SlideShare a Scribd company logo

Metricon 6 That's So Meta

Ed Bellis
Ed Bellis

That's So Meta: Gleaning Business Context In The Vulnerability Warehouse Ed Bellis, HoneyApps For years businesses have been mining and culling data warehouses to measure every layer of their business right down to the clickstream information of their web sites. These business intelligence tools have helped organizations identify points of poor product performance, highlighting areas of current and potential future demand, key performance indicators, etc. Imagine if you had a data warehouse covering all of your applications, infrastructure, logs, vulnerability assessments, incidents, financial information, and metadata. What could you do with this readily available information? In this talk, Ed will cover some of the many sources of security data publicly available and how to apply them to add context to your security data and tools to help make more intelligent decisions. Ed also points out a number of ways to repurpose information and tools your company is already using in order to glean a clearer view into your security program and the threats that may affect it.

Technology
1 of 38
That’s So Meta Metricon 6.0
Or...... The (first) 4 Stages of Security Intelligence
Nice To Meet You About Me CoFounder HoneyApps Former CISO Orbitz Contributing Author Beautiful Security CSO Magazine/Online Author HoneyApps Vulnerability Management as a Service 16 Hot Startups - eWeek 3 Startups to Watch - Information Week
Stage 1: Ignorance is Bliss
Stage 2: Where are all of my vulnerabilities? Back in my Yahoo days I performed hundreds of web application vulnerability assessments. To streamline the workload, I created an assessment methodology consisting of a few thousand security tests averaging 40 hours to complete per website. Yahoo had over 600 websites enterprise-wide. To assess the security of every website would have taken over 11 years to complete and the other challenge was these websites would change all the time which decayed the value of my reports. Jeremiah Grossman Founder, WhiteHat Security
Stage 3: Scan & Dump or... “thanks for the 1000 page report, now what?!”
Why This Occurs Lack of Communication Lack of Data Lack of Coordination Silos, Silos, Everywhere
Stage 4: A New Beginning Or...... Using What You Got!
Vulnerability Management: A Case Study Building the Warehouse WebApp Vulnerability Type: XSS Severity Threat Subtype: (persistent,reflected,etc) Asset URL/URI Confirmed? Dates Found/Opened Dates Closed Description Attack Parameters
Vulnerability Management: A Case Study Building the Warehouse WebApp Vulnerability Asset:URL Type: XSS Platform / Code Severity Web Server Version Threat Application Server Version Subtype: (persistent,reflected,etc) Database Version Asset URL/URI Confirmed? Dates Found/Opened Dates Closed Description Attack Parameters
Vulnerability Management: A Case Study Building the Warehouse WebApp Vulnerability Asset:URL Type: XSS Platform / Code Severity Web Server Version Threat Application Server Version Subtype: (persistent,reflected,etc) Database Version Asset URL/URI Confirmed? Asset:Host Dates Found/Opened Host Operating System Dates Closed Other Applications/Versions Description IP Addresses Attack Parameters Mac Address Open Services/Ports
Vulnerability Management: A Case Study WebApp Vulnerability Asset:URL Type: XSS Platform / Code Severity Web Server Version Threat Application Server Version Database Version Subtype: (persistent,reflected,etc) Asset URL/URI Asset:Host Confirmed? Dates Found/Opened Host Operating System Dates Closed Applications/Versions Other Description Addresses IP Attack Parameters Mac Address Open Services/Ports
Vulnerability Management: A Case Study Meta Data WebApp Vulnerability Asset:URL Type: XSS Platform / Code Severity Web Server Version Business Unit VERIS data Threat Application Server Version Internal IP Address Database Version Subtype: (persistent,reflected,etc) Geographic Location External IP Address Asset URL/URI Asset:Host Confirmed? Development Team Network Location Dates Found/Opened Host Operating System Ops Team Site Name Dates Closed Applications/Versions Other Compliance Regulation Description Addresses IP Security Policy Asset Group Attack Parameters Mac Address Open Services/Ports
Vulnerability Management: A Case Study Meta Data WebApp Vulnerability Asset:URL Type: XSS Platform / Code Severity Web Server Version ThreatUnit Application Server Version Business VERIS data Database Version Subtype: (persistent,reflected,etc) Internal IP Address Asset URL/URI Geographic Location External IP Address Confirmed? Asset:Host Development Team Network Location Dates Found/Opened Host Operating System Dates Closed Applications/Versions Ops Team Other Site Name Description Addresses IP Compliance Regulation Attack Parameters Mac Address Security Policy Asset Group Open Services/Ports
Vulnerability Management: A Case Study Meta Data WebApp Vulnerability Asset:URL Apply Internal Threat Data Type: XSS Platform / Code Severity Web Server Version ThreatUnit Application Server Version Business VERIS data Firewall Application Database Version Subtype: (persistent,reflected,etc) Internal IP Address Asset URL/URI Geographic Location External IP Address Confirmed? Asset:Host Development Team Network Location IDS/IPS Dates Found/Opened Host Operating System Dates Closed Applications/Versions Ops Team Other Description Addresses IP Compliance Regulation Site Name WAF Attack Parameters Mac Address Security Policy Asset Group Open Services/Ports
