Uncovering Vulnerabilities Beyond Software Vulnerabilities
Download as PPTX, PDF0 likes26 views
The document discusses various types of vulnerabilities that go beyond software vulnerabilities, including security misconfigurations, IT asset exposures, and human weaknesses. It emphasizes the importance of comprehensive vulnerability management frameworks to identify, assess, and remediate security risks effectively. Additionally, it highlights that just managing CVEs is insufficient for preventing cyber attacks, as attackers exploit multiple weaknesses within an organization's IT infrastructure.
Uncovering Vulnerabilities Beyond Software Vulnerabilities
- 2. WHAT IS A VULNERABILITY? 02 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY Vulnerability is a security loophole that can be exploited by cybercriminals to gain unauthorized access to the network. However, CVEs or Software Vulnerabilities are only considered as vulnerability leaving behind the other security loopholes. Are managing only CVEs or Software vulnerabilities sufficient to prevent Cyber Attacks?
- 3. 03 Copyright © 2008 - 2020 SecPod Technologies - AUTHORISED USE ONLY Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY Logon AutoStart Untrusted Apps Hardcoded secrets in PowerShell Script Misconfigured Account Privileges DNS Cache Poisoning Exposed Assets and Data Sources Poisoned Software Packages Bypassing Security Controls WHAT ARE ATTACKERS EXPLOITING TODAY? Exposed Network Shares Run or Start up Programs VPN Software Sensitive Information in Logs & Scripts
- 4. 04 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY MITRE ATTACK TECHNIQUES Logon AutoStart Execution DNS/DHCP Spoofing Start-up Folders Kernel Modules & Extension Logon Scripts Browser bookmark discovery/ Extensions Password Guessing Clipboard data Cloud discovery services Command & Script Interpreters/ PowerShell Python/ VB Scripts/JavaScript Web Services/ Cloud Services Network Share drives Digital Certificates File & Directory permissions
- 5. DIFFERENT TYPES OF VULNERABILITIES IN AN ATTACK SURFACE 05 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY
- 6. 06 Copyright © 2008 - 2020 SecPod Technologies - AUTHORISED USE ONLY Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY SOFTWARE VULNERABILITIES Software vulnerability is a defect in a software that could allow an attacker to gain unauthorized access to the network. Some of the popular software vulnerabilities include: Apache Webserver Log4J Exchange Servers Spring4shell
- 7. 07 Copyright © 2008 - 2020 SecPod Technologies - AUTHORISED USE ONLY Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY MISCONFIGURATIONS Security misconfigurations are inaccurately configured settings that leave an organization’s IT infrastructure at risk. Some of the misconfigurations include: Weak Passwords Public Access to SMB shared Outdated Protocols Word-writable file
- 8. 08 Copyright © 2008 - 2020 SecPod Technologies - AUTHORISED USE ONLY Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY IT ASSET EXPOSURES IT asset exposures comprises of the risks in the IT infrastructure. Presence of any malicious or shadow IT in the network will lead to huge security mishaps. A few examples of IT asset exposures: End of Life/ End of Support Software Untrusted Executables Unwanted Software Exposed Device
- 9. 09 Copyright © 2008 - 2020 SecPod Technologies - AUTHORISED USE ONLY Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY MISSING CRITICAL SECURITY PATCHES Security patches are essential to update an application or a system to fix a vulnerability prevalent in them. Not patching them continuously will lead to massive cyberattacks like WannaCry.
- 10. 010 Copyright © 2008 - 2020 SecPod Technologies - AUTHORISED USE ONLY Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY SECURITY CONTROL DEVIATIONS & ANOMALIES Deviations or anomalies in crucial security controls might open door for numerous cyberattacks. A few of the security control deviations include: • Enabled IP Forwarding • Disabled Firewall • Non functioning Antivirus • Lack of Device Encryption
- 11. 011 Copyright © 2008 - 2020 SecPod Technologies - AUTHORISED USE ONLY Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY HUMAN WEAKNESSES Humans are biggest attack vector in any IT network. The recent CISO breach where an attacker gain unauthorized access through an employee’s personal vault is the biggest example of humans as weak links.
- 12. 012 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY ATTACK SURFACE MANAGEMENT OVERVIEW OF ORGANIZATIONS ATTACK SURFACE Enterprise computing infrastructure Perimeter-less personal device Utilized software services Cloud infrastructure Applications running on cloud infrastructure Data storage External exposed assets
- 13. 13 Copyright © 2008 - 2022 SecPod Technologies - AUTHORISED USE ONLY ADVANCED VULNERABILITY MANAGEMENT FRAMEWORK Gain Visibility into IT Infrastructure REPORT VISIBILITY IDENTIFY ASSESS REMEDIATE PRIORITIZE Vulnerabilities Misconfigurations Missing Patches Other Security Risk Exposures Assess security risk from single console and insightful reports Prioritise vulnerabilities and missing patches based on severity Patch Vulnerabilities Fix Misconfigurations Apply Security Controls • Manage Vulnerabilities & Security Risks Beyond CVEs • Mitigate Vulnerabilities On-time with Integrated Remediation Controls • Execute everything from a truly integrated, centralized console • Automate end-to-end tasks and establish a continuous routine Perform strategic analysis with insightful and customizable reports Centralised Management Console APIs APIs
- 14. For inquiries, contact us at: Email: info@secpod.com WWW.SECPOD.COM PREVENT CYBER ATTACKS. CONTINUOUS. AUTOMATED. TRY SANERNOW FREE