SlideShare a Scribd company logo

SecureWorld Seattle Vulnerability Mgmt Nov 11 2015

Download as PPTX, PDF
Kevin Murphy, profile picture
Kevin Murphy

Kevin J. Murphy gave a presentation on cyber security defense through effective vulnerability management. The presentation covered a year in review of cyber crimes and trends, the core elements of vulnerability management, and best practices for patch management. The presentation was intended for professionals from different industries to discuss cyber security challenges and solutions.

1 of 18
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Kevin J. Murphy Cyber Security Defense by Effective Vulnerability Mgmt. Director, Windows Security Architecture
Agenda 2 • Before We Begin.. • Year in Review: Cyber Crime & Nation States, Breaches, & Trends • Core of Vulnerability Management • Best Practices • Peer discussion
Before We Begin…… 3
Manufacturing Consulting Energy Software Retail Healthcare Telecommunications Government Banking Others? Industries Representation
PCI Standards 5
Year in Review 6
Year in Review : Baits and Social Media 7
Year in Review : Identity Exposure 8 This data was before the US Gov. OPM breach of 21.5 million identities
Year in Review : Attack Profiles 9
Year in Review : Cyber crime and Nation Threats 10 • 43% of all cyber attacks originated in China in 2014. http://vpncreative.net (I don’t believe this. I think China just gets caught) • Mobile O/S and app threats are rising as vectors into the enterprise • Dating sites have targeted phishing attacks • Facebook Twitter & Pinterest –sharing links to friends that are links to malware
Patch Management : Just Do IT! Please download this doc. Most attacks use known vulnerabilities Patches are available in most cases This should be considered as part of the normal operations
Patch Management: Core Elements 1. Accurate Asset Inventory a. Make sure you know your assets better than your attacker. 2. Patch availability awareness a. Microsoft Security Response Center b. http://csrc.nist.gov/ c. Your software vendors 3. Timely Monitoring, Scanning & Alerting infrastructure This should be considered as part of the normal operations
Patch Management: Core Elements 4. Type of Patches a. Core operating systems patches: Windows, Linux, Android, iOS, other b. Infrastructure patches: Cisco, Juniper, F5, Palo Alto, etc. c. Your application patches: 3rd party, your internal developed apps., mobile apps. d. Monitor tool patches e. Don’t forget your outliers: security cameras, HVAC, etc. This should be considered as part of the normal operations
Patch Management : Deployment  Plan on rolling out patches monthly  Critical patches should be patched out of sequence if an active exploit is in progress  Always test your patches first!  Full-time team  Fully funded in your budget cycle  Patch status should be part of your normal information system reporting metrics This should be viewed as part of the normal operations of your systems
Patch Management : Tips  Attackers would love to infect your patch and have you roll out their malware for them.  Use checksums/strong hash to verify patch integrity  Maintain configuration control  Secure network file transfer if possible  Automate and Phase your deployment to patch your high value systems first Verify your patch isn’t creating an outage Protect your patching infrastructure.
Patch Management : Cloud Based Systems  In most cases, your cloud provided will handle patches from the hypervisor and below  You still own patching your cloud based applications  Verify you cloud service level agreements and  Make sure there are no patching gaps. (Find the coverage gaps before your attacker does.)
Learning From Peers Let’s Share And Learn
Veteran’s Day

More Related Content

PPT
Reorganizing Federal IT to Address Today's Threats
Lumension
 
PPTX
Vulnerability Assessment
primeteacher32
 
PDF
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
BeyondTrust
 
PPTX
Vulnerability management today and tomorrow
Jonathan Sinclair
 
PPTX
Vulnerability Assessment Presentation
Lionel Medina
 
PPT
Key Strategies to Address Rising Application Risk in Your Enterprise
Lumension
 
PDF
OSB130 Patch Management Best Practices
Ivanti
 
PPTX
Software Vulnerability management
Kishor Datta Gupta
 
Reorganizing Federal IT to Address Today's Threats
Lumension
 
Vulnerability Assessment
primeteacher32
 
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
BeyondTrust
 
Vulnerability management today and tomorrow
Jonathan Sinclair
 
Vulnerability Assessment Presentation
Lionel Medina
 
Key Strategies to Address Rising Application Risk in Your Enterprise
Lumension
 
OSB130 Patch Management Best Practices
Ivanti
 
Software Vulnerability management
Kishor Datta Gupta
 

What's hot (20)

