SlideShare a Scribd company logo

Outpost24 webinar: best practice for external attack surface management

Download as PPTX, PDF
Outpost24, profile picture
Outpost24

This document discusses best practices for external attack surface management. It explains how digital acceleration has increased organizations' attack surfaces and defines external attack surface management. The document outlines how to categorize and assess risk for web applications and common attack vectors in retail, finance and healthcare. It concludes with recommended best practices, which include discovering all external assets, categorizing them, monitoring for changes, and implementing controls like patching, access management and security assessments.

Software
Related topics:
Application Security
1 of 31
Downloaded 15 times
1
2
3
4
5
6
7
8
Most read
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
Best Practice for External Attack Surface Management Stephane Konarkowski Technical Consultant @Outpost24 29th Sept 2021
Helping customers improve security posture since 2001 Full stack security assessment Over 2,000 customers in all regions of the world Really good at breaking technology
Agenda • Digital Acceleration • External Attack surface Management? • Debunking Web Application attack surface • Retail, Finance, Healthcare most common attack vectors • Best Practices
Digital Acceleration
Digital & Acceleration • 1995 – migration of data from FTP and Usenet to web pages • 2006 – Cloud computing (data services and architecture should be on servers) • Today – SaaS, PaaS, IaaS, Hybrid, API, etc…
Digital & Acceleration • Worldwide digital change has accelerated the size, scope, and composition of an organization’s attack surface. Source
EASM (External Attack Surface Management)
EASM (External Attack Surface Management) Gartner defines EASM as “the processes, technology and professional services deployed to discover external-facing enterprise assets and systems that may present vulnerabilities.” Before Now
EASM (External Attack Surface Management) External Attack Surface Management
What's an External Attack Surface EAS IP Addresses Domains Certificates Ports & Services Web Frameworks APIs WHOIS & Attack Vectors Infrastructure Apps Endpoints IOT Cloud Supply Chain Weak Passwords Phishing Unpatched Vuln Misconfiguration Spam Social Engineering Domain takeover Poor Encryption Brute Force Session Hijacking
EASM (External Attack Surface Management) Continuous • Discovery • Inventory • Categorization • Prioritize • Monitoring Simple…?
Debunking Web Application attack surface
Categorize Web Applications • Static • Dynamic • E-commerce • Portals • CMS • Progressive
Business Criticality • Is this application revenue generating? • Is this application hosting sensitive information and customer data (PII) Update Frequency • No application updates • Application updates occur once a year • Application updates occur several times a year • Updates occur continuously Complexity Level • Application with a high number of pages • Application with dynamic content • Application with multiple inputs (forms) Criticality Updates Complexity ARS (Application Risk Score) Debunking Web Application attack Surface
Debunking Web Application attack Surface 7v Simple…?
Retail, Finance, Healthcare most common attack vectors
Outpost24 webinar: best practice for external attack surface management
Insurance Of these applications identified are found to be using old components containing known vulnerabilities that could be exploited 143 # Average # of old components used which can carry vulnerabilities if software is unpatched and can lead to increased risk of data breach
Retail 8 % Of these applications are suspicious applications (test, dev, etc.) Of Top 10 EU retailers are running out of date jQuery 90 %
US Credit Unions 17.4 # Average # of open port 80 which can be vulnerable to exploit if unpatched, misconfigured, or poor network security rules 10 % Of these applications identified are found to be using old components containing known vulnerabilities that could be exploited
Healthcare 15% Of Applications need Hygiene +150 And counting have login forms not encrypted Report will be ready soon
What we have discovered • Unpatched servers • Remote access • Misconfigurations • Insufficient credential, access and key management • Open ports • Overly permissive access rights • Lack of multi-factor authentication • Insecure storage containers • Insecure APIs • Inadequate change control
Best Practices
Outpost24 webinar: best practice for external attack surface management
External Attack Surface Hygiene
Discover  Third Parties  Unknowns  Left Overs  Connect to  Entry Points
Categorize
Monitor  Digital Foot Print  What’s open  Changes  Configurations
Controls  Right Level of Assessment  Fix / Patch  Accept  Red Team  Threat hunting
Web Application - Scenario • Web attack surface management best practice • Application discovery and inventory • Attack surface assessment and classification • Actionable risk scoring • Continuous application security monitoring
Stephane Konarkowski Technical Consultant sk@outpost24.com Questions? GET A FREE Attack Surface Assessment