Vulnerability Management: A Case Study Meta Data WebApp Vulnerability Asset:URL Type: XSS Platform / Code Severity Web Server Version Apply Internal Threat Threat Unit Application Server Version Business Internal IP Address VERIS data Database Version Subtype: (persistent,reflected,etc) Asset URL/URI Geographic Location External IP Address Firew Asset:HostApplicati Confirmed? Team Development Network Location Dates Found/Opened Host Operating System Dates Team Other Applications/Versions Ops Closed Site Name IDS/ IPCompliance Regulation Description Addresses WA Asset Group Attack Parameters Security Mac Address Policy Open Services/Ports
Vulnerability Management: A Case Study Apply External Threat Data Meta Data WebApp Vulnerability Asset:URL Type: XSS Platform / Code Severity Web Server Version Apply Internal Threat Threat Unit Application Server Version Business Internal IP Address VERIS data Database Version Subtype: (persistent,reflected,etc) Asset URL/URI Geographic Location External IP Address Firew Asset:HostApplicati Confirmed? Team Development Network Location Dates Found/Opened Host Operating System Dates Team Other Applications/Versions Ops Closed Site Name IDS/ IPCompliance Regulation Description Addresses WA Asset Group Attack Parameters Security Mac Address Policy Open Services/Ports
Vulnerability Management: A Case Study Apply External Threat Data Meta Data WebApp Vulnerability Asset:URL Example Data Sources Type: XSS Platform / Code Severity Web Server Version Apply Internal Threat Threat Unit Application Server Version Business Internal IP Address VERIS data ❖DataLossDB Database Version Subtype: (persistent,reflected,etc) ❖Verizon DBIR Asset URL/URI Geographic Location External IP Address Firew Asset:HostApplicati Confirmed? Team ❖WHID Development Dates Found/Opened Host Operating System Network Location ❖Trustwave Global Security Report Dates Team Other Applications/Versions Ops Closed Site Name ❖FS-ISAC IDS/ IPCompliance Regulation Description Addresses ❖SANS ISC WA Asset Group Attack Parameters Security Mac Address ❖Veracode State of S/W Security Policy Open Services/Ports ❖ExploitDB
Vulnerability Management: A Case Study WebApp Vulnerability Asset:URL Meta Data Type: XSS Platform / Code Severity Web Server Version Threat Application Server Version Apply Internal Threat Database Version Subtype: (persistent,reflected,etc) Business Unit Internal IP Address VERIS data Asset URL/URI Asset:Host Geographic Location External IP Address Confirmed? Firew Applicati Dates Found/Opened Network Location Host Operating System Development Team Dates Closed Applications/Versions Ops TeamOther Site Name Description Compliance Regulation IP Addresses IDS/ Attack Parameters Mac Address Asset Group WA Security Policy Open Services/Ports
Vulnerability Management: A Case Study WebApp Vulnerability Asset:URL Meta Data Type: XSS Platform / Code Severity Web Server Version Remediation Statistics Threat Application Server Version Apply Internal Threat Database Version Subtype: (persistent,reflected,etc) Business Unit Internal IP Address VERIS data Asset URL/URI Internal Bug Tracking Reports Asset:Host Geographic Location External IP Address Confirmed? Firew Applicati Dates Found/Opened Network Location Host Operating System Development Team Denim Group Remediation Study Dates Closed Applications/Versions Ops TeamOther Site Name Description Compliance Regulation IP Addresses IDS/ Attack Parameters Mac Address Asset Group Build and Development Process WA Security Policy Open Services/Ports
Data Lenses: Views into the Warehouse Applying Filters To Glean Information
Data Lenses: Views into the Warehouse Applying Filters To Glean Information
Data Lenses: Views into the Warehouse Applying Filters To Glean Information
Data Lenses: Views into the Warehouse Applying Filters To Glean Information
Data Lenses: Views into the Warehouse Applying Filters To Glean Information
Data Lenses: Views into the Warehouse Applying Filters To Glean Information
Data Lenses: Views into the Warehouse Applying Filters To Glean Information
Data Lenses: Views into the Warehouse Applying Filters To Glean Information
Data Lenses: Views into the Warehouse Applying Filters To Glean Information
Data Lenses: Views into the Warehouse Applying Filters To Glean Information
Data Lenses: Views into the Warehouse Applying Filters To Glean Information
Data Lenses: Views into the Warehouse Applying Filters To Glean Information
Data Lenses: Views into the Warehouse Applying Filters To Glean Information
Data Lenses: Views into the Warehouse Applying Filters To Glean Information
The Twitter Poll
My Favorite Non-Sec Tools TeaLeaf GreenPlum Ruby Selenium
Resources Referenced Verizon DBIR http://www.verizonbusiness.com/dbir/WASC Web App Security Stats http://projects.webappsec.org/w/page/ VERIS Framework https://www2.icsalabs.com/veris/ 13246989/Web-Application-Security-Statistics Denim Group - Real Cost of S/W FS-ISAC http://www.fsisac.com/ Remediation WHID http://projects.webappsec.org/w/page/ http://www.slideshare.net/denimgroup/real-cost-of- 13246995/Web-Hacking-Incident-Database/ software-remediation SANS Internet Storm Center DataLoss DB http://datalossdb.org/ http://isc.sans.org/ TrustWave Global Security Report XForce http://xforce.iss.net/ https://www.trustwave.com/GSR Veracode SOSS http://www.veracode.com/ images/pdf/soss/veracode-state-of-software- ExploitDB security-report-volume2.pdf http://www.exploit-db.com/
Q&A follow us the blog http://blog.honeyapps.com/ twitter @risk_io @ebellis

