Null Bhubaneswar , profile picture
Uploaded byNull Bhubaneswar
PPTX, PDF66 views

Information Security 201

This document provides an overview of an information security training session covering various topics: - The presenter is introduced as a cybersecurity analyst and researcher who provides their contact information. - The agenda includes topics like antivirus software, static and dynamic application security testing, the CIA triad model of information security, reconnaissance techniques, reverse shells, endpoint detection and response, configuration reviews, vulnerability assessments, penetration testing, and critical infrastructure security. - Each topic is then defined in one to three paragraphs with examples of common tools used for tasks like passive and active reconnaissance, static application security testing, and vulnerability assessments.

Embed presentation

Download to read offline
Session On Information Security 101 25th February,2022 Bhubaneswar
Who AM I?  Cybersecurity Analyst at Network Intelligence  Cybersecurity Researcher  https://www.linkedin.com/in/sai-swarup-das-9260b8165/  Travel freak, Gym, Cricket and many more
Agenda  Antivirus  SAST/DAST  CIA Triad  Active/Passive Reconnaissance  Reverse shell  Endpoint Detection And Response  Configuration Review  Vulnerability Assessment  Penetration Testing  Critical Infrastructure security
Antivirus (AV)  It is a computer program/software designed to detect and prevent any kind of malware or viruses from damaging or corrupting the system (PC, Laptop, Tablet, Smart-Phone, etc.)  Malicious Software commonly known as malware is a code/computer program/script that can harm a computer or any smart electronic device and can perform theft of digital data. Therefore, antivirus detect and prevent the malicious program a.k.a malware from installing and getting executed in the system.  Antivirus products normally work by detecting , quarantining and deleting malicious code, in-order to prevent the execution in the system. Modern antivirus products update themselves automatically, to provide protection against the latest malwares or viruses.  Some commonly known antivirus product brands are Quick Heal, Kaspersky and Norton. But there are other antivirus product brands in the market. Normally the choice of antivirus product brand depends on the cost, usage and many more factors.
SAST/DAST  SAST typically stands for Static Application Security Testing.  Normally this approach is used in Source Code Review Scope or White Box Penetration Testing.  Here in SAST we manually review the source code of the software in-order to detect vulnerabilities in the software.  Some known SAST tools are Bandit, MobSF, SonarQube, Veracode and many more.  DAST typically stands for Dynamic Application Security Testing.  Normally this approach is used in dynamic analysis of the traffic where we try to manipulate the headers and numerous parameters in-order to assess the vulnerability and it’s impact.  DAST approach is used in Black-Box and Grey-Box Penetration Testing.  Some known DAST tools are Acunetix web vulnerability scanner, Burpsuite, Owasp- ZAP, Nikto, and many more.
CIA Triad  “C” stands for Confidentiality:- It means that the data remaining the state of static or dynamic must be secured and no other user can access the sensitive data.  “I” stands for Integrity:- It means that no modification should be done to the data via malicious threat actor and the genuinity of the data must be maintained throughout the process.  “A” stands for Availability:- It means that the service provided must be up and running and also the information should be consistently and readily accessible for authorized parties.  Any deviation done from the CIA triad results in the security issue of the asset and expose it into the surface of the malicious threat/actors.
Passive/Active Reconnaissance  Passive Reconnaisance is the approach to gain information about the target without actively engaging with the system.  Passive Reconnaisance is not noisy and the information depends on the publicly available information and use of sniffing tools.  Some know tools for passive reconnaissance are Wireshark, Ettercap , Tshark , OSINT tools , Google dorks , Shodan and many more…  Active Reconnaisance is the approach to gain information about the target with actively engaging with the system.  Active Reconnaisance is noisy and therefore there is a chance for the traffic to get detected, therefore respective measures should be taken for not getting detecting especially during red team engagements.  Sone know tools for active reconnaissance are Nmap, Zenmap , SQLmap , Nikto , SSTImap and many more..
