Attaka Managed VA Eng V2


Published on

Attaka presentation. A great framework to use with Nessus reports

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Attaka Managed VA Eng V2

    1. 1. ATTAKA Vulnerability Assessment and Management Platform
    2. 2. <ul><ul><li>It is a process for the identification of networks and devices vulnerabilities, performed before intruders may exploit such security flaws </li></ul></ul><ul><ul><li>It is a process to detect possible flaws in security policies </li></ul></ul><ul><ul><li>Its result must prove whether the network security complies with the established policies. </li></ul></ul>What is a Vulnerability Assessment? (VA)
    3. 3. <ul><ul><li>Half Life The half-life identifies the length of time it takes users to patch half of their systems, reducing their exposures </li></ul></ul><ul><ul><li>Prevalence 50 percent of the most prevalent and critical vulnerabilities are replaced by new vulnerabilities on an annual basis </li></ul></ul><ul><ul><li>Persistence Some of critical vulnerabilities remain persistent and their lifespan is unlimited </li></ul></ul><ul><ul><li>Exploitation Automated attacks create 85 percent of their damage within the first fifteen days from the outbreak and have an unlimited life time </li></ul></ul>The 4 Laws of Vulnerabilities
    4. 4. Creating a Balanced Security Ecosystem End Point Intelligence Topology Intelligence Threat Intelligence Regulations/ Policies Access Controls Traffic Inspection Blocking Alerting Forensics Proactive Reactive Light Spending Heavy Spending “ Current enterprise security spending tends to be focused on reactive technologies more than proactive technologies” – Amrit Williams, Gartner Threat Feeds Configuration Management Vulnerability Management Network Discovery IPS Firewall Anti-Virus IDS SIM/SEM Identification/ Authentication PKI Incident Response Compliance Systems NAC Asset Intelligence & Risk Reduction Blocking & Event Mgmt. “ Stop the Bullets” “ Shrink the Targets”
    5. 5. &quot;Enterprises that implement a vulnerability management process will experience 90 percent fewer successful attacks than those that make an equal investment only in intrusion detection systems&quot; Gartner “ 99% of network intrusions result from exploitation of known vulnerabilities or configuration errors where countermeasures were available.” Carnegie Mellon Univ. “ The Yankee Group recommends vulnerability management services for enterprises that would incur financial risk if their network or key business applications were to become unavailable due to a misconfiguration or cyberattack..” CERT Recommends Vulnerability Assessment Mastercard and VISA demand periodic VA to maintain active e-commerce websites The Experts Say...
    6. 6. <ul><li>To detect possible failures in security policies </li></ul><ul><li>To preserve the uninterrupted operation of your business and intangible assets </li></ul><ul><li>To fix software failures that affect your company's security, performance or functionality </li></ul><ul><li>To enhance antivirus software, firewalls, IDS/IPS and VPNs </li></ul><ul><li>To achieve compliance with quality and management standards such as ISO17799/27000, Sarbanes Oxley, etc </li></ul>Why Subscribe to a Vulnerability Assessment Service?
    7. 7. Collect all the possible information about the target Obtain administrator privileges on the attack system Take advantages of privileges Planning the attack YES NO Vulnerability Assessment Penetration Testing Differences between a Vulnerability Assessment and a Pen. Test Source: Core Obtain Information Vulnerability Assessment Information Planning Attack Report and Analyze results Clean Pivot Target definition Target definition Vulnerability Assessment Report What to probe? Attacker skill. Obtain Information Ready?
    8. 8. 2004 Lightning Console/Nessus Attaka 2005 The Birth of Vulnerability Management (agent-less) Buffer Overflows Increase Sophistication New Attack Vectors emerge 2001 IP360 Product 2002 Foundscan Service/Product QualysScan Service/Product 2003 REM/Retina Product
    9. 9. <ul><li>VA with “service centric” vision </li></ul><ul><li>Attaka allows now to integrate all the participants through internal/external remediation, documentation and reporting workflows </li></ul><ul><li>They are not expensive, which allows to repeat them frequently, reinforcing the concept of &quot;security = process&quot;, and they help carry out the complex processes to &quot;be in compliance&quot; </li></ul><ul><li>Integrates with company's Help Desk to provide greater support to clients </li></ul><ul><li>Gives users the possibility of interacting with their companies' security status, in a continuous and cooperative process </li></ul>ATTAKA transform in “ An integrated, collaborative and management Platform ” ATTAKA, a different kind of Vulnerability Assessment