Recommended

SecTor - The Search For Intelligent Life
SecTor - The Search For Intelligent LifeSecTor - The Search For Intelligent Life
SecTor - The Search For Intelligent LifeEd Bellis
 
Bay threat2011
Bay threat2011Bay threat2011
Bay threat2011Ed Bellis
 
t r
t rt r
t relectronicmingle01
 
Secure SDLC for Software
Secure SDLC for Software Secure SDLC for Software
Secure SDLC for Software Shreeraj Shah
 
Web application penetration testing
Web application penetration testingWeb application penetration testing
Web application penetration testingImaginea
 
Axoss Web Application Penetration Testing Services
Axoss Web Application Penetration Testing ServicesAxoss Web Application Penetration Testing Services
Axoss Web Application Penetration Testing ServicesBulent Buyukkahraman
 
Security in the cloud protecting your cloud apps
Security in the cloud protecting your cloud appsSecurity in the cloud protecting your cloud apps
Security in the cloud protecting your cloud appsCenzic
 
Web Application Security 101
Web Application Security 101Web Application Security 101
Web Application Security 101Cybersecurity Education and Research Centre
 

Recommended

SecTor - The Search For Intelligent Life
SecTor - The Search For Intelligent LifeSecTor - The Search For Intelligent Life
SecTor - The Search For Intelligent LifeEd Bellis
 
Bay threat2011
Bay threat2011Bay threat2011
Bay threat2011Ed Bellis
 
t r
t rt r
t relectronicmingle01
 
Secure SDLC for Software
Secure SDLC for Software Secure SDLC for Software
Secure SDLC for Software Shreeraj Shah
 
Web application penetration testing
Web application penetration testingWeb application penetration testing
Web application penetration testingImaginea
 
Axoss Web Application Penetration Testing Services
Axoss Web Application Penetration Testing ServicesAxoss Web Application Penetration Testing Services
Axoss Web Application Penetration Testing ServicesBulent Buyukkahraman
 
Security in the cloud protecting your cloud apps
Security in the cloud protecting your cloud appsSecurity in the cloud protecting your cloud apps
Security in the cloud protecting your cloud appsCenzic
 
Web Application Security 101
Web Application Security 101Web Application Security 101
Web Application Security 101Cybersecurity Education and Research Centre
 
PASTA: Risk-centric Threat Modeling
PASTA: Risk-centric Threat ModelingPASTA: Risk-centric Threat Modeling
PASTA: Risk-centric Threat ModelingCraig Walker, CISSP
 
Layer 7 Technologies: Web Services Hacking And Hardening
Layer 7 Technologies: Web Services Hacking And HardeningLayer 7 Technologies: Web Services Hacking And Hardening
Layer 7 Technologies: Web Services Hacking And HardeningCA API Management
 
Antigen tdm
Antigen tdmAntigen tdm
Antigen tdmZiemek Borowski
 
Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Vaibhav Gupta
 
Owasp top 10
Owasp top 10Owasp top 10
Owasp top 10Aravindharamanan S
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the CloudAlert Logic
 
Scared Straight: Mitigating OWASP Top 10 with PHP
Scared Straight: Mitigating OWASP Top 10 with PHPScared Straight: Mitigating OWASP Top 10 with PHP
Scared Straight: Mitigating OWASP Top 10 with PHPJohn Kary
 
Owasp top 10 web application security risks 2017
Owasp top 10 web application security risks 2017Owasp top 10 web application security risks 2017
Owasp top 10 web application security risks 2017Sampath Bhargav Pinnam
 
Nebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi VerzeNebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi VerzeTUESDAY Business Network
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017TriNimbus
 
Cloud Security
Cloud Security Cloud Security
Cloud Security Giovanni Mazzeo
 
Owasp top 10 security threats
Owasp top 10 security threatsOwasp top 10 security threats
Owasp top 10 security threatsVishal Kumar
 
Injecting Security into Web apps at Runtime Whitepaper
Injecting Security into Web apps at Runtime WhitepaperInjecting Security into Web apps at Runtime Whitepaper
Injecting Security into Web apps at Runtime WhitepaperAjin Abraham
 
Layer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml FirewallLayer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml FirewallCA API Management
 
Mobile security chess board - attacks & defense
Mobile security chess board - attacks & defenseMobile security chess board - attacks & defense
Mobile security chess board - attacks & defenseBlueinfy Solutions
 
Microsoft Forefront - Protection 2010 for Exchange Server Datasheet
Microsoft Forefront - Protection 2010 for Exchange Server DatasheetMicrosoft Forefront - Protection 2010 for Exchange Server Datasheet
Microsoft Forefront - Protection 2010 for Exchange Server DatasheetMicrosoft Private Cloud
 
Microsoft Forefront - Security for Communications Server Datasheet
Microsoft Forefront - Security for Communications Server DatasheetMicrosoft Forefront - Security for Communications Server Datasheet
Microsoft Forefront - Security for Communications Server DatasheetMicrosoft Private Cloud
 
Attques web
Attques webAttques web
Attques webTarek MOHAMED
 
Pentesting web applications
Pentesting web applicationsPentesting web applications
Pentesting web applicationsSatish b
 
Mobile security services 2012
Mobile security services 2012Mobile security services 2012
Mobile security services 2012Tjylen Veselyj
 
