Check list เตร ยมความพร อมด าน Cyber Security ให หน วยงาน 6 th October 2015 Avirut Liangsiri 1. Effective:

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Check list เตร ยมความพร อมด าน Cyber Security ให หน วยงาน 6 th October 2015 Avirut Liangsiri 1. Effective: 2015-07-01"

Transcription

1 Check list เตร ยมความพร อมด าน Cyber Security ให หน วยงาน 6 th October 2015 Avirut Liangsiri 1

2 Agenda Traditional vs. Modern Cyber Defense แตกต างหร อส งเสร มก นและก น อย างไร? Industry Standard Checklist for Cyber Security Security Configuration สาค ญอย างไรในการเตร ยมการณ เพ อร บม อภ ยค กคามย ค ใหม (Security Configuration Management for Modern Threat mitigation) Security Control ท สาค ญในการป องก นและตรวจจ บภ ยค กคาม (SANS Top 20 Security Controls) 2

3 Traditional vs. Modern Cyber Defense 3

4 Traditional Cyber Defense What does a typical cyber defense entail? Traditional!= Outdated Devices Shiny, sexy, 2.0, NG, cloud, mobile awesomeness can comprise a traditional security architecture So what constitutes a traditional approach to cyber defense then? 4

5 Prevention Sanity Check Quick sanity check for your organization Take a network map and consider security controls If a control is primarily preventive note a P If primarily detective note it with a D Add up all the P's and compare to the D's Most organizations are >80% preventive 5

6 Sanity Check Illustrated Preventive Firewall IPS NGFW Antivirus Proxy Web Content Filter Malware Detonation Devices DLP NAC Detective IDS SIM/SIEM 6

7 Traditional Cyber Defense Characteristics Preventive Oriented Perimeter Focused Addresses Layer 3/4 Centralized IS/Security Device Driven Security 7

8 Traditional Successes Conceptually simple architecture (easy) Staffing requirements fairly low (cheap) Staff skill required not extremely high (cheap) CAPEX relatively low by comparison (cheap) OPEX extremely low by comparison (cheap) Unlikely to detect breaches (easy) - Which reduces breach notification likelihood (cheap) Management typically likes cheap and easy Shortcomings discussed later 8

9 Modern Cyber Defense Principles Characteristics Detection-Oriented Proactive Detection : Hunt Teams Post-Exploitation Focused Response-Driven Layer 7 Aware Decentralized Data/Systems Risk Informed Network Security Monitoring Continuous Security Monitoring 9

10 Traditional vs. Modern C2 10

11 Industry Standard Checklist for Cyber Security 11

12 Recognized Checklist ISO/IEC 27001:2013 ISMS It is a specification for an information security management system (ISMS). Organizations which meet the standard may gain an official certification issued by an independent and accredited certification body on successful completion of a formal audit process. SANS Top 20 Security Control The Top 20 Critical Security Controls (20 CSC also known as the Consensus Audit Guidelines (CAG) and formerly referred to as the SANS 20 Critical Security Controls) have emerged as the de facto yardstick by which corporate security programs can be measured,. NIST (Security and Privacy Controls for Federal Information Systems and Organizations) 12

13 Top 20 Critical Security Controls The Top 20 Critical Security Controls (20 CSC also known as the Consensus Audit Guidelines (CAG) and formerly referred to as the SANS 20 Critical Security Controls) have emerged as the de facto yardstick by which corporate security programs can be measured,. The 20 CSC are now governed by the Council on Cyber Security, an independent, expert, not-for-profit organization with a global scope. The development of this set of standards was first undertaken in 2008 by the National Security Agency at the behest of the US Secretary of Defense in an effort to efficiently direct resources towards combating the most common network vulnerabilities which resulted in the greatest number of attack vectors. In 2008, the Office of the Secretary of Defense asked the National Security Agency for help in prioritizing the myriad security controls that were available for cyber security. 13

14 Security Configuration Management for Modern Threat mitigation 14

15 15 15

16 1 the 1 st priority 16 16

17 2 2 nd most effective 17 17

18 3 3rd most important 18 18

19 4 four highest-priority 19 19

20 Fundamental SecOps File Integrity Monitoring FIM Captures Baseline State as a Digital Fingerprint Current running state New changes determined Baseline State Compare Compare Compare 20

21 Continuously Detect for Unauthorized Changes 1. Detect all configuration changes 2. Analyze change activity 3. Take Action Investigate Changes Manual Changes Automated Changes!!!!! Type of Change? Type of System? Within Maintenance Window? Made by Authorized Users?!!!!!!!!! Security & Ops Reports Scripted Changes!!! Matches Release System? Passes Compliance Tests? Remediate Changes Networks Servers Servers Domain Directories Databases User-defined Policies! Visibility Accountability Control Automatic filtering of change - By change or system type - By policy criteria - Conditional actions 21