Reverse Shell  Shell is normally an interaction interface program that makes possible for the application or the system to interact with the operating system kernel.  Reverse shell is intended for malicious purpose where an adversary after exploiting the vulnerability in a system uploads a reverse shell to interact with the target system in-order to perform post exploitation engagement.  The persistency in a target system depends on the reverse shell stability. The more the reverse shell is stable the more there is persistency to access the system.  There are various types of reverse shell. They are Bash reverse shell, PHP reverse shell, Java reverse shell, Python reverse shell, Perl reverse shell, Netcat reverse shell and many more.  Reverse shell can be coded/programmed using any programming language.
End Point Detection And Response (EDR)  EDR stands for “End Point Detection And Response”.  It is a security tool that focuses on detecting and mitigating suspicious activity on devices and hosts.  The value of EDR is the ability to detect advanced threats that may not have a recorded behavioral pattern or malware signature.  Some known EDR product brands are Crowdstrike, Cisco, Fortinet and many more.
Configuration Review  Configuration review is the scope where a consultant/security researcher do secure review over the configuration done to the network and perimeter devices.  Configuration review is carried out referring the two benchmarks namely CIS benchmarks and STIG benchmarks.  Configuration review is an essential scope for infrastructure security where secure configuration leads to secure network/infrastructure architecture.  Some know tools to perform configuration review are Nessus, Nipper and many more.  But it is always best to manually perform the configuration review either through the provided config files or taking the remote of the system.
Vulnerability Assessment (VA)  VA stands for “Vulnerability Assessment”.  It is an approach or method to assess the vulnerabilities present in the infrastructure or in the application.  It comes from two words:- Vulnerability + Assessment  Here in this method we use VA scanner tools to check what vulnerabilities are present in the infrastructure or in the application.  Some know VA Tools present in the market are Nessus, Qualys, Acunetix, Nikto, OWASPZAP, Open VAS and many more.  However, there are many commercial tools and opensource tools available, it mainly depends upon the scope and budget of testing.
Penetration Testing (PT)  PT stands for “Penetration Testing”.  Penetration Testing method/approach means exploiting the vulnerability found in the application or in the infrastructure.  Penetration Testing also notifies whether the vulnerability results found in the VA scanner tool is actually false positive or not.  There are mainly two types of penetration testing namely Infrastructure security/penetration testing and Application security/penetration testing.  In Infrastructure security/penetration testing we have Network penetration testing, Scada/OT security assessment, Hardware hacking and many more. Application security/penetration testing covers Web application pentesting, Mobile application pentesting, API pentesting, Thick client pentesting, Devsecops, Cloud pentesting.  Scope of penetration testing is White Box, Black Box and Grey Box.
Critical Infrastructure Security  Critical Infrastructure security is now an added scope into the security field where mainly the critical infrastructures like power plant, oil/gas factories, nuclear plant, water treatment plant, etc.. especially the core sectors are getting their operations computerized.  So mainly, this security sector is being given the term “critical” as any malicious vector can take down the plant or can result in the loss of life.  Here mainly the availability issue of CIA triad plays the major role.
THANK YOU