Prevención de caídas en pacientes ingresados
Prevención de caídas en pacientes ingresadosPrevención de caídas en pacientes ingresados
Prevención de caídas en pacientes ingresadosPlan de Calidad para el SNS
 
Prevención de Caídas.-
Prevención de Caídas.-Prevención de Caídas.-
Prevención de Caídas.-RockAnDora
 

More Related Content

What's hot

PASTA: Risk-centric Threat Modeling
PASTA: Risk-centric Threat ModelingPASTA: Risk-centric Threat Modeling
PASTA: Risk-centric Threat ModelingCraig Walker, CISSP
 
Layer 7 Technologies: Web Services Hacking And Hardening
Layer 7 Technologies: Web Services Hacking And HardeningLayer 7 Technologies: Web Services Hacking And Hardening
Layer 7 Technologies: Web Services Hacking And HardeningCA API Management
 
Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Vaibhav Gupta
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the CloudAlert Logic
 
Scared Straight: Mitigating OWASP Top 10 with PHP
Scared Straight: Mitigating OWASP Top 10 with PHPScared Straight: Mitigating OWASP Top 10 with PHP
Scared Straight: Mitigating OWASP Top 10 with PHPJohn Kary
 
Owasp top 10 web application security risks 2017
Owasp top 10 web application security risks 2017Owasp top 10 web application security risks 2017
Owasp top 10 web application security risks 2017Sampath Bhargav Pinnam
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017TriNimbus
 
Owasp top 10 security threats
Owasp top 10 security threatsOwasp top 10 security threats
Owasp top 10 security threatsVishal Kumar
 
Injecting Security into Web apps at Runtime Whitepaper
Injecting Security into Web apps at Runtime WhitepaperInjecting Security into Web apps at Runtime Whitepaper
Injecting Security into Web apps at Runtime WhitepaperAjin Abraham
 
Layer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml FirewallLayer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml FirewallCA API Management
 
Mobile security chess board - attacks & defense
Mobile security chess board - attacks & defenseMobile security chess board - attacks & defense
Mobile security chess board - attacks & defenseBlueinfy Solutions
 
Microsoft Forefront - Protection 2010 for Exchange Server Datasheet
Microsoft Forefront - Protection 2010 for Exchange Server DatasheetMicrosoft Forefront - Protection 2010 for Exchange Server Datasheet
Microsoft Forefront - Protection 2010 for Exchange Server DatasheetMicrosoft Private Cloud
 
Microsoft Forefront - Security for Communications Server Datasheet
Microsoft Forefront - Security for Communications Server DatasheetMicrosoft Forefront - Security for Communications Server Datasheet
Microsoft Forefront - Security for Communications Server DatasheetMicrosoft Private Cloud
 
Pentesting web applications
Pentesting web applicationsPentesting web applications
Pentesting web applicationsSatish b
 
Mobile security services 2012
Mobile security services 2012Mobile security services 2012
Mobile security services 2012Tjylen Veselyj
 

What's hot (20)

PASTA: Risk-centric Threat Modeling
PASTA: Risk-centric Threat ModelingPASTA: Risk-centric Threat Modeling
PASTA: Risk-centric Threat Modeling
 
Layer 7 Technologies: Web Services Hacking And Hardening
Layer 7 Technologies: Web Services Hacking And HardeningLayer 7 Technologies: Web Services Hacking And Hardening
Layer 7 Technologies: Web Services Hacking And Hardening
 
Antigen tdm
Antigen tdmAntigen tdm
Antigen tdm
 
Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007
 
Owasp top 10
Owasp top 10Owasp top 10
Owasp top 10
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
 
Scared Straight: Mitigating OWASP Top 10 with PHP
Scared Straight: Mitigating OWASP Top 10 with PHPScared Straight: Mitigating OWASP Top 10 with PHP
Scared Straight: Mitigating OWASP Top 10 with PHP
 
Owasp top 10 web application security risks 2017
Owasp top 10 web application security risks 2017Owasp top 10 web application security risks 2017
Owasp top 10 web application security risks 2017
 
Nebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi VerzeNebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi Verze
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
 
Cloud Security
Cloud Security Cloud Security
Cloud Security
 
Owasp top 10 security threats
Owasp top 10 security threatsOwasp top 10 security threats
Owasp top 10 security threats
 
Injecting Security into Web apps at Runtime Whitepaper
Injecting Security into Web apps at Runtime WhitepaperInjecting Security into Web apps at Runtime Whitepaper
Injecting Security into Web apps at Runtime Whitepaper
 
Layer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml FirewallLayer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml Firewall
 
Mobile security chess board - attacks & defense
Mobile security chess board - attacks & defenseMobile security chess board - attacks & defense
Mobile security chess board - attacks & defense
 
Microsoft Forefront - Protection 2010 for Exchange Server Datasheet
Microsoft Forefront - Protection 2010 for Exchange Server DatasheetMicrosoft Forefront - Protection 2010 for Exchange Server Datasheet
Microsoft Forefront - Protection 2010 for Exchange Server Datasheet
 
Microsoft Forefront - Security for Communications Server Datasheet
Microsoft Forefront - Security for Communications Server DatasheetMicrosoft Forefront - Security for Communications Server Datasheet
Microsoft Forefront - Security for Communications Server Datasheet
 
Attques web
Attques webAttques web
Attques web
 
Pentesting web applications
Pentesting web applicationsPentesting web applications
Pentesting web applications
 