More Related Content

PPTX
Cyber Kill Chain.pptx
Vivek Chauhan
 
PDF
Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...
Outpost24
 
PDF
Threat Intelligence
Deepak Kumar (D3)
 
PDF
Owasp top 10
YasserElsnbary
 
PDF
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
PPTX
Cyber Threat Intelligence
Prachi Mishra
 
PDF
Threat Intelligence Workshop
Priyanka Aash
 
PPTX
VAPT - Vulnerability Assessment & Penetration Testing
Netpluz Asia Pte Ltd
 
Cyber Kill Chain.pptx
Vivek Chauhan
 
Outpost24 webinar - Why asset discovery is the missing link to enterprise vul...
Outpost24
 
Threat Intelligence
Deepak Kumar (D3)
 
Owasp top 10
YasserElsnbary
 
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
Cyber Threat Intelligence
Prachi Mishra
 
Threat Intelligence Workshop
Priyanka Aash
 
VAPT - Vulnerability Assessment & Penetration Testing
Netpluz Asia Pte Ltd
 

What's hot (20)

PPTX
Cyber Threat Intelligence.pptx
AbimbolaFisher1
 
PDF
MITRE ATT&CK Framework
n|u - The Open Security Community
 
PDF
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Edureka!
 
PPTX
Cybersecurity Risk Management Program and Your Organization
McKonly & Asbury, LLP
 
PPTX
6 Steps for Operationalizing Threat Intelligence
Sirius
 
PPTX
Cyber Threat Intelligence | Information to Insight
Deep Shankar Yadav
 
PDF
Overview of the Cyber Kill Chain [TM]
David Sweigert
 
PDF
Threat Hunting
Splunk
 
PDF
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
 
PDF
Cyber Threat Intelligence
mohamed nasri
 
PPTX
SOC: Use cases and are we asking the right questions?
Jonathan Sinclair
 
PPTX
Metasploit framwork
Deepanshu Gajbhiye
 
PPTX
Presentation of Social Engineering - The Art of Human Hacking
msaksida
 
PPTX
Hyphenet Security Awareness Training
Jen Ruhman
 
PDF
Vulnerability Management
asherad
 
PDF
Introduction to Cybersecurity
Krutarth Vasavada
 
PDF
IBM Security Strategy Overview
xband
 
PDF
Cyber Threat Intelligence
ZaiffiEhsan
 
PPTX
Cyber threat intelligence: maturity and metrics
Mark Arena
 
PPTX
Cyber security landscape
Jisc
 
Cyber Threat Intelligence.pptx
AbimbolaFisher1
 
MITRE ATT&CK Framework
n|u - The Open Security Community
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Edureka!
 
Cybersecurity Risk Management Program and Your Organization
McKonly & Asbury, LLP
 
6 Steps for Operationalizing Threat Intelligence
Sirius
 
Cyber Threat Intelligence | Information to Insight
Deep Shankar Yadav
 
Overview of the Cyber Kill Chain [TM]
David Sweigert
 
Threat Hunting
Splunk
 
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
 
Cyber Threat Intelligence
mohamed nasri
 
SOC: Use cases and are we asking the right questions?
Jonathan Sinclair
 
Metasploit framwork
Deepanshu Gajbhiye
 
Presentation of Social Engineering - The Art of Human Hacking
msaksida
 
Hyphenet Security Awareness Training
Jen Ruhman
 
Vulnerability Management
asherad
 
Introduction to Cybersecurity
Krutarth Vasavada
 
IBM Security Strategy Overview
xband
 
Cyber Threat Intelligence
ZaiffiEhsan
 
Cyber threat intelligence: maturity and metrics
Mark Arena
 
Cyber security landscape
Jisc
 
Ad

Similar to Outpost24 webinar: best practice for external attack surface management (20)

PDF
How to Reduce the Attack Surface Created by Your Cyber-Tools
Enterprise Management Associates
 
PPTX
What is external attack surface management and why is it important
Hasna Zameer
 
PDF
Enumerating Enterprise Attack Surface
Denim Group
 
PPTX
Reducing Application Risk: minimizing your web application's attack surface
Security Innovation
 
