Engineering Security Vulnerability Prevention, Detection, and Response
Download as PPTX, PDF0 likes101 views
The document discusses software security practices for preventing, detecting, and responding to vulnerabilities. It outlines practices used to prevent vulnerabilities during design and implementation, such as establishing security standards and using secure coding practices. Vulnerability detection practices aim to find flaws before deployment, including penetration testing and intrusion detection systems. Response practices deal with incident response, tracking and fixing bugs, and emergency patches. The conclusion calls for continued efforts by engineers and researchers to consider attackers and protect users.
Engineering Security Vulnerability Prevention, Detection, and Response
- 1. Engineering Security Vulnerability Prevention, Detection, and Response IEEE Software ( Volume: 35 , Issue: 5 , September/October 2018 ) Group Member(s): Areeba Jabeen Hafsa Habib Muniba Javaid
- 2. Software Security Software engineers use software security practices to • Prevent the introduction of vulnerabilities into a product or system, • Detect vulnerabilities that have been injected during development, • Respond to the discovery of vulnerabilities in a deployed product by attackers and researchers. Software Vulnerability A software vulnerability is a glitch, flaw, or weakness present in the software which helps the attacker to perform unauthorized actions within a computer system.
- 3. Vulnerability Prevention Two practices are commonly used in Firms / Organizations to prevent the injection of vulnerabilities: • Design flaw prevention practices • Implementation bug prevention practices Design flaw prevention practices Build and publish security features Create security standards Create (security) policy Identify potential attackers Use application containers Create technology-specific attack patterns Implementation bug prevention practices Use a top-N bugs list Use secure coding standards.
- 4. Vulnerability Detection Vulnerability detection practices are used to find implementation bugs and design flaws in a product prior to its deployment to a customer. To be protected, the entire system should be monitored. Intrusion detection tools should be strategically placed at the network and application levels. Intrusion detection system (IDS) An intrusion detection system (IDS) is a tool or software that works with your network to keep it secure and flag when somebody is trying to break into your system. Some popular IDS Software Tools are: SolarWinds Security Event Manager, Snort, Suricata, Trend Micro TippingPoint, Cisco Stealthwatch
- 5. Vulnerability Detection Two practices are commonly used in Firms / Organizations for the detection of vulnerabilities: • Design flaw detection practices • Implementation bug detection practices Implementation bug detection practices Use external penetration testers to find problems. Ensure that quality assurance (QA) supports edge or boundary value condition testing. Use penetration testing tools internally. Use automated tools along with a manual review. Design flaw detection practices Use external penetration testers to find problems. Perform a security feature review. Use penetration testing tools internally. Perform a design review for high-risk applications.
- 6. Vulnerability Response Six software security practices are used to detect a breach or to respond to the detection of vulnerabilities once the product is deployed. The three practices used most often deal with emergency responses and bug fixing. Create or interface with incident response. Track software bugs found in operations through the fix process. Have an emergency code base response. The lowest-used practices are focused on proactive actions, such as fixing all occurrences of bugs. Use application input monitoring. Use application behavior monitoring and diagnostics. Fix all occurrences of software bugs found in operations.
- 7. CONCLUSION Software engineers and security researchers must continue to rise to protect society from the attackers. Engineers should explicitly consider the bad actors for their systems and what these actors want to do, such that the system can stop them in their tracks using practices such as abuse cases and threat models. Engineers should also consider the unintentional mistakes that users can make, such as clicking on suspicious links, and design systems to protect the user from his or her own actions. Providing tools to aid in software security is not enough. Students and practitioners need to be trained. Educators of software engineers should ensure that students learn the importance of and the practices for designing and developing secure systems.
- 8. Thank you...