in United States and mention BeyondTrust!

info@cqure.us

Exclusive discounts for all attendees in today’s seminar.

TOP 13 TO-DO INFRASTRUCTURE SECURITY LIST

1. Offline access protection, implementation of solutions like BitLocker.

2. Implementation of the process execution prevention (AppLocker etc.)

3. Log centralization, log reviews - searching for the anomalies, certain

log error codes. Performing the regular audits of code running on the

servers (fe. Autoruns).

4. Maintenance: Backup implementation and regular updating.

5. Review of the services running on the accounts that are not built in.

Changing them to gMSAs where possible.

6. Client protection: Implementation of the anti-exploit solutions like

EMET and anti-virus solutions. Reviewing the confirmation of client-

side firewall and enabling the programs that can communicate

through the network.

1 - 6

7. Implementation of the Local Administrator password management.

8. Implementation of the Security Awareness Program among

employees and technical training for administrators.

9. Limitation of the amount of services running on the servers (SCW

and manual activities).

10. Implementation of scoping (role management) for permissions and

employee roles (SQL Admins, Server Admins etc.).

11. Network segmentation (+ IPSec Isolation, DNSSec etc.)

12. Data protection (fe. ADRMS etc.)

13. Perform periodical configuration reviews and penetration tests

(security checks)

7 - 13

Best Practices

Vulnerability Management Continuous vulnerability discovery

Context-Aware Analysis

Prioritization

Remediation and Tracking

Put of the Hacker’s Shoes External + Internal + Web Penetration tests

Configuration reviews

Prevention

13

13

BeyondTrust Overview Alex DaCosta, Retina Product Manager

14

Network Security

Scanning

Enterprise Vulnerability

Management

Dynamic Web

Application Scanning

Cloud-Based Perimeter

Scanning

Privileged Password

Management

Privilege

Management

Auditing &

Protection Active Directory Bridging

The BeyondInsight IT Risk Management Platform

EXTENSIVE

REPORTING

CENTRAL DATA

WAREHOUSE

ASSET

DISCOVERY

ASSET

PROFILING

ASSET SMART

GROUPS

USER

MANAGEMENT

WORKFLOW &

NOTIFICATION

THIRD-PARTY

INTEGRATION

Retina Vulnerability Management Solutions

PowerBroker Privileged Account Management Solutions

ADVANCED THREAT

ANALYTICS

NETWORK

INFRASTRUCTURE

MOBILE, VIRTUAL

AND CLOUD

APPLICATIONS &

DATABASES SERVERS & DESKTOPS

ACTIVE DIRECTORY,

EXCHANGE, FILE SYS.

© 2015 BeyondTrust Software

15

15

Live Demo

16

16

Poll Question

17

17

Q&A

Thank you for attending!