More Related Content

PDF
Common Tools Used in Penetration Testing.pptx (1).pdf
byRosy G
 
PPTX
tas-s6-software-engineering-slide-deck-secure-software-architecture.pptx
byMostafa Taghizade
 
PPTX
Ethical Hacking n VAPT presentation by Suvrat jain
bySuvrat Jain
 
PPTX
Vulnerability assessment and penetration testing
byAbu Sadat Mohammed Yasin
 
PPTX
Vapt life cycle
bypenetration Tester
 
PDF
NSA and PT
byRahmat Suhatman
 
PPTX
Introduction to cyber security
byGeevarghese Titus
 
PDF
Vulnerability assessment-info-savvy
byinfosavvy
 
Common Tools Used in Penetration Testing.pptx (1).pdf
byRosy G
 
tas-s6-software-engineering-slide-deck-secure-software-architecture.pptx
byMostafa Taghizade
 
Ethical Hacking n VAPT presentation by Suvrat jain
bySuvrat Jain
 
Vulnerability assessment and penetration testing
byAbu Sadat Mohammed Yasin
 
Vapt life cycle
bypenetration Tester
 
NSA and PT
byRahmat Suhatman
 
Introduction to cyber security
byGeevarghese Titus
 
Vulnerability assessment-info-savvy
byinfosavvy
 

Similar to Information Security 201

PPT
Penetration Testing Basics
byRick Wanner
 
PDF
Nt2580 Unit 7 Chapter 12
byLaura Arrigo
 
PDF
Nessus Assesment Vulnerability Management.pdf
bysurajpatil318663
 
PDF
Application Security Guide for Beginners
byCheckmarx
 
PDF
Vulnerability Assessment Report
byHarshit Singh Bhatia
 
PPTX
Vulnerability Assessment
byprimeteacher32
 
PPTX
What is a Port Scan in data visualization
byKomal Khanna
 
PPTX
NETWORK PENETRATION TESTING
byEr Vivek Rana
 
PPTX
CISSP - Security Assessment
byKarthikeyan Dhayalan
 
PPTX
Adv Sec part onesakjslkajslkjakljssasa.pptx
byssuser45b0e7
 
PPTX
DC612 Day - Hands on Penetration Testing 101
bydc612
 
PDF
Wm4
byUmang Patel
 
PPTX
Securitytools
byRichmond Adebiaye
 
PDF
IT Vulnerability & Tools Watch 2011
byWASecurity
 
PDF
5 howtomitigate
byricharddxd
 
PPT
Ch09 Performing Vulnerability Assessments
byInformation Technology
 
DOCX
Security tools
bySwapnil Srivastav PMP®
 
PDF
Practical White Hat Hacker Training - Vulnerability Detection
byPRISMA CSI
 
PDF
ethical Hack
byViggi Unbeaten
 
PDF
Wm4
byUmang Patel
 
Penetration Testing Basics
byRick Wanner
 
Nt2580 Unit 7 Chapter 12
byLaura Arrigo
 
Nessus Assesment Vulnerability Management.pdf
bysurajpatil318663
 
Application Security Guide for Beginners
byCheckmarx
 
Vulnerability Assessment Report
byHarshit Singh Bhatia
 
Vulnerability Assessment
byprimeteacher32
 
What is a Port Scan in data visualization
byKomal Khanna
 
NETWORK PENETRATION TESTING
byEr Vivek Rana
 
CISSP - Security Assessment
byKarthikeyan Dhayalan
 
Adv Sec part onesakjslkajslkjakljssasa.pptx
byssuser45b0e7
 
DC612 Day - Hands on Penetration Testing 101
bydc612
 
Wm4
byUmang Patel
 
Securitytools
byRichmond Adebiaye
 