22 Sample of Security and Compliance Policies AIX Cisco IOS Cisco PIX HP-UX IBM DB2 Linux (Red Hat) Linux (SUSE) Microsoft Exchange Microsoft IIS MS SQL Server 2000 MS SQL Server 2005 MS SQL Server 2008 Oracle 9i Oracle 10g Oracle 11g Solaris 8,9 & 10 VMware ESX Windows Server 2000 Windows Server 2003 Windows Server 2008 Windows Server DC Windows Server DM Windows XP and Vista 22

23 A Comprehensive Approach to Addressing Security Security Configuration Assessment Assess existing Controls Gap against Baselines/Standards 23

24 A Comprehensive Approach to Addressing Security Devise Remediation Plan Achieve the Baselines/Standards State 24

25 A Comprehensive Approach to Addressing Security Maintain Known & Trusted State Real-time Alert on Deviation Before & After View 25

26 Strong Security is More Important Than Ever Compromise takes minutes. Discovery takes weeks & months Data Breach Investigations Report 26 Verizon Business

27 Well Known Configuration Standard CIS Center for Internet Security ( configuration NIST National Checklist Program for IT Products Guidelines for Checklist Users and Developers ( vulnerabilities, configuration DISA STIG US DoD DISA Secure Technical Implementation Guide Different 9 levels (Mission Assurance Category (I-III) and Confidentiality Level (Public, Sensitive, Classified)) ( FDCC/USGCB US Federal Desktop Core Configuration focus mainly on desktop operating system (Windows XP, Vista, 7, 8, 10) started in 2007 by OMB ( 27

28 CIS Standard The CIS Security Benchmarks program provides well-defined, unbiased and consensus-based industry best practices to help organizations assess and improve their security. Resources include secure configuration benchmarks, automated configuration assessment tools and content, security metrics and security software product certifications. The Security Benchmarks program is recognized as a trusted, independent authority that facilitates the collaboration of public and private industry experts to achieve consensus on practical and actionable solutions. Because of this reputation, our resources are recommended as industryaccepted system hardening standards and are used by organizations in meeting compliance requirements for FISMA, PCI, HIPAA and other security requirements. 28

29 CIS Checklist Example (Windows XP) 29

30 CIS Listed Systems Amazon Linux Benchmarks Apache HTTP & Tomcat Benchmarks Apache HTTP Server Assessment Tool Apple ios Benchmarks Apple OSX Benchmarks Apple Safari Benchmarks Benchmark Mappings: Medical Device Security Standards CentOS Linux Benchmarks CheckPoint Firewall Benchmarks Cisco Device Benchmarks Consensus Security Metrics Debian Linux Benchmarks Docker Benchmarks FreeBSD Benchmarks FreeRadius Benchmarks Google Android Benchmarks HP-UX Benchmarks IBM AIX Benchmarks IBM DB2 Benchmarks ISC BIND Benchmarks Juniper Device Benchmarks Kerberos Benchmarks LDAP Benchmarks Microsoft Exchange Server Benchmarks Microsoft IIS Benchmarks Microsoft Internet Explorer Benchmarks Microsoft MS SQL Server Benchmarks Microsoft Office Benchmarks Microsoft SharePoint Server Benchmarks Microsoft Windows 7 Benchmarks Microsoft Windows 8 Benchmarks Microsoft Windows NT Benchmarks Microsoft Windows Server 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2012 Microsoft Windows XP Benchmarks Mozilla Firefox Benchmarks Multi Function Print Devices Benchmark MySQL Database Server Benchmarks Novell Netware Benchmarks Opera Benchmarks Oracle Database Server Assessment Tool Oracle Database Server Benchmarks Oracle Linux Benchmarks Oracle Solaris Benchmarks Red Hat Linux Benchmarks Router Assessment Tool Slackware Linux Benchmarks SuSE Linux Benchmarks Sybase ASE Benchmarks Ubuntu Linux Benchmarks Unix Assessment Tools Virtualization Benchmarks VMware Benchmarks Wireless Network Devices Benchmarks Archive Xen Benchmarks 30

31 NIST Checklist Download Page (checklists.nist.gov) The Security Content Automation Protocol (SCAP) is a synthesis of interoperable specifications derived from community ideas. ( 31

32 NIST Category Supported Category Antivirus Software Application Server Authentication Configuration Management Software Database Management System Desktop Application Desktop Client Directory Service DNS Server Server Encryption Software Enterprise Application Firewall Handheld Device Identity Management Intrusion Detection System KVM Malware Mobile Solution Multi-Functional Peripheral Network Router Network Switch Office Suite Operating System Peripheral Device Security Server Server Virtualization Software Web Browser Web Server Wireless Wireless Network 32