Mobile security services 2012
Mobile security services 2012Mobile security services 2012
Mobile security services 2012
 

Viewers also liked

Prevención de Caídas.-
Prevención de Caídas.-Prevención de Caídas.-
Prevención de Caídas.-RockAnDora
 
Prevención de caídas en pacientes hospitalizados
Prevención de caídas en pacientes hospitalizadosPrevención de caídas en pacientes hospitalizados
Prevención de caídas en pacientes hospitalizadosKarina Reyes Lugo
 
Prevención de Caídas en pacientes Hospitalizados
Prevención de Caídas en pacientes HospitalizadosPrevención de Caídas en pacientes Hospitalizados
Prevención de Caídas en pacientes HospitalizadosFer Campaña
 
Prevención de caídas en pacientes hospitalizados - CICAT-SALUD
Prevención de caídas en pacientes hospitalizados - CICAT-SALUDPrevención de caídas en pacientes hospitalizados - CICAT-SALUD
Prevención de caídas en pacientes hospitalizados - CICAT-SALUDCICAT SALUD
 

Viewers also liked (6)

Prevención de caídas en pacientes ingresados
Prevención de caídas en pacientes ingresadosPrevención de caídas en pacientes ingresados
Prevención de caídas en pacientes ingresados
 
Prevención de Caídas.-
Prevención de Caídas.-Prevención de Caídas.-
Prevención de Caídas.-
 
Prevención de caídas en pacientes hospitalizados
Prevención de caídas en pacientes hospitalizadosPrevención de caídas en pacientes hospitalizados
Prevención de caídas en pacientes hospitalizados
 
Prevención de Caídas en pacientes Hospitalizados
Prevención de Caídas en pacientes HospitalizadosPrevención de Caídas en pacientes Hospitalizados
Prevención de Caídas en pacientes Hospitalizados
 
Prevención de caídas en pacientes hospitalizados - CICAT-SALUD
Prevención de caídas en pacientes hospitalizados - CICAT-SALUDPrevención de caídas en pacientes hospitalizados - CICAT-SALUD
Prevención de caídas en pacientes hospitalizados - CICAT-SALUD
 
Prevención y actuación ante el riesgo de caídas
Prevención y actuación ante el riesgo de caídasPrevención y actuación ante el riesgo de caídas
Prevención y actuación ante el riesgo de caídas
 

Similar to Metricon 6 That's So Meta

Redefining siem to real time security intelligence
Redefining siem to real time security intelligenceRedefining siem to real time security intelligence
Redefining siem to real time security intelligenceBrendaly Marcano
 
Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...
Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...
Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...NetworkCollaborators
 
Web 2.0 Hacking
Web 2.0 HackingWeb 2.0 Hacking
Web 2.0 Hackingblake101
 
Evaluating Network and Security Devices
Evaluating Network and Security DevicesEvaluating Network and Security Devices
Evaluating Network and Security Devicesponealmickelson
 
Stuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learnedStuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learnedYury Chemerkin
 
Week Topic Code Access vs Event Based.pptx
Week Topic Code Access vs Event Based.pptxWeek Topic Code Access vs Event Based.pptx
Week Topic Code Access vs Event Based.pptxArjayBalberan1
 
OWASP App Sec US - 2010
OWASP App Sec US - 2010OWASP App Sec US - 2010
OWASP App Sec US - 2010Aditya K Sood
 
Threat management lifecycle in ottica GDPR
Threat management lifecycle in ottica GDPRThreat management lifecycle in ottica GDPR
Threat management lifecycle in ottica GDPRJürgen Ambrosi
 
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...Michael Noel
 
Building & Leveraging White Database for Antivirus Testing
Building & Leveraging White Database for Antivirus TestingBuilding & Leveraging White Database for Antivirus Testing
Building & Leveraging White Database for Antivirus Testingfrisksoftware
 
Open Source Security
Open Source SecurityOpen Source Security
Open Source SecuritySander Temme
 
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers Tom Eston
 
Mobile Application Pentest [Fast-Track]
Mobile Application Pentest [Fast-Track]Mobile Application Pentest [Fast-Track]
Mobile Application Pentest [Fast-Track]Prathan Phongthiproek
 
A great api is hard to find
A great api is hard to findA great api is hard to find
A great api is hard to findDan Diephouse
 

Similar to Metricon 6 That's So Meta (20)

Redefining siem to real time security intelligence
Redefining siem to real time security intelligenceRedefining siem to real time security intelligence
Redefining siem to real time security intelligence
 
Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...
Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...
Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...
 
Web 2.0 Hacking
Web 2.0 HackingWeb 2.0 Hacking
Web 2.0 Hacking
 
Evaluating Network and Security Devices
Evaluating Network and Security DevicesEvaluating Network and Security Devices
Evaluating Network and Security Devices
 
Stuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learnedStuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learned
 
Week Topic Code Access vs Event Based.pptx
Week Topic Code Access vs Event Based.pptxWeek Topic Code Access vs Event Based.pptx
Week Topic Code Access vs Event Based.pptx
 
OWASP App Sec US - 2010
OWASP App Sec US - 2010OWASP App Sec US - 2010
OWASP App Sec US - 2010
 
Threat management lifecycle in ottica GDPR
Threat management lifecycle in ottica GDPRThreat management lifecycle in ottica GDPR
Threat management lifecycle in ottica GDPR
 