PDF
Best vulnerability assessment training
AdarshMathuri
 
PPTX
Effective Vulnerability Management
Vicky Ames
 
PPTX
September 2012 Security Vulnerability Session
Kaseya
 
PPTX
Vulnerability Management: What You Need to Know to Prioritize Risk
AlienVault
 
PPT
Blue Ocean IT Security
Jonathan Sinclair
 
PPTX
Assessment and Threats: Protecting Your Company from Cyber Attacks
Cimation
 
PPT
The Role of Application Control in a Zero-Day Reality
Lumension
 
PPTX
Vulnerability Assessment & Analysis (VAA) Overview
Susan Rantall
 
PPTX
Malicious software
CAS
 
PPTX
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
AlienVault
 
PDF
Security Implications of the Cloud
Alert Logic
 
PPTX
Enterprise Class Vulnerability Management Like A Boss
rbrockway
 
PPT
IT Security management and risk assessment
CAS
 
PDF
Trustport - Roman Veleba
Jan Fried
 
PPTX
VAPT, Ethical Hacking and Laws in India by prashant mali
Adv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
PPTX
Cyber Attack Survival
Skoda Minotti
 
PDF
VSEC LAN Security Assessment Service Profile
Vietnamese Network Security J.S.C
 
PPTX
Network Security Risk
Dedi Dwianto
 
PPTX
Web Application Vulnerability Management
jpubal
 
PPTX
VMRay intro video
Chad Loeven
 
Best vulnerability assessment training
AdarshMathuri
 
Effective Vulnerability Management
Vicky Ames
 
September 2012 Security Vulnerability Session
Kaseya
 
Vulnerability Management: What You Need to Know to Prioritize Risk
AlienVault
 
Blue Ocean IT Security
Jonathan Sinclair
 
Assessment and Threats: Protecting Your Company from Cyber Attacks
Cimation
 
The Role of Application Control in a Zero-Day Reality
Lumension
 
Vulnerability Assessment & Analysis (VAA) Overview
Susan Rantall
 
Malicious software
CAS
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
AlienVault
 
Security Implications of the Cloud
Alert Logic
 
Enterprise Class Vulnerability Management Like A Boss
rbrockway
 
IT Security management and risk assessment
CAS
 
Trustport - Roman Veleba
Jan Fried
 
VAPT, Ethical Hacking and Laws in India by prashant mali
Adv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
Cyber Attack Survival
Skoda Minotti
 
VSEC LAN Security Assessment Service Profile
Vietnamese Network Security J.S.C
 
Network Security Risk
Dedi Dwianto
 
Web Application Vulnerability Management
jpubal
 
VMRay intro video
Chad Loeven
 
Ad

Viewers also liked (19)

PPTX
Cyber Sec Update Secure World Seattle Nov 13, 2014
Kevin Murphy
 
DOC
Discurso del Señor Ismael Plascencia Nuñez, presidente de CONCAMIN en la Inau...
Ismael Plascencia Nuñez
 