    10. 10. <ul><li>ATTAKA assesses more than 15000 security vulnerabilities on network environments </li></ul><ul><li>It consists of the following modules: </li></ul><ul><ul><li>Discovery: </li></ul></ul><ul><ul><ul><li>Asset consolidation and assessment (internal and external). </li></ul></ul></ul><ul><ul><li>Reporting: </li></ul></ul><ul><ul><ul><li>Interactive, historical and dashboard reports with key indicators and summarized information on vulnerabilities, statistics and current infrastructure state </li></ul></ul></ul><ul><ul><li>Remediation: </li></ul></ul><ul><ul><ul><li>This includes documentation and workflow. Follow-up, improvement and resolution of issues are recorded in the Patch Management process (vulnerability remediation) </li></ul></ul></ul><ul><ul><li>Support: </li></ul></ul><ul><ul><ul><li>24/7 on-line access based on a ITIL – Help Desk that provides support </li></ul></ul></ul>ATTAKA, a different kind of Vulnerability Assessment
    11. 11. <ul><ul><li>ATTAKA is the only platform in Latin America in process of being recognized by MITRE ( </li></ul></ul><ul><ul><li>Segmentation for Servers and Workstations </li></ul></ul><ul><ul><li>3 flavors: </li></ul></ul><ul><ul><ul><li>Professional (Reporting) </li></ul></ul></ul><ul><ul><ul><li>Business (Reporting + Remediation) </li></ul></ul></ul><ul><ul><ul><li>Corporate (Reporting + Remediation + Support) </li></ul></ul></ul>ATTAKA, a different kind of Vulnerability Assessment
    12. 12. <ul><li>Dashboard report </li></ul><ul><li>Possibility of performing remote vulnerability assessments in LAN networks (ATTAKA indoor) without complex procedures </li></ul><ul><li>Searches by CVE code </li></ul><ul><li>Vulnerabilities remediation module (patch management) </li></ul><ul><li>Performs external and internal audits under the company management supervision </li></ul><ul><li>Security news module </li></ul><ul><li>Performance and scalability </li></ul><ul><li>Possibility of assessing hundreds of IPs per report/session </li></ul><ul><li>Integrate 24/7 on-line access based on a ITIL – Help Desk that provides support </li></ul><ul><li>Multi-language capability – Spanish and English </li></ul>ATTAKA, key features
    13. 13. ATTAKA Outdoor
    14. 14. The Block, VA Indoor Appliance “ The Block ”, full proof appliance to deliver LAN´s Remote vulnerability Assesments <ul><li>Always up-to-date: periodically updated, including improvements and new attack patterns. </li></ul><ul><li>Impenetrable: can only be accessed from Openware’s Security Operation Center (SOC), and managed by authorized personnel. </li></ul><ul><li>Low impact: does not overload clients' network traffic or Internet links. </li></ul><ul><li>Flexible: can complement other security devices (firewalls) already working, or replace them providing complex functions. </li></ul><ul><li>Simple installation: transparent installation in front panel takes no more than 15 minutes and does not require installing agents in any server. </li></ul><ul><li>Integrated: it integrates with Openware’s managed security ecosystem, through monitoring and centralized platform (Blockware). </li></ul><ul><li>Secure: double internal Watchdog ensures high-availability. </li></ul><ul><li>High performance: high performance and throughput, allowing high-speed data processing without loss or bottlenecks. </li></ul>
    15. 15. ATTAKA Indoor
    16. 16. ATTAKA, Screenshots
    17. 17. <ul><li>Reduces operating costs, minimizing TCO for vulnerability assessment and management tasks </li></ul><ul><li>Reduces human error and false positives, by a double checking with our security specialists and knowledge databases </li></ul><ul><li>Easy operation and implementation – it does not require network changes, special software or experts to make it works </li></ul><ul><li>Complements and adds value to firewalls, IDS and antivirus software, by detecting failures in their configuration </li></ul><ul><li>Speeds up security troubleshooting processes, presenting added information for a quick view the company's vulnerability state, complete details for each vulnerability ranked by risk level, and the recommended action for solving it     </li></ul>ATTAKA, benefits for your business !
    18. 18. THANK YOU! <ul><li>For further information </li></ul><ul><li> </li></ul><ul><li>ATTAKA Demo </li></ul><ul><li>URL: </li></ul><ul><li>Username: 123456789-attaka </li></ul><ul><li>Password: attaka414 </li></ul><ul><li>Contact </li></ul><ul><li>[email_address] </li></ul>
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.