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
 
Building & Leveraging White Database for Antivirus Testing
Building & Leveraging White Database for Antivirus TestingBuilding & Leveraging White Database for Antivirus Testing
Building & Leveraging White Database for Antivirus Testing
 
Open Source Security
Open Source SecurityOpen Source Security
Open Source Security
 
Novinky F5
Novinky F5Novinky F5
Novinky F5
 
Advanced Threat Protection
Advanced Threat ProtectionAdvanced Threat Protection
Advanced Threat Protection
 
Lan & Wan
Lan & WanLan & Wan
Lan & Wan
 
Lan & Wan
Lan & WanLan & Wan
Lan & Wan
 
ATP
ATPATP
ATP
 
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
 
Mobile Application Pentest [Fast-Track]
Mobile Application Pentest [Fast-Track]Mobile Application Pentest [Fast-Track]
Mobile Application Pentest [Fast-Track]
 
A great api is hard to find
A great api is hard to findA great api is hard to find
A great api is hard to find
 
Pentesting Android Apps
Pentesting Android AppsPentesting Android Apps
Pentesting Android Apps
 

More from Ed Bellis

Risk Management Metrics That Matter
Risk Management Metrics That MatterRisk Management Metrics That Matter
Risk Management Metrics That MatterEd Bellis
 
Amateur Hour: Why APTs Are The Least Of Your Worries
Amateur Hour: Why APTs Are The Least Of Your WorriesAmateur Hour: Why APTs Are The Least Of Your Worries
Amateur Hour: Why APTs Are The Least Of Your WorriesEd Bellis
 
Security as Code: DOES15
Security as Code: DOES15Security as Code: DOES15
Security as Code: DOES15Ed Bellis
 
Security as Code
Security as CodeSecurity as Code
Security as CodeEd Bellis
 
BSidesSF 2014 Fix What Matters:Why CVSS Sucks
BSidesSF 2014 Fix What Matters:Why CVSS SucksBSidesSF 2014 Fix What Matters:Why CVSS Sucks
BSidesSF 2014 Fix What Matters:Why CVSS SucksEd Bellis
 
Reading the Security Tea Leaves
Reading the Security Tea LeavesReading the Security Tea Leaves
Reading the Security Tea LeavesEd Bellis
 
Fix What Matters
Fix What MattersFix What Matters
Fix What MattersEd Bellis
 
BSidesLV Vulnerability & Exploit Trends
BSidesLV Vulnerability & Exploit TrendsBSidesLV Vulnerability & Exploit Trends
BSidesLV Vulnerability & Exploit TrendsEd Bellis
 
Palmer Symposium
Palmer SymposiumPalmer Symposium
Palmer SymposiumEd Bellis
 
BSides SF Security Mendoza Line
BSides SF Security Mendoza LineBSides SF Security Mendoza Line
BSides SF Security Mendoza LineEd Bellis
 
SecTor 2012 The Security Mendoza Line
SecTor 2012 The Security Mendoza LineSecTor 2012 The Security Mendoza Line
SecTor 2012 The Security Mendoza LineEd Bellis
 
An Economic Approach to Info Security
An Economic Approach to Info SecurityAn Economic Approach to Info Security
An Economic Approach to Info SecurityEd Bellis
 

More from Ed Bellis (12)

Risk Management Metrics That Matter
Risk Management Metrics That MatterRisk Management Metrics That Matter
Risk Management Metrics That Matter
 
Amateur Hour: Why APTs Are The Least Of Your Worries
Amateur Hour: Why APTs Are The Least Of Your WorriesAmateur Hour: Why APTs Are The Least Of Your Worries
Amateur Hour: Why APTs Are The Least Of Your Worries
 
Security as Code: DOES15
Security as Code: DOES15Security as Code: DOES15
Security as Code: DOES15
 
Security as Code
Security as CodeSecurity as Code
Security as Code
 
BSidesSF 2014 Fix What Matters:Why CVSS Sucks
BSidesSF 2014 Fix What Matters:Why CVSS SucksBSidesSF 2014 Fix What Matters:Why CVSS Sucks
BSidesSF 2014 Fix What Matters:Why CVSS Sucks
 
Reading the Security Tea Leaves
Reading the Security Tea LeavesReading the Security Tea Leaves
Reading the Security Tea Leaves
 
Fix What Matters
Fix What MattersFix What Matters
Fix What Matters
 
BSidesLV Vulnerability & Exploit Trends
BSidesLV Vulnerability & Exploit TrendsBSidesLV Vulnerability & Exploit Trends
BSidesLV Vulnerability & Exploit Trends
 
Palmer Symposium
Palmer SymposiumPalmer Symposium
Palmer Symposium
 
BSides SF Security Mendoza Line
BSides SF Security Mendoza LineBSides SF Security Mendoza Line
BSides SF Security Mendoza Line
 
SecTor 2012 The Security Mendoza Line
SecTor 2012 The Security Mendoza LineSecTor 2012 The Security Mendoza Line
SecTor 2012 The Security Mendoza Line
 
An Economic Approach to Info Security
An Economic Approach to Info SecurityAn Economic Approach to Info Security
An Economic Approach to Info Security
 

Recently uploaded

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 

Recently uploaded (20)