PPTX
PARQUE CRETÁCICO. SUCRE, BOLIVIA
Maria Rosario Carrasco Patzi
 
PPTX
ARCHIVO DE LA PAZ
Maria Rosario Carrasco Patzi
 
PDF
Mercator Ocean newsletter 36
Mercator Ocean International
 
PDF
press-release.pdf
unn | UNITED NEWS NETWORK GmbH
 
PPTX
Galalab mo game_design_contest_(team ik)_ (the guardians)
Nam Jinwoo
 
PDF
Data, Privacy and the Cloud: Oh my!
Jason Neiffer
 
PDF
2012-am-workshop-spousal1
Yvonne Lefort, MA
 
DOC
Resume_Darshan
Darshan Malpathak
 
PPTX
TIK IXC Kelompok 7 - Bab 2
Satria Manggala Jati
 
PPT
Mapa conceptual gerencia de proyectos tecnología educativa
Diair Becerra
 
PPTX
Análisis publicitario Cristina Rodríguez Donaire
Cristinadonaire
 
PPTX
12
Goncharuk310
 
PDF
半導体デバイス工学 第1章
Kiyoteru Hayama
 
PPTX
GymNow - Unlimited Fitness Choices
GymNow
 
PDF
MENA New Energy 2017 Prospectus
Tobias Crow
 
PPTX
Cyber Crime Seminar Jan 2015
Kevin Murphy
 
PPTX
Poonam handmade paper-final
Madhavi Verma
 
Cyber Sec Update Secure World Seattle Nov 13, 2014
Kevin Murphy
 
Discurso del Señor Ismael Plascencia Nuñez, presidente de CONCAMIN en la Inau...
Ismael Plascencia Nuñez
 
PARQUE CRETÁCICO. SUCRE, BOLIVIA
Maria Rosario Carrasco Patzi
 
ARCHIVO DE LA PAZ
Maria Rosario Carrasco Patzi
 
Mercator Ocean newsletter 36
Mercator Ocean International
 
press-release.pdf
unn | UNITED NEWS NETWORK GmbH
 
Galalab mo game_design_contest_(team ik)_ (the guardians)
Nam Jinwoo
 
Data, Privacy and the Cloud: Oh my!
Jason Neiffer
 
2012-am-workshop-spousal1
Yvonne Lefort, MA
 
Resume_Darshan
Darshan Malpathak
 
TIK IXC Kelompok 7 - Bab 2
Satria Manggala Jati
 
Mapa conceptual gerencia de proyectos tecnología educativa
Diair Becerra
 
Análisis publicitario Cristina Rodríguez Donaire
Cristinadonaire
 
12
Goncharuk310
 
半導体デバイス工学 第1章
Kiyoteru Hayama
 
GymNow - Unlimited Fitness Choices
GymNow
 
MENA New Energy 2017 Prospectus
Tobias Crow
 
Cyber Crime Seminar Jan 2015
Kevin Murphy
 
Poonam handmade paper-final
Madhavi Verma
 
Ad

Similar to SecureWorld Seattle Vulnerability Mgmt Nov 11 2015 (20)

PDF
Patch and Vulnerability Management
Marcelo Martins
 
PPTX
Why Patch Management is Still the Best First Line of Defense
Lumension
 
PDF
Vulnerability and Patch Management
n|u - The Open Security Community
 
PPTX
Patch Management Best Practices 2019
Ivanti
 
PDF
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
North Texas Chapter of the ISSA
 
PPTX
Prevent Getting Hacked by Using a Network Vulnerability Scanner
GFI Software
 
PPTX
The Threat Is Real. Protect Yourself.
2nd Sight Lab
 
PPTX
How to Perform Continuous Vulnerability Management
Ivanti
 
PDF
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
OpenDNS
 
PPTX
CyberCare Pro - Cybersecurity for SME's updated.pptx
margueritemcleod1
 
PPTX
Vulnerability Management
justinkallhoff
 
PDF
Vulnerability Management.pdf
IntuitiveCloud
 
PPTX
Cybersecurity Basics of awareness presentation .pptx
williambillrials
 
PPTX
Be More Secure than your Competition: MePush Cyber Security for Small Business
Art Ocain
 
PPTX
Fears and fulfillment with IT security
David Strom
 
PPT
It's Your Move: The Changing Game of Endpoint Security
Lumension
 
PPTX
Internet safety and you
Art Ocain
 
PPTX
IT Security Basics For Managers
Daniel Owens
 
PPTX
threat_and_vulnerability_management_-_ryan_elmer_-_frsecure.pptx
ImXaib
 
PPT
Vuln.ppt
karthikvcyber
 
Patch and Vulnerability Management
Marcelo Martins
 
Why Patch Management is Still the Best First Line of Defense
Lumension
 
Vulnerability and Patch Management
n|u - The Open Security Community
 
Patch Management Best Practices 2019
Ivanti
 
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
North Texas Chapter of the ISSA
 