PPTX
Outpost24 webinar - Demystifying Web Application Security with Attack Surface...
Outpost24
 
PDF
Structuring and Scaling an Application Security Program
Denim Group
 
PDF
Security Shift Leftmost - Secure Architecture.pdf
Narudom Roongsiriwong, CISSP
 
PDF
Enumerating Enterprise Attack Surface
Denim Group
 
PPTX
Shared Security Responsibility for the Azure Cloud
Alert Logic
 
PPTX
Cybersecurity Strategies for Effective Attack Surface Reduction
SecPod
 
PPTX
Cybersecurity Strategies for Effective Attack Surface Reduction
SecPod
 
PPTX
Outpost24 webinar - Understanding the 7 deadly web application attack vectors
Outpost24
 
PPTX
Security Incident machnism Security Incident machnismSecurity Incident machni...
karthikvcyber
 
PPTX
For Business's Sake, Let's focus on AppSec
Lalit Kale
 
PDF
Even In 2014, Attackers are on steroid on Cloud, since the IT spending on Web...
Sreejesh Madonandy
 
PDF
1.Review news reports from a specific data breach. Choose a breach f.pdf
arihantpatna
 
PPTX
Enterprise Class Vulnerability Management Like A Boss
rbrockway
 
PDF
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
OpenDNS
 
PPTX
Owasp top10salesforce
gbreavin
 
PPTX
Owasp top 10 vulnerabilities
OWASP Delhi
 
How to Reduce the Attack Surface Created by Your Cyber-Tools
Enterprise Management Associates
 
What is external attack surface management and why is it important
Hasna Zameer
 
Enumerating Enterprise Attack Surface
Denim Group
 
Reducing Application Risk: minimizing your web application's attack surface
Security Innovation
 
Outpost24 webinar - Demystifying Web Application Security with Attack Surface...
Outpost24
 
Structuring and Scaling an Application Security Program
Denim Group
 
Security Shift Leftmost - Secure Architecture.pdf
Narudom Roongsiriwong, CISSP
 
Enumerating Enterprise Attack Surface
Denim Group
 
Shared Security Responsibility for the Azure Cloud
Alert Logic
 
Cybersecurity Strategies for Effective Attack Surface Reduction
SecPod
 
Cybersecurity Strategies for Effective Attack Surface Reduction
SecPod
 
Outpost24 webinar - Understanding the 7 deadly web application attack vectors
Outpost24
 
Security Incident machnism Security Incident machnismSecurity Incident machni...
karthikvcyber
 
For Business's Sake, Let's focus on AppSec
Lalit Kale
 
Even In 2014, Attackers are on steroid on Cloud, since the IT spending on Web...
Sreejesh Madonandy
 
1.Review news reports from a specific data breach. Choose a breach f.pdf
arihantpatna
 
Enterprise Class Vulnerability Management Like A Boss
rbrockway
 
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
OpenDNS
 
Owasp top10salesforce
gbreavin
 
Owasp top 10 vulnerabilities
OWASP Delhi
 
Ad

More from Outpost24 (20)

PPTX
Outpost24 webinar - A fresh look into the underground card shop ecosystem
Outpost24
 
PDF
Outpost24 webinar Why API security matters and how to get it right.pdf
Outpost24
 
PPTX
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24
 
PPTX
Outpost24 Webinar - Five steps to build a killer Application Security Program
Outpost24
 
PPTX
Outpost24 webinar - How to protect your organization from credential theft
Outpost24
 
PPTX
Outpost24 webinar : Beating hackers at their own game 2022 predictions
Outpost24
 
PPTX
Outpost24 webinar - Enhance user security to stop the cyber-attack cycle
Outpost24
 
PDF
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24
 
PPTX
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24
 
PPTX
Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...
Outpost24
 
PPTX
Outpost24 webinar - Api security
Outpost24
 
PDF
Outpost24 Webinar - CISO conversation behind the cyber security technology
Outpost24
 
PDF
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24
 
PDF
Outpost24 webinar - How to secure cloud services in the DevOps fast lane
Outpost24
 
PPTX
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24
 
PPTX
Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...
Outpost24
 
PPTX
Outpost24 webinar mastering container security in modern day dev ops
Outpost24
 
PPTX
Outpost24 webinar - Protecting Cezanne HR’s cloud web application with contin...
Outpost24
 