33 DISA STIG The Security Technical Implementation Guides (STIGs) and the NSA Guides are the configuration standards for DOD IA and IA-enabled devices/systems. Since 1998, DISA has played a critical role enhancing the security posture of DoD's security systems by providing the Security Technical Implementation Guides (STIGs). The STIGs contain technical guidance to "lock down" information systems/software that might otherwise be vulnerable to a malicious computer attack. Complete list (541): 33

34 FDCC/USGCB The Federal Desktop Core Configuration was a list of security settings recommended by the National Institute of Standards and Technology for general-purpose microcomputers that are connected directly to the network of a United States government agency. FDCC applied only to Windows XP and Vista desktop and laptop computers. FDCC was replaced by the United States Government Configuration Baseline (USGCB), which also includes settings for Windows 7 and Red Hat Enterprise Linux 5. 34

35 USGCB Content Page 35

36 SANS Top 20 Security Control in detail 36

37 SANS Critical Security Controls v5 1. Inventory of Authorized and Unauthorized Devices 2. Inventory of Authorized and Unauthorized Software 3. Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers 4. Continuous Vulnerability Assessment and Remediation 5. Malware Defenses 6. Application Software Security 7. Wireless Access Control 8. Data Recovery Capability 9. Security Skills Assessment and Appropriate Training to Fill Gaps 10.Secure Configurations for Network Devices such as Firewalls, Routers, and Switches 11.Limitation and Control of Network Ports, Protocols, and Services 12.Controlled Use of Administrative Privileges 13.Boundary Defense 14.Maintenance, Monitoring, and Analysis of Audit Logs 15.Controlled Access Based on the Need to Know 16.Account Monitoring and Control 17.Data Protection 18.Incident Response and Management 19.Secure Network Engineering 20.Penetration Tests and Red Team Exercises 37

38 NSA Ranking on 20 CSC 38

39 Critical Security Controls by trending 39

40 Critical Security Controls V6 comparison 40

41 Critical Security Controls V6 comparison 41

42 Question & Answer 42

43 ขอบพระค ณ! 43

Measurably reducing risk through collaboration, consensus & practical security management. 2013 CIS Security Benchmarks 1

Measurably reducing risk through collaboration, consensus & practical security management. 2013 CIS Security Benchmarks 1 Measurably reducing risk through collaboration, consensus & practical security management 2013 CIS Security Benchmarks 1 Background City University of New York s Rights and Benefits as a CIS Security Benchmarks

More information

Measurably reducing risk through collaboration, consensus & practical security management. 2015 CIS Security Benchmarks 1

Measurably reducing risk through collaboration, consensus & practical security management. 2015 CIS Security Benchmarks 1 Measurably reducing risk through collaboration, consensus & practical security management 2015 CIS Security Benchmarks 1 Background State of Idaho s Rights and Benefits as a CIS Security Benchmarks Member

More information

Cyber Threats, Trends, and Security Configurations. June 2, 2015. Shevaun Culmer-Reid, Program Manager

Cyber Threats, Trends, and Security Configurations. June 2, 2015. Shevaun Culmer-Reid, Program Manager Cyber Threats, Trends, and Security Configurations June 2, 2015 Shevaun Culmer-Reid, Program Manager The Center for Internet Security is an international nonprofit organization focused on enhancing cyber

More information

Looking at the SANS 20 Critical Security Controls

Looking at the SANS 20 Critical Security Controls Looking at the SANS 20 Critical Security Controls Mapping the SANS 20 to NIST 800-53 to ISO 27002 by Brad C. Johnson The SANS 20 Overview SANS has created the 20 Critical Security Controls as a way of

More information

Larry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping

Larry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control

More information

THE TOP 4 CONTROLS. www.tripwire.com/20criticalcontrols

THE TOP 4 CONTROLS. www.tripwire.com/20criticalcontrols THE TOP 4 CONTROLS www.tripwire.com/20criticalcontrols THE TOP 20 CRITICAL SECURITY CONTROLS ARE RATED IN SEVERITY BY THE NSA FROM VERY HIGH DOWN TO LOW. IN THIS MINI-GUIDE, WE RE GOING TO LOOK AT THE

More information

Critical Controls for Cyber Security. www.infogistic.com

Critical Controls for Cyber Security. www.infogistic.com Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability

More information

CimTrak Technical Summary. DETECT All changes across your IT environment. NOTIFY Receive instant notification that a change has occurred