Prevent Getting Hacked by Using a Network Vulnerability Scanner
GFI Software
 
The Threat Is Real. Protect Yourself.
2nd Sight Lab
 
How to Perform Continuous Vulnerability Management
Ivanti
 
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
OpenDNS
 
CyberCare Pro - Cybersecurity for SME's updated.pptx
margueritemcleod1
 
Vulnerability Management
justinkallhoff
 
Vulnerability Management.pdf
IntuitiveCloud
 
Cybersecurity Basics of awareness presentation .pptx
williambillrials
 
Be More Secure than your Competition: MePush Cyber Security for Small Business
Art Ocain
 
Fears and fulfillment with IT security
David Strom
 
It's Your Move: The Changing Game of Endpoint Security
Lumension
 
Internet safety and you
Art Ocain
 
IT Security Basics For Managers
Daniel Owens
 
threat_and_vulnerability_management_-_ryan_elmer_-_frsecure.pptx
ImXaib
 
Vuln.ppt
karthikvcyber
 

SecureWorld Seattle Vulnerability Mgmt Nov 11 2015

  • 1. Kevin J. Murphy Cyber Security Defense by Effective Vulnerability Mgmt. Director, Windows Security Architecture
  • 2. Agenda 2 • Before We Begin.. • Year in Review: Cyber Crime & Nation States, Breaches, & Trends • Core of Vulnerability Management • Best Practices • Peer discussion
  • 7. Year in Review : Baits and Social Media 7
  • 8. Year in Review : Identity Exposure 8 This data was before the US Gov. OPM breach of 21.5 million identities
  • 9. Year in Review : Attack Profiles 9
  • 10. Year in Review : Cyber crime and Nation Threats 10 • 43% of all cyber attacks originated in China in 2014. http://vpncreative.net (I don’t believe this. I think China just gets caught) • Mobile O/S and app threats are rising as vectors into the enterprise • Dating sites have targeted phishing attacks • Facebook Twitter & Pinterest –sharing links to friends that are links to malware
  • 11. Patch Management : Just Do IT! Please download this doc. Most attacks use known vulnerabilities Patches are available in most cases This should be considered as part of the normal operations
  • 12. Patch Management: Core Elements 1. Accurate Asset Inventory a. Make sure you know your assets better than your attacker. 2. Patch availability awareness a. Microsoft Security Response Center b. http://csrc.nist.gov/ c. Your software vendors 3. Timely Monitoring, Scanning & Alerting infrastructure This should be considered as part of the normal operations
  • 13. Patch Management: Core Elements 4. Type of Patches a. Core operating systems patches: Windows, Linux, Android, iOS, other b. Infrastructure patches: Cisco, Juniper, F5, Palo Alto, etc. c. Your application patches: 3rd party, your internal developed apps., mobile apps. d. Monitor tool patches e. Don’t forget your outliers: security cameras, HVAC, etc. This should be considered as part of the normal operations
  • 14. Patch Management : Deployment  Plan on rolling out patches monthly  Critical patches should be patched out of sequence if an active exploit is in progress  Always test your patches first!  Full-time team  Fully funded in your budget cycle  Patch status should be part of your normal information system reporting metrics This should be viewed as part of the normal operations of your systems
  • 15. Patch Management : Tips  Attackers would love to infect your patch and have you roll out their malware for them.  Use checksums/strong hash to verify patch integrity  Maintain configuration control  Secure network file transfer if possible  Automate and Phase your deployment to patch your high value systems first Verify your patch isn’t creating an outage Protect your patching infrastructure.
  • 16. Patch Management : Cloud Based Systems  In most cases, your cloud provided will handle patches from the hypervisor and below  You still own patching your cloud based applications  Verify you cloud service level agreements and  Make sure there are no patching gaps. (Find the coverage gaps before your attacker does.)

Editor's Notes

  • #18: Intel collected – By knowing all the logging sources and working with the customer to incorporate them into the Detection Controls strategy, we will know what they have and the Good, Bad, and the Ugly of the entire environment.
  • #19: Intel collected – By knowing all the logging sources and working with the customer to incorporate them into the Detection Controls strategy, we will know what they have and the Good, Bad, and the Ugly of the entire environment.