September 2012 Security Vulnerability Session
2 likes788 views
This document summarizes a security vulnerability presentation given by Jason Dettbarn of Kaseya. Jason has a background in computer science and network security. He discusses the prevalence and persistence of software vulnerabilities, how quickly exploits emerge after announcements, and the need to rapidly patch third-party software like Java, Flash and Office applications. Jason promotes Kaseya's software deployment and update tool for efficiently deploying patches across an organization's systems.
September 2012 Security Vulnerability Session
- 1. Starting in 2 Minutes… 2:02PM ET / 11:02AM PT September 2012 Security Vulnerability Session Jason Dettbarn Senior Security Analyst Kaseya
- 2. Today’s Speaker Jason Dettbarn Senior Security Analyst About Jason: - MS in Computer Science - 8 Years Embedded Software Engineer - Research in Network Security & Encryption
- 3. No borders (Online Threats Worldwide March – SecureNet.com)
- 4. The Laws of Vulnerabilities • Prevalence: Measures the turnover rate of vulnerabilities in the “Top 20” list during a year. • Half of the most prevalent critical vulnerabilities are STILL replaced by new vulnerabilities each year. in the top 20 vulnerabilities list after a FULL year. • Persistence: Total life span of vulnerabilities. • Persistence remains virtually unlimited. • Exploitation: Time interval between an exploit announcement and the first attack. • Average < 10 days • Half-life: Time interval for reducing occurrence of a vulnerability by half. • Average is 30 days, varying by industry sector.
- 5. Average…
- 6. Vulnerability Defense • Anti-virus • Anti-malware • Microsoft Updates • 3rd Party Updates • Control, LPU • App audit/block • Location alerts • Secure/recover stolen assets/data • Server Access – No more holes
- 7. Kaseya Security Stack Patching Antivirus AntiMalware Remediation Agent Operating Procedures System Kaseya Antivirus MS Office Monitoring Kaseya AntiMalware Service Desk Kaseya & PSA Endpoint 3rd Party * Security Scheduling & Management
- 8. Security Through Obscurity • Hidden Web URLs • Port Checking or Port Redirection • Temporary Applications (http/ftp/telnet/wifi)
- 9. Stuxnet Virus Break Into Hardened Nuclear Facilities?
- 10. How Did They Do It USB Drives Dropped in Parking Lot (leveraging autorun on the USB)
- 11. Distributed Computing Folding@Home (Stanford Program) SETI @Home
- 12. Botnet Virus Millions of dormant blackhat botents available for purchase
- 13. Windows Patching & Firewalls are not enough 3rd Party Software Vulnerabilities are currently the highest form of exploits today
- 14. MS Internet Explorer One of the first vulnerabilities to affect all production shipping versions of the browser & OS
- 15. Java – two zero-day exploit - Java 7 Update 7 – Addresses 2 active zero-day exploits - Not Fixed = Stille exists ability to disable JVM sandbox and allows remote code execution
- 16. Adobe Flash – APSB12-19 - Flash Player 11.4 – Addresses 6 security updates (released 8/31) - Considered also be at fault within an Internet Explorerer Vulnerability
- 17. Software Deploy & Update • Java Updates • Adobe Flash • Other 3rd Party Software • Approve Updates for All Systems Try KSDU http://www.kaseya.com/lps/global/lp/ksdu-trial.aspx
- 18. 50% Off Promotion Ends 9/31 • Java Updates • Adobe Flash • Other 3rd Party Software Try KSDU http://www.kaseya.com/lps/global/lp/ksdu-trial.aspx
- 19. Sofware Deployment & Update • Kaseya bullet-proof in industry • Partners success is our success • Time to manage new system provisioning • Time involved in auditing and patching WHY NOW? Promotion ending 9/31/2012 50% OFF
- 20. Sofware Deployment & Update TRY IT! http://www.kaseya.com/lps/global/lp/ksdu-trial.aspx https://www1.gotomeeting.com/register/310107217
- 21. Questions & Answers Follow-up Questions to: Jason Dettbarn jason.dettbarn@kaseya.com
Editor's Notes
- #4: Current THREAT levels.In addition to THREATS that are already detected, new ones are being developed on a daily basis to take advantage of flaws in operating systems and applications. Browsers and media applications like Adobe Flash are less apparent delivery methods that can be exploited. A solid security policy that includes regular OS and Application Patching, accessing and using a system with a non-administrator accounts and reliable anti-virus and malware programs can drastically reduce your risk profile.Worm is a sub-class of a virus but it can spread without human action by replicating itself as well as taking advantage of other transport features on a machine, most often causing network issues by sending out hundreds and thousands of copies of itself.
- #5: Long term research project by QualysEighty percent of vulnerability exploits are now available within single digit days after the vulnerability's public release. Exploitation – Nearly all damage from automated attacks is during the first 15 days of outbreak.compared to 60 days in 2004.