PPTX
Outpost24 webinar - Cybersecurity readiness in the post Covid-19 world
Outpost24
 
PPTX
Outpost24 webinar - Securing DevOps in Cloud Environments
Outpost24
 
Outpost24 webinar - A fresh look into the underground card shop ecosystem
Outpost24
 
Outpost24 webinar Why API security matters and how to get it right.pdf
Outpost24
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24
 
Outpost24 Webinar - Five steps to build a killer Application Security Program
Outpost24
 
Outpost24 webinar - How to protect your organization from credential theft
Outpost24
 
Outpost24 webinar : Beating hackers at their own game 2022 predictions
Outpost24
 
Outpost24 webinar - Enhance user security to stop the cyber-attack cycle
Outpost24
 
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24
 
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24
 
Outpost24 Webinar - DevOps to DevSecOps: delivering quality and secure develo...
Outpost24
 
Outpost24 webinar - Api security
Outpost24
 
Outpost24 Webinar - CISO conversation behind the cyber security technology
Outpost24
 
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24
 
Outpost24 webinar - How to secure cloud services in the DevOps fast lane
Outpost24
 
Outpost24 webinar - Winning the cybersecurity race with predictive vulnerabil...
Outpost24
 
Outpost24 webinar - Bridging your cyber hygiene gap to prevent enterprise hac...
Outpost24
 
Outpost24 webinar mastering container security in modern day dev ops
Outpost24
 
Outpost24 webinar - Protecting Cezanne HR’s cloud web application with contin...
Outpost24
 
Outpost24 webinar - Cybersecurity readiness in the post Covid-19 world
Outpost24
 
Outpost24 webinar - Securing DevOps in Cloud Environments
Outpost24
 

Recently uploaded (20)

PPTX
VVF-Customer-Presentation2025-Ver1.9.pptx
blackmambaettijean
 
PPTX
Agentic AI : A Practical Guide. Undersating, Implementing and Scaling Autono...
IT IDOL Technologies
 
PDF
Upgrade and Innovation Strategies for SAP ERP Customers
Virendra Rai, PMP
 
PDF
Why TechBuilder is the Future of Pickup and Delivery App Development (1).pdf
TechBuilder
 
PPTX
Oracle E-Business Suite: A Comprehensive Guide for Modern Enterprises
Conacent Consulting
 
PDF
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
PDF
Raksha Bandhan Grocery Pricing Trends in India 2025.pdf
Actowiz Solustions
 
PDF
PTS Company Brochure 2025 (1).pdf.......
pts464036
 
PPTX
Transform Your Business with a Software ERP System
Canada Software Company
 
PPTX
L1 - Introduction to python Backend.pptx
MoizAhmed480282
 
PPTX
history of c programming in notes for students .pptx
Vijayakumari829030
 
PDF
Audit Checklist Design Aligning with ISO, IATF, and Industry Standards — Omne...
rohnjim07
 
PDF
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
PDF
2025 Textile ERP Trends: SAP, Odoo & Oracle
Aetos Technologies
 
PDF
medical staffing services at VALiNTRY
Tiyan Grayson
 
PDF
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
PPTX
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
PDF
SAP S4 Hana Brochure 3 (PTS SYSTEMS AND SOLUTIONS)
pts464036
 
PPTX
ai tools demonstartion for schools and inter college
harshavardhanreddyka11
 
PDF
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
VVF-Customer-Presentation2025-Ver1.9.pptx
blackmambaettijean
 
Agentic AI : A Practical Guide. Undersating, Implementing and Scaling Autono...
IT IDOL Technologies
 
Upgrade and Innovation Strategies for SAP ERP Customers
Virendra Rai, PMP
 
Why TechBuilder is the Future of Pickup and Delivery App Development (1).pdf
TechBuilder
 
Oracle E-Business Suite: A Comprehensive Guide for Modern Enterprises
Conacent Consulting
 
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
Raksha Bandhan Grocery Pricing Trends in India 2025.pdf
Actowiz Solustions
 
PTS Company Brochure 2025 (1).pdf.......
pts464036
 
Transform Your Business with a Software ERP System
Canada Software Company
 
L1 - Introduction to python Backend.pptx
MoizAhmed480282
 
history of c programming in notes for students .pptx
Vijayakumari829030
 
Audit Checklist Design Aligning with ISO, IATF, and Industry Standards — Omne...
rohnjim07
 