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 

Metricon 6 That's So Meta

  • 1. That’s So Meta Metricon 6.0
  • 2. Or...... The (first) 4 Stages of Security Intelligence
  • 3. Nice To Meet You About Me CoFounder HoneyApps Former CISO Orbitz Contributing Author Beautiful Security CSO Magazine/Online Author HoneyApps Vulnerability Management as a Service 16 Hot Startups - eWeek 3 Startups to Watch - Information Week
  • 5. Stage 2: Where are all of my vulnerabilities? Back in my Yahoo days I performed hundreds of web application vulnerability assessments. To streamline the workload, I created an assessment methodology consisting of a few thousand security tests averaging 40 hours to complete per website. Yahoo had over 600 websites enterprise-wide. To assess the security of every website would have taken over 11 years to complete and the other challenge was these websites would change all the time which decayed the value of my reports. Jeremiah Grossman Founder, WhiteHat Security
  • 6. Stage 3: Scan & Dump or... “thanks for the 1000 page report, now what?!”
  • 7. Why This Occurs Lack of Communication Lack of Data Lack of Coordination Silos, Silos, Everywhere
  • 8. Stage 4: A New Beginning Or...... Using What You Got!
  • 9. Vulnerability Management: A Case Study Building the Warehouse WebApp Vulnerability Type: XSS Severity Threat Subtype: (persistent,reflected,etc) Asset URL/URI Confirmed? Dates Found/Opened Dates Closed Description Attack Parameters
  • 10. Vulnerability Management: A Case Study Building the Warehouse WebApp Vulnerability Asset:URL Type: XSS Platform / Code Severity Web Server Version Threat Application Server Version Subtype: (persistent,reflected,etc) Database Version Asset URL/URI Confirmed? Dates Found/Opened Dates Closed Description Attack Parameters
  • 11. Vulnerability Management: A Case Study Building the Warehouse WebApp Vulnerability Asset:URL Type: XSS Platform / Code Severity Web Server Version Threat Application Server Version Subtype: (persistent,reflected,etc) Database Version Asset URL/URI Confirmed? Asset:Host Dates Found/Opened Host Operating System Dates Closed Other Applications/Versions Description IP Addresses Attack Parameters Mac Address Open Services/Ports
  • 12. Vulnerability Management: A Case Study WebApp Vulnerability Asset:URL Type: XSS Platform / Code Severity Web Server Version Threat Application Server Version Database Version Subtype: (persistent,reflected,etc) Asset URL/URI Asset:Host Confirmed? Dates Found/Opened Host Operating System Dates Closed Applications/Versions Other Description Addresses IP Attack Parameters Mac Address Open Services/Ports
  • 13. Vulnerability Management: A Case Study Meta Data WebApp Vulnerability Asset:URL Type: XSS Platform / Code Severity Web Server Version Business Unit VERIS data Threat Application Server Version Internal IP Address Database Version Subtype: (persistent,reflected,etc) Geographic Location External IP Address Asset URL/URI Asset:Host Confirmed? Development Team Network Location Dates Found/Opened Host Operating System Ops Team Site Name Dates Closed Applications/Versions Other Compliance Regulation Description Addresses IP Security Policy Asset Group Attack Parameters Mac Address Open Services/Ports
  • 14. Vulnerability Management: A Case Study Meta Data WebApp Vulnerability Asset:URL Type: XSS Platform / Code Severity Web Server Version ThreatUnit Application Server Version Business VERIS data Database Version Subtype: (persistent,reflected,etc) Internal IP Address Asset URL/URI Geographic Location External IP Address Confirmed? Asset:Host Development Team Network Location Dates Found/Opened Host Operating System Dates Closed Applications/Versions Ops Team Other Site Name Description Addresses IP Compliance Regulation Attack Parameters Mac Address Security Policy Asset Group Open Services/Ports
  • 15. Vulnerability Management: A Case Study Meta Data WebApp Vulnerability Asset:URL Apply Internal Threat Data Type: XSS Platform / Code Severity Web Server Version ThreatUnit Application Server Version Business VERIS data Firewall Application Database Version Subtype: (persistent,reflected,etc) Internal IP Address Asset URL/URI Geographic Location External IP Address Confirmed? Asset:Host Development Team Network Location IDS/IPS Dates Found/Opened Host Operating System Dates Closed Applications/Versions Ops Team Other Description Addresses IP Compliance Regulation Site Name WAF Attack Parameters Mac Address Security Policy Asset Group Open Services/Ports
  • 16. Vulnerability Management: A Case Study Meta Data WebApp Vulnerability Asset:URL Type: XSS Platform / Code Severity Web Server Version Apply Internal Threat Threat Unit Application Server Version Business Internal IP Address VERIS data Database Version Subtype: (persistent,reflected,etc) Asset URL/URI Geographic Location External IP Address Firew Asset:HostApplicati Confirmed? Team Development Network Location Dates Found/Opened Host Operating System Dates Team Other Applications/Versions Ops Closed Site Name IDS/ IPCompliance Regulation Description Addresses WA Asset Group Attack Parameters Security Mac Address Policy Open Services/Ports