CimTrak Technical Summary. DETECT All changes across your IT environment. NOTIFY Receive instant notification that a change has occurred DETECT All changes across your IT environment With coverage for your servers, network devices, critical workstations, point of sale systems, and more, CimTrak has your infrastructure covered. CimTrak provides

More information

An Overview of Information Security Frameworks. Presented to TIF September 25, 2013

An Overview of Information Security Frameworks. Presented to TIF September 25, 2013 An Overview of Information Security Frameworks Presented to TIF September 25, 2013 What is a framework? A framework helps define an approach to implementing, maintaining, monitoring, and improving information

More information

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask Everything You Wanted to Know about DISA STIGs but were Afraid to Ask An EiQ Networks White Paper 2015 EiQ Networks, Inc. All Rights Reserved. EiQ, the EiQ logo, the SOCVue logo, SecureVue, ThreatVue,

More information

Configuration Audit & Control

Configuration Audit & Control The Leader in Configuration Audit & Control Configuration Audit & Control Brett Bartow - Account Manager Kelly Feagans, Sr. Systems Engineer ITIL, CISA March 4, 2009 Recognized leader in Configuration

More information

SANS Top 20 Critical Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a

More information

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current

More information

IBM Tivoli Endpoint Manager for Security and Compliance

IBM Tivoli Endpoint Manager for Security and Compliance IBM Endpoint Manager for Security and Compliance A single solution for managing endpoint security across the organization Highlights Provide up-to-date visibility and control from a single management console

More information

Virtualization Journey Stages

Virtualization Journey Stages Deep Security 7.5 Todd Thiemann Sr. Dir. of Datacenter Security Marketing Trend Micro Harish Agastya Director of Datacenter Security Marketing Trend Micro Classification 11/12/2010 1 Virtualization Journey

More information

IBM Tivoli Endpoint Manager for Security and Compliance

IBM Tivoli Endpoint Manager for Security and Compliance IBM Endpoint Manager for Security and Compliance A single solution for managing endpoint security across the organization Highlights Provide up-to-date visibility and control from a single management console

More information

VULNERABILITY & COMPLIANCE MANAGEMENT SYSTEM

VULNERABILITY & COMPLIANCE MANAGEMENT SYSTEM VULNERABILITY & COMPLIANCE MANAGEMENT SYSTEM 2 REDUCE COSTS. IMPROVE EFFICIENCY. MANAGE RISK. MaxPatrol from Positive Technologies provides visibility and control of security compliance across your entire

More information

Defending Against Data Beaches: Internal Controls for Cybersecurity

Defending Against Data Beaches: Internal Controls for Cybersecurity Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity

More information

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense A Trend Micro Whitepaper I February 2016 Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense How Trend Micro Deep Security Can Help: A Mapping to the SANS Top 20 Critical

More information

Symantec IT Management Suite 8.0

Symantec IT Management Suite 8.0 IT Flexibility. User Freedom. Data Sheet: Endpoint Management Overview of Symantec IT Management Suite Symantec IT Management Suite enables IT administrators to securely manage the entire lifecycle of

More information

SNOW LICENSE MANAGER (7.X)... 3

SNOW LICENSE MANAGER (7.X)... 3 SYSTEM REQUIREMENTS Products Snow License Manager Snow Automation Platform Snow Device Manager Snow Inventory Server, IDR, IDP Mobile Information Server Client for Windows Client for Linux Client for Unix

More information

Wasting Money on the Tools? Automating the Most Critical Security Controls. Mason Brown Director, The SANS Institute

Wasting Money on the Tools? Automating the Most Critical Security Controls. Mason Brown Director, The SANS Institute Wasting Money on the Tools? Automating the Most Critical Security Controls Bonus: Gaining Support From Top Managers for Security Investments Mason Brown Director, The SANS Institute The Most Trusted Name

More information

SNOW LICENSE MANAGER (7.X)... 3

SNOW LICENSE MANAGER (7.X)... 3 SYSTEM REQUIREMENTS Products Snow License Manager Software Store Option Snow Inventory Server, IDR, IDP Client for Windows Client for Linux Client for Unix Client for OS X Oracle Scanner Snow Integration

More information

Security Solutions. MyDBA s. Security Solutions. For Databases. October 2012. Copyright 2012 MyDBA CC. Version 3

Security Solutions. MyDBA s. Security Solutions. For Databases. October 2012. Copyright 2012 MyDBA CC. Version 3 MyDBA s Security Solutions For Databases October 2012 Version 3 The Protection of Personal Information (POPI) Bill The Bill requires that: Anyone who processes personal information will need to take appropriate

More information

SNOW LICENSE MANAGER (7.X)... 3

SNOW LICENSE MANAGER (7.X)... 3 SYSTEM REQUIREMENTS Products Snow License Manager Snow Inventory Server, IDR, IDP Client for Windows Client for Linux Client for Unix Client for OS X Oracle Scanner External Data Provider Snow Distribution

More information

Cautela Labs Cloud Agile. Secured.