IT Vulnerability & Tools Watch 2011
byWASecurity
 
5 howtomitigate
byricharddxd
 
Ch09 Performing Vulnerability Assessments
byInformation Technology
 
Security tools
bySwapnil Srivastav PMP®
 
Practical White Hat Hacker Training - Vulnerability Detection
byPRISMA CSI
 
ethical Hack
byViggi Unbeaten
 
Wm4
byUmang Patel
 

More from Null Bhubaneswar

PPTX
OWASP TOP 10 VULNERABILITIS
byNull Bhubaneswar
 
PDF
WAF 101
byNull Bhubaneswar
 
PPTX
Blue Team
byNull Bhubaneswar
 
PPTX
Saying Hello to Bug Bounty
byNull Bhubaneswar
 
PPTX
Intro to Reverse Engineering
byNull Bhubaneswar
 
PPTX
Lightweight static code analysis with semgrep
byNull Bhubaneswar
 
PPTX
how_to_get_into_infosec
byNull Bhubaneswar
 
PPTX
Online Financial Fraud
byNull Bhubaneswar
 
PDF
BurpSuiteOverview
byNull Bhubaneswar
 
PPTX
Online_financial_fraud Episode 2
byNull Bhubaneswar
 
PPTX
Information Security 101
byNull Bhubaneswar
 
PPTX
Cloud_PT
byNull Bhubaneswar
 
PPTX
Introduction_to_Cloud
byNull Bhubaneswar
 
PPTX
Online_financial_fraud3
byNull Bhubaneswar
 
PPTX
Linux Basic Commands
byNull Bhubaneswar
 
PPTX
Web App Pen Test
byNull Bhubaneswar
 
OWASP TOP 10 VULNERABILITIS
byNull Bhubaneswar
 
WAF 101
byNull Bhubaneswar
 
Blue Team
byNull Bhubaneswar
 
Saying Hello to Bug Bounty
byNull Bhubaneswar
 
Intro to Reverse Engineering
byNull Bhubaneswar
 
Lightweight static code analysis with semgrep
byNull Bhubaneswar
 
how_to_get_into_infosec
byNull Bhubaneswar
 
Online Financial Fraud
byNull Bhubaneswar
 
BurpSuiteOverview
byNull Bhubaneswar
 
Online_financial_fraud Episode 2
byNull Bhubaneswar
 
Information Security 101
byNull Bhubaneswar
 
Cloud_PT
byNull Bhubaneswar
 
Introduction_to_Cloud
byNull Bhubaneswar
 
Online_financial_fraud3
byNull Bhubaneswar
 
Linux Basic Commands
byNull Bhubaneswar
 
Web App Pen Test
byNull Bhubaneswar
 

Recently uploaded

PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PPTX
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
PDF
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
PDF
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
PDF
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
PDF
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PDF
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PDF
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PDF
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
PDF
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
PPTX
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
PPTX
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
PDF
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
PDF
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
PDF
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
PDF
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 