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
2025 Textile ERP Trends: SAP, Odoo & Oracle
Aetos Technologies
 
medical staffing services at VALiNTRY
Tiyan Grayson
 
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
SAP S4 Hana Brochure 3 (PTS SYSTEMS AND SOLUTIONS)
pts464036
 
ai tools demonstartion for schools and inter college
harshavardhanreddyka11
 
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 

Outpost24 webinar: best practice for external attack surface management

  • 1. Best Practice for External Attack Surface Management Stephane Konarkowski Technical Consultant @Outpost24 29th Sept 2021
  • 2. Helping customers improve security posture since 2001 Full stack security assessment Over 2,000 customers in all regions of the world Really good at breaking technology
  • 3. Agenda • Digital Acceleration • External Attack surface Management? • Debunking Web Application attack surface • Retail, Finance, Healthcare most common attack vectors • Best Practices
  • 5. Digital & Acceleration • 1995 – migration of data from FTP and Usenet to web pages • 2006 – Cloud computing (data services and architecture should be on servers) • Today – SaaS, PaaS, IaaS, Hybrid, API, etc…
  • 6. Digital & Acceleration • Worldwide digital change has accelerated the size, scope, and composition of an organization’s attack surface. Source
  • 7. EASM (External Attack Surface Management)
  • 8. EASM (External Attack Surface Management) Gartner defines EASM as “the processes, technology and professional services deployed to discover external-facing enterprise assets and systems that may present vulnerabilities.” Before Now
  • 9. EASM (External Attack Surface Management) External Attack Surface Management
  • 10. What's an External Attack Surface EAS IP Addresses Domains Certificates Ports & Services Web Frameworks APIs WHOIS & Attack Vectors Infrastructure Apps Endpoints IOT Cloud Supply Chain Weak Passwords Phishing Unpatched Vuln Misconfiguration Spam Social Engineering Domain takeover Poor Encryption Brute Force Session Hijacking
  • 11. EASM (External Attack Surface Management) Continuous • Discovery • Inventory • Categorization • Prioritize • Monitoring Simple…?
  • 12. Debunking Web Application attack surface
  • 13. Categorize Web Applications • Static • Dynamic • E-commerce • Portals • CMS • Progressive
  • 14. Business Criticality • Is this application revenue generating? • Is this application hosting sensitive information and customer data (PII) Update Frequency • No application updates • Application updates occur once a year • Application updates occur several times a year • Updates occur continuously Complexity Level • Application with a high number of pages • Application with dynamic content • Application with multiple inputs (forms) Criticality Updates Complexity ARS (Application Risk Score) Debunking Web Application attack Surface
  • 15. Debunking Web Application attack Surface 7v Simple…?
  • 16. Retail, Finance, Healthcare most common attack vectors
  • 18. Insurance Of these applications identified are found to be using old components containing known vulnerabilities that could be exploited 143 # Average # of old components used which can carry vulnerabilities if software is unpatched and can lead to increased risk of data breach
  • 19. Retail 8 % Of these applications are suspicious applications (test, dev, etc.) Of Top 10 EU retailers are running out of date jQuery 90 %
  • 20. US Credit Unions 17.4 # Average # of open port 80 which can be vulnerable to exploit if unpatched, misconfigured, or poor network security rules 10 % Of these applications identified are found to be using old components containing known vulnerabilities that could be exploited
  • 21. Healthcare 15% Of Applications need Hygiene +150 And counting have login forms not encrypted Report will be ready soon
  • 22. What we have discovered • Unpatched servers • Remote access • Misconfigurations • Insufficient credential, access and key management • Open ports • Overly permissive access rights • Lack of multi-factor authentication • Insecure storage containers • Insecure APIs • Inadequate change control
  • 26. Discover  Third Parties  Unknowns  Left Overs  Connect to  Entry Points
  • 28. Monitor  Digital Foot Print  What’s open  Changes  Configurations
  • 29. Controls  Right Level of Assessment  Fix / Patch  Accept  Red Team  Threat hunting
  • 30. Web Application - Scenario • Web attack surface management best practice • Application discovery and inventory • Attack surface assessment and classification • Actionable risk scoring • Continuous application security monitoring