Cautela Labs Cloud Agile. Secured. Cautela Labs Cloud Agile. Secured. Vulnerability Management Scanning and Assessment Service Vulnerability Management Services New network, application and database vulnerabilities emerge every day. Because

More information

Symantec's Continuous Monitoring Solution

Symantec's Continuous Monitoring Solution Preparing for FISMA 2.0 and Continuous Monitoring Requirements Symantec's Continuous Monitoring Solution White Paper: Preparing for FISMA 2.0 and Continuous Monitoring Requirements Contents Introduction............................................................................................

More information

PCI DSS AND THE TOP 20 CRITICAL SECURITY CONTROLS COMPARING SECURITY FRAMEWORKS SERIES

PCI DSS AND THE TOP 20 CRITICAL SECURITY CONTROLS COMPARING SECURITY FRAMEWORKS SERIES CONFIDENCE: SECURED WHITE PAPER PCI DSS AND THE TOP 20 CRITICAL SECURITY CONTROLS COMPARING SECURITY FRAMEWORKS SERIES ADVANCED THREAT PROTECTION, SECURITY AND COMPLIANCE BENCHMARKS, STANDARDS, FRAMEWORKS

More information

The Protection Mission a constant endeavor

The Protection Mission a constant endeavor a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring

More information

Check Point and Security Best Practices. December 2013 Presented by David Rawle

Check Point and Security Best Practices. December 2013 Presented by David Rawle Check Point and Security Best Practices December 2013 Presented by David Rawle Housekeeping o Mobiles on Silent o No File Alarms planned o Fire exits are in front and behind and down the stairs o Downstairs

More information

The Future Is SECURITY THAT MAKES A DIFFERENCE. Overview of the 20 Critical Controls. Dr. Eric Cole

The Future Is SECURITY THAT MAKES A DIFFERENCE. Overview of the 20 Critical Controls. Dr. Eric Cole The Future Is SECURITY THAT MAKES A DIFFERENCE Overview of the 20 Critical Controls Dr. Eric Cole Introduction Security is an evolution! Understanding the benefit and know how to implement the 20 critical

More information

Information Assurance, Network Ops, and Cyber Security: Filling the Gaps with SecureVue

Information Assurance, Network Ops, and Cyber Security: Filling the Gaps with SecureVue Information Assurance, Network Ops, and Cyber Security: Filling the Gaps with SecureVue EiQ Networks Information Assurance, Network Ops, and Cyber Security: Filling the Gaps with SecureVue Deploying Standard

More information

Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities

Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities Sean Barnum sbarnum@mitre.org September 2011 Overview What is SCAP? Why SCAP?

More information

Tivoli Endpoint Manager. Increasing the Business Value of IT, One Endpoint at a Time

Tivoli Endpoint Manager. Increasing the Business Value of IT, One Endpoint at a Time 1 Tivoli Endpoint Manager Increasing the Business Value of IT, One Endpoint at a Time Endpoint Management Cost Today s Endpoint Management Challenges Drive IT Costs Up More than 50% of end users change

More information

Microsoft Windows Apple Mac OS X

Microsoft Windows Apple Mac OS X Products Snow License Manager Snow Inventory Server, IDP, IDR Client for Windows Client for OS X Client for Linux Client for Unix Oracle Scanner External Data Provider Snow Distribution Date 2014-04-02

More information

CimTrak Technical Summary. DETECT All changes across your IT environment. NOTIFY Receive instant notification that a change has occurred

CimTrak Technical Summary. DETECT All changes across your IT environment. NOTIFY Receive instant notification that a change has occurred DETECT All changes across your IT environment With coverage for your servers, network devices, critical workstations, point of sale systems, and more, CimTrak has your infrastructure covered. CimTrak provides

More information

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to

More information

Security Content Automation Protocol for Governance, Risk, Compliance, and Audit

Security Content Automation Protocol for Governance, Risk, Compliance, and Audit UNCLASSIFIED Security Content Automation Protocol for Governance, Risk, Compliance, and Audit presented by: Tim Grance The National Institute of Standards and Technology UNCLASSIFIED Agenda NIST s IT Security

More information

ManageEngine (division of ZOHO Corporation) www.manageengine.com. Infrastructure Management Solution (IMS)

ManageEngine (division of ZOHO Corporation) www.manageengine.com. Infrastructure Management Solution (IMS) ManageEngine (division of ZOHO Corporation) www.manageengine.com Infrastructure Management Solution (IMS) Contents Primer on IM (Infrastructure Management)... 3 What is Infrastructure Management?... 3