Information Security 201

  • 1.
    Session On Information Security101 25th February,2022 Bhubaneswar
  • 2.
    Who AM I? Cybersecurity Analyst at Network Intelligence  Cybersecurity Researcher  https://www.linkedin.com/in/sai-swarup-das-9260b8165/  Travel freak, Gym, Cricket and many more
  • 3.
    Agenda  Antivirus  SAST/DAST CIA Triad  Active/Passive Reconnaissance  Reverse shell  Endpoint Detection And Response  Configuration Review  Vulnerability Assessment  Penetration Testing  Critical Infrastructure security
  • 4.
    Antivirus (AV)  Itis a computer program/software designed to detect and prevent any kind of malware or viruses from damaging or corrupting the system (PC, Laptop, Tablet, Smart-Phone, etc.)  Malicious Software commonly known as malware is a code/computer program/script that can harm a computer or any smart electronic device and can perform theft of digital data. Therefore, antivirus detect and prevent the malicious program a.k.a malware from installing and getting executed in the system.  Antivirus products normally work by detecting , quarantining and deleting malicious code, in-order to prevent the execution in the system. Modern antivirus products update themselves automatically, to provide protection against the latest malwares or viruses.  Some commonly known antivirus product brands are Quick Heal, Kaspersky and Norton. But there are other antivirus product brands in the market. Normally the choice of antivirus product brand depends on the cost, usage and many more factors.
  • 5.
    SAST/DAST  SAST typicallystands for Static Application Security Testing.  Normally this approach is used in Source Code Review Scope or White Box Penetration Testing.  Here in SAST we manually review the source code of the software in-order to detect vulnerabilities in the software.  Some known SAST tools are Bandit, MobSF, SonarQube, Veracode and many more.  DAST typically stands for Dynamic Application Security Testing.  Normally this approach is used in dynamic analysis of the traffic where we try to manipulate the headers and numerous parameters in-order to assess the vulnerability and it’s impact.  DAST approach is used in Black-Box and Grey-Box Penetration Testing.  Some known DAST tools are Acunetix web vulnerability scanner, Burpsuite, Owasp- ZAP, Nikto, and many more.
  • 6.
    CIA Triad  “C”stands for Confidentiality:- It means that the data remaining the state of static or dynamic must be secured and no other user can access the sensitive data.  “I” stands for Integrity:- It means that no modification should be done to the data via malicious threat actor and the genuinity of the data must be maintained throughout the process.  “A” stands for Availability:- It means that the service provided must be up and running and also the information should be consistently and readily accessible for authorized parties.  Any deviation done from the CIA triad results in the security issue of the asset and expose it into the surface of the malicious threat/actors.
  • 7.
    Passive/Active Reconnaissance  PassiveReconnaisance is the approach to gain information about the target without actively engaging with the system.  Passive Reconnaisance is not noisy and the information depends on the publicly available information and use of sniffing tools.  Some know tools for passive reconnaissance are Wireshark, Ettercap , Tshark , OSINT tools , Google dorks , Shodan and many more…  Active Reconnaisance is the approach to gain information about the target with actively engaging with the system.  Active Reconnaisance is noisy and therefore there is a chance for the traffic to get detected, therefore respective measures should be taken for not getting detecting especially during red team engagements.  Sone know tools for active reconnaissance are Nmap, Zenmap , SQLmap , Nikto , SSTImap and many more..
  • 8.
    Reverse Shell  Shellis normally an interaction interface program that makes possible for the application or the system to interact with the operating system kernel.  Reverse shell is intended for malicious purpose where an adversary after exploiting the vulnerability in a system uploads a reverse shell to interact with the target system in-order to perform post exploitation engagement.  The persistency in a target system depends on the reverse shell stability. The more the reverse shell is stable the more there is persistency to access the system.  There are various types of reverse shell. They are Bash reverse shell, PHP reverse shell, Java reverse shell, Python reverse shell, Perl reverse shell, Netcat reverse shell and many more.  Reverse shell can be coded/programmed using any programming language.
  • 9.
    End Point DetectionAnd Response (EDR)  EDR stands for “End Point Detection And Response”.  It is a security tool that focuses on detecting and mitigating suspicious activity on devices and hosts.  The value of EDR is the ability to detect advanced threats that may not have a recorded behavioral pattern or malware signature.  Some known EDR product brands are Crowdstrike, Cisco, Fortinet and many more.
  • 10.
    Configuration Review  Configurationreview is the scope where a consultant/security researcher do secure review over the configuration done to the network and perimeter devices.  Configuration review is carried out referring the two benchmarks namely CIS benchmarks and STIG benchmarks.  Configuration review is an essential scope for infrastructure security where secure configuration leads to secure network/infrastructure architecture.  Some know tools to perform configuration review are Nessus, Nipper and many more.  But it is always best to manually perform the configuration review either through the provided config files or taking the remote of the system.
  • 11.
    Vulnerability Assessment (VA) VA stands for “Vulnerability Assessment”.  It is an approach or method to assess the vulnerabilities present in the infrastructure or in the application.  It comes from two words:- Vulnerability + Assessment  Here in this method we use VA scanner tools to check what vulnerabilities are present in the infrastructure or in the application.  Some know VA Tools present in the market are Nessus, Qualys, Acunetix, Nikto, OWASPZAP, Open VAS and many more.  However, there are many commercial tools and opensource tools available, it mainly depends upon the scope and budget of testing.
  • 12.
    Penetration Testing (PT) PT stands for “Penetration Testing”.  Penetration Testing method/approach means exploiting the vulnerability found in the application or in the infrastructure.  Penetration Testing also notifies whether the vulnerability results found in the VA scanner tool is actually false positive or not.  There are mainly two types of penetration testing namely Infrastructure security/penetration testing and Application security/penetration testing.  In Infrastructure security/penetration testing we have Network penetration testing, Scada/OT security assessment, Hardware hacking and many more. Application security/penetration testing covers Web application pentesting, Mobile application pentesting, API pentesting, Thick client pentesting, Devsecops, Cloud pentesting.  Scope of penetration testing is White Box, Black Box and Grey Box.
  • 13.
    Critical Infrastructure Security Critical Infrastructure security is now an added scope into the security field where mainly the critical infrastructures like power plant, oil/gas factories, nuclear plant, water treatment plant, etc.. especially the core sectors are getting their operations computerized.  So mainly, this security sector is being given the term “critical” as any malicious vector can take down the plant or can result in the loss of life.  Here mainly the availability issue of CIA triad plays the major role.
  • 14.