  • 17. Vulnerability Management: A Case Study Apply External Threat Data Meta Data WebApp Vulnerability Asset:URL Type: XSS Platform / Code Severity Web Server Version Apply Internal Threat Threat Unit Application Server Version Business Internal IP Address VERIS data Database Version Subtype: (persistent,reflected,etc) Asset URL/URI Geographic Location External IP Address Firew Asset:HostApplicati Confirmed? Team Development Network Location Dates Found/Opened Host Operating System Dates Team Other Applications/Versions Ops Closed Site Name IDS/ IPCompliance Regulation Description Addresses WA Asset Group Attack Parameters Security Mac Address Policy Open Services/Ports
  • 18. Vulnerability Management: A Case Study Apply External Threat Data Meta Data WebApp Vulnerability Asset:URL Example Data Sources Type: XSS Platform / Code Severity Web Server Version Apply Internal Threat Threat Unit Application Server Version Business Internal IP Address VERIS data ❖DataLossDB Database Version Subtype: (persistent,reflected,etc) ❖Verizon DBIR Asset URL/URI Geographic Location External IP Address Firew Asset:HostApplicati Confirmed? Team ❖WHID Development Dates Found/Opened Host Operating System Network Location ❖Trustwave Global Security Report Dates Team Other Applications/Versions Ops Closed Site Name ❖FS-ISAC IDS/ IPCompliance Regulation Description Addresses ❖SANS ISC WA Asset Group Attack Parameters Security Mac Address ❖Veracode State of S/W Security Policy Open Services/Ports ❖ExploitDB
  • 19. Vulnerability Management: A Case Study WebApp Vulnerability Asset:URL Meta Data Type: XSS Platform / Code Severity Web Server Version Threat Application Server Version Apply Internal Threat Database Version Subtype: (persistent,reflected,etc) Business Unit Internal IP Address VERIS data Asset URL/URI Asset:Host Geographic Location External IP Address Confirmed? Firew Applicati Dates Found/Opened Network Location Host Operating System Development Team Dates Closed Applications/Versions Ops TeamOther Site Name Description Compliance Regulation IP Addresses IDS/ Attack Parameters Mac Address Asset Group WA Security Policy Open Services/Ports
  • 20. Vulnerability Management: A Case Study WebApp Vulnerability Asset:URL Meta Data Type: XSS Platform / Code Severity Web Server Version Remediation Statistics Threat Application Server Version Apply Internal Threat Database Version Subtype: (persistent,reflected,etc) Business Unit Internal IP Address VERIS data Asset URL/URI Internal Bug Tracking Reports Asset:Host Geographic Location External IP Address Confirmed? Firew Applicati Dates Found/Opened Network Location Host Operating System Development Team Denim Group Remediation Study Dates Closed Applications/Versions Ops TeamOther Site Name Description Compliance Regulation IP Addresses IDS/ Attack Parameters Mac Address Asset Group Build and Development Process WA Security Policy Open Services/Ports
  • 21. Data Lenses: Views into the Warehouse Applying Filters To Glean Information
  • 22. Data Lenses: Views into the Warehouse Applying Filters To Glean Information
  • 23. Data Lenses: Views into the Warehouse Applying Filters To Glean Information
  • 24. Data Lenses: Views into the Warehouse Applying Filters To Glean Information
  • 25. Data Lenses: Views into the Warehouse Applying Filters To Glean Information
  • 26. Data Lenses: Views into the Warehouse Applying Filters To Glean Information
  • 27. Data Lenses: Views into the Warehouse Applying Filters To Glean Information
  • 28. Data Lenses: Views into the Warehouse Applying Filters To Glean Information
  • 29. Data Lenses: Views into the Warehouse Applying Filters To Glean Information
  • 30. Data Lenses: Views into the Warehouse Applying Filters To Glean Information
  • 31. Data Lenses: Views into the Warehouse Applying Filters To Glean Information
  • 32. Data Lenses: Views into the Warehouse Applying Filters To Glean Information
  • 33. Data Lenses: Views into the Warehouse Applying Filters To Glean Information
  • 34. Data Lenses: Views into the Warehouse Applying Filters To Glean Information
  • 36. My Favorite Non-Sec Tools TeaLeaf GreenPlum Ruby Selenium
  • 37. Resources Referenced Verizon DBIR http://www.verizonbusiness.com/dbir/WASC Web App Security Stats http://projects.webappsec.org/w/page/ VERIS Framework https://www2.icsalabs.com/veris/ 13246989/Web-Application-Security-Statistics Denim Group - Real Cost of S/W FS-ISAC http://www.fsisac.com/ Remediation WHID http://projects.webappsec.org/w/page/ http://www.slideshare.net/denimgroup/real-cost-of- 13246995/Web-Hacking-Incident-Database/ software-remediation SANS Internet Storm Center DataLoss DB http://datalossdb.org/ http://isc.sans.org/ TrustWave Global Security Report XForce http://xforce.iss.net/ https://www.trustwave.com/GSR Veracode SOSS http://www.veracode.com/ images/pdf/soss/veracode-state-of-software- ExploitDB security-report-volume2.pdf http://www.exploit-db.com/
  • 38. Q&A follow us the blog http://blog.honeyapps.com/ twitter @risk_io @ebellis

Editor's Notes

  1. \n
  2. \n
  3. \n
  4. \n
  5. \n
  6. \n
  7. \n
  8. \n
  9. \n
  10. \n
  11. \n
  12. \n
  13. \n
  14. \n
  15. Time to Fix by team, by class, by severity, by biz unit,etc,etc\nSDLC - Build Schedule - testing process - etc,etc\nTech Remediation Stats from Denim Report - factor in bug tracking reports & build/dev process\n
  16. \n
  17. \n
  18. \n
  19. \n
  20. \n
  21. \n
  22. \n
  23. \n
  24. \n
  25. \n
  26. \n
  27. \n
  28. \n
  29. \n
  30. \n
  31. \n
  32. \n