More information

Jumpstarting Your Security Awareness Program

Jumpstarting Your Security Awareness Program Jumpstarting Your Security Awareness Program Michael Holcomb Director, Information Security HO20110473 1 Jumpstarting Your Security Awareness Program Classification: Confidential Owner: Michael Holcomb

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

8.0 System Requirements

8.0 System Requirements 8.0 System Requirements Console Supported Platforms Vendor OS Patch Level Microsoft Windows Server 2008 Windows Server 2003 Windows XP Red Hat Enterprise Linux 4 (v2.6 Linux kernel) Enterprise Linux 5

More information

Corporate Overview. MindPoint Group, LLC 8078 Edinburgh Drive, Springfield, VA 22153 Office: 703.636.2033 Fax: 866.761.7457 www.mindpointgroup.

Corporate Overview. MindPoint Group, LLC 8078 Edinburgh Drive, Springfield, VA 22153 Office: 703.636.2033 Fax: 866.761.7457 www.mindpointgroup. Corporate Overview MindPoint Group, LLC 8078 Edinburgh Drive, Springfield, VA 22153 Office: 703.636.2033 Fax: 866.761.7457 www.mindpointgroup.com IS&P Practice Areas Core Competencies Clients & Services

More information

Assuria Auditor The Configuration Assurance, Vulnerability Assessment, Change Detection and Policy Compliance Reporting Solution for Enterprise

Assuria Auditor The Configuration Assurance, Vulnerability Assessment, Change Detection and Policy Compliance Reporting Solution for Enterprise Assuria Auditor The Configuration Assurance, Vulnerability Assessment, Change Detection and Policy Compliance Reporting Solution for Enterprise 1. Introduction Information security means protecting information

More information

Navigate Your Way to NERC Compliance

Navigate Your Way to NERC Compliance Navigate Your Way to NERC Compliance NERC, the North American Electric Reliability Corporation, is tasked with ensuring the reliability and safety of the bulk power system in North America. As of 2010,

More information

Reference Testing Procedures for Trend Ready Verification

Reference Testing Procedures for Trend Ready Verification Reference Testing Procedures for Trend Ready Verification Table of Contents Importance of Cloud Security in Cloud Environments... 3... 3... 4 Cloud Security ALLIANCE Guidelines... 4 Implementation Model...

More information

SNOW LICENSE MANAGER (8.X)... 4

SNOW LICENSE MANAGER (8.X)... 4 SYSTEM REQUIREMENTS Products Snow License Manager Snow Automation Platform Snow Device Manager Snow Inventory Server, IDR, IDP Mobile Information Server Client for Windows Client for Unix Client for OS

More information

HP Security Assessment Services

HP Security Assessment Services HP Security Assessment Services HP Data Center Services Technical data Your corporate information and intellectual property are important assets that you want to protect from unauthorized users. Developing

More information

Microsoft Windows Apple Mac OS X

Microsoft Windows Apple Mac OS X Products Snow License Manager Snow Inventory Server, IDP, IDR Client for Windows Client for OSX Client for Linux Client for Unix Oracle Scanner External Data Provider Snow Distribution Date 2014-02-12

More information

Real-Time Auditing for SANS Consensus Audit Guidelines

Real-Time Auditing for SANS Consensus Audit Guidelines Real-Time Auditing for SANS Consensus Audit Guidelines Leveraging Asset-Based Configuration and Vulnerability Analysis with Real-Time Event Management July 31, 2012 (Revision 6) Ron Gula Chief Executive

More information

BladeLogic Software-as-a- Service (SaaS) Solution. Help reduce operating cost, improve security compliance, strengthen cybersecurity posture

BladeLogic Software-as-a- Service (SaaS) Solution. Help reduce operating cost, improve security compliance, strengthen cybersecurity posture BladeLogic Software-as-a- Service (SaaS) Solution Help reduce operating cost, improve security compliance, strengthen cybersecurity posture February 20, 2014 Contents The Configuration Security Compliance

More information

SMITHSONIAN INSTITUTION

SMITHSONIAN INSTITUTION SMITHSONIAN INSTITUTION FEDERAL INFORMATION SECURITY MANAGEMENT ACT (FISMA) 2012 INDEPENDENT EVALUATION REPORT TABLE OF CONTENTS PURPOSE 1 BACKGROUND 1 OBJECTIVES, SCOPE, AND METHODOLOGY 2 SUMMARY OF RESULTS

More information

Network and Security Controls

Network and Security Controls Network and Security Controls State Of Arizona Office Of The Auditor General Phil Hanus IT Controls Webinar Series Part I Overview of IT Controls and Best Practices Part II Identifying Users and Limiting

More information

ETHICAL HACKING 010101010101APPLICATIO 00100101010WIRELESS110 00NETWORK1100011000 101001010101011APPLICATION0 1100011010MOBILE0001010 10101MOBILE0001

ETHICAL HACKING 010101010101APPLICATIO 00100101010WIRELESS110 00NETWORK1100011000 101001010101011APPLICATION0 1100011010MOBILE0001010 10101MOBILE0001 001011 1100010110 0010110001 010110001 0110001011000 011000101100 010101010101APPLICATIO 0 010WIRELESS110001 10100MOBILE00010100111010 0010NETW110001100001 10101APPLICATION00010 00100101010WIRELESS110

More information

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led Certification: ENSA Exam 312-38 Course Description This course looks at the network security in defensive view.

More information

20 Critical Security Controls

20 Critical Security Controls WHITE PAPER June 2012 20 Critical Security Controls How CA Technologies can help federal agencies automate compliance processes Philip Kenney CA Security Management Table of Contents Executive Summary

More information

Managed Backup Service Supported Platforms

Managed Backup Service Supported Platforms Managed Backup Service Supported Platforms June 2013 2 Managed Backup Service Supported Platforms Updated: 26 th June 2013 InTechnology Supported Platforms The Managed Backup Service supports the following

More information

MySQL Security: Best Practices

MySQL Security: Best Practices MySQL Security: Best Practices Sastry Vedantam sastry.vedantam@oracle.com Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes

More information

THREAT VISIBILITY & VULNERABILITY ASSESSMENT

THREAT VISIBILITY & VULNERABILITY ASSESSMENT THREAT VISIBILITY & VULNERABILITY ASSESSMENT Date: April 15, 2015 IKANOW Analysts: Casey Pence IKANOW Platform Build: 1.34 11921 Freedom Drive, Reston, VA 20190 IKANOW.com TABLE OF CONTENTS 1 Key Findings

More information

TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION Treasury Inspector General for Tax Administration Federal Information Security Management Act Report October 27, 2009 Reference Number: 2010-20-004 This

More information

Defending the Database Techniques and best practices

Defending the Database Techniques and best practices ISACA Houston: Grounding Security & Compliance Where The Data Lives Mark R. Trinidad Product Manager mtrinidad@appsecinc.com March 19, 2009 Agenda Understanding the Risk Changing threat landscape The target

More information

Security for Virtualization

Security for Virtualization Security for Virtualization René Gundersen Senior Sales Engineer Where are you vulnerable? Takes days to months until patches are available and can be tested & deployed: Microsoft Tuesday Oracle Adobe

More information

Leveraging SANS Top 20 to develop a Security Engineering roadmap. Glen G. Walker 23 August 2014

Leveraging SANS Top 20 to develop a Security Engineering roadmap. Glen G. Walker 23 August 2014 Leveraging SANS Top 20 to develop a Security Engineering roadmap Glen G. Walker 23 August 2014 DISCLAIMER My personal experience, opinions and guidance Not endorsed by, approved by, or the opinion of Dignity

More information

Federal Desktop Core Configuration (FDCC)

Federal Desktop Core Configuration (FDCC) Federal Desktop Core Configuration (FDCC) Presented by: Saji Ranasinghe Date: October, 2007 FDCC Federal Desktop Core Configuration (FDCC) Standardized Configuration with Hardened Security Settings to

More information

John Smith Prattville, AL career@hashbangsecurity.com

John Smith Prattville, AL career@hashbangsecurity.com John Smith Prattville, AL career@hashbangsecurity.com Career Objective I am a certified and skilled senior security and UNIX systems administrator with over twenty years of experience. I am seeking a position

More information

Threat Center. Real-time multi-level threat detection, analysis, and automated remediation

Threat Center. Real-time multi-level threat detection, analysis, and automated remediation Threat Center Real-time multi-level threat detection, analysis, and automated remediation Description Advanced targeted and persistent threats can easily evade standard security, software vulnerabilities

More information

Security Management. Keeping the IT Security Administrator Busy

Security Management. Keeping the IT Security Administrator Busy Security Management Keeping the IT Security Administrator Busy Dr. Jane LeClair Chief Operating Officer National Cybersecurity Institute, Excelsior College James L. Antonakos SUNY Distinguished Teaching

More information

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

CH ENSA EC-Council Network Security Administrator Detailed Course Outline CH ENSA EC-Council Network Security Administrator Detailed Course Outline Summary Duration Vendor Audience 5 Days hands-on training EC-Council Security Professionals Level Technology Category Advance Ethical

More information

Continuous Network Monitoring for the New IT Landscape. March 16, 2015 (Revision 4)

Continuous Network Monitoring for the New IT Landscape. March 16, 2015 (Revision 4) Continuous Network Monitoring for the New IT Landscape March 16, 2015 (Revision 4) Table of Contents Introduction... 3 The New IT Landscape... 3 Gaps in the Modern IT Landscape... 5 Tenable s Five Critical

More information

Staying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro

Staying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro Staying Secure After Microsoft Windows Server 2003 Reaches End of Life Trevor Richmond, Sales Engineer Trend Micro Windows Server 2003 End of Life- Why Care? The next big vulnerability (Heartbleed/Shellshock)

More information

Trend Micro. Advanced Security Built for the Cloud

Trend Micro. Advanced Security Built for the Cloud datasheet Trend Micro deep security as a service Advanced Security Built for the Cloud Organizations are embracing the economic and operational benefits of cloud computing, turning to leading cloud providers

More information

Continuous Monitoring for the New IT Landscape. July 14, 2014 (Revision 1)

Continuous Monitoring for the New IT Landscape. July 14, 2014 (Revision 1) Continuous Monitoring for the New IT Landscape July 14, 2014 (Revision 1) Table of Contents Introduction... 3 The New IT Landscape... 3 Gaps in the New IT Landscape... 5 Tenable s Continuous Monitoring

More information

We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review

We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review The security threat landscape is constantly changing and it is important to periodically review a business

More information

PCI DSS Best Practices with Snare Enterprise Agents PCI DSS Best Practices with Snare Enterprise Agents

PCI DSS Best Practices with Snare Enterprise Agents PCI DSS Best Practices with Snare Enterprise Agents PCI DSS Best Practices with Snare Enterprise InterSect Alliance International Pty Ltd Page 1 of 9 About this document The PCI/DSS documentation provides guidance on a set of baseline security measures

More information

The Role of Security Monitoring & SIEM in Risk Management

The Role of Security Monitoring & SIEM in Risk Management The Role of Security Monitoring & SIEM in Risk Management Jeff Kopec, MS, CISSP Cyber Security Architect Oakwood Healthcare Jeff Bell, CISSP, GSLC, CPHIMS, ACHE Director, IT Security & Risk Services CareTech

More information

Chapter 1 The Principles of Auditing 1

Chapter 1 The Principles of Auditing 1 Chapter 1 The Principles of Auditing 1 Security Fundamentals: The Five Pillars Assessment Prevention Detection Reaction Recovery Building a Security Program Policy Procedures Standards Security Controls

More information

INFORMATION SECURITY TRAINING CATALOG (2015)

INFORMATION SECURITY TRAINING CATALOG (2015) INFORMATICS AND INFORMATION SECURITY RESEARCH CENTER CYBER SECURITY INSTITUTE INFORMATION SECURITY TRAINING CATALOG (2015) Revision 3.0 2015 TÜBİTAK BİLGEM SGE Siber Güvenlik Enstitüsü P.K. 74, Gebze,

More information

Seqrite Endpoint Security

Seqrite Endpoint Security Enterprise Security Solutions by Quick Heal Integrated enterprise security and unified endpoint management console Business Edition Product Highlights Innovative endpoint security that prevents data leakage,

More information

Application White Listing and Privilege Management: Picking Up Where Antivirus Leaves Off

Application White Listing and Privilege Management: Picking Up Where Antivirus Leaves Off Application White Listing and Privilege Management: Picking Up Where Antivirus Leaves Off Times have Changed & A/V Executives Agree An A/V product as your sole endpoint protection solution isn t enough.

More information

ForeScout CounterACT and Compliance June 2012 Overview Major Mandates PCI-DSS ISO 27002

ForeScout CounterACT and Compliance June 2012 Overview Major Mandates PCI-DSS ISO 27002 ForeScout CounterACT and Compliance An independent assessment on how network access control maps to leading compliance mandates and helps automate GRC operations June 2012 Overview Information security

More information

Sygate Secure Enterprise and Alcatel

Sygate Secure Enterprise and Alcatel Sygate Secure Enterprise and Alcatel Sygate Secure Enterprise eliminates the damage or loss of information, cost of recovery, and regulatory violation due to rogue corporate computers, applications, and

More information

Information Security Risk Assessment Checklist. A High-Level Tool to Assist USG Institutions with Risk Analysis

Information Security Risk Assessment Checklist. A High-Level Tool to Assist USG Institutions with Risk Analysis Information Security Risk Assessment Checklist A High-Level Tool to Assist USG Institutions with Risk Analysis Updated Oct 2008 Introduction Information security is an important issue for the University

More information

Network Security Administrator

Network Security Administrator Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze

More information

Research, recommend, and assist in implementing identity automation solution.

Research, recommend, and assist in implementing identity automation solution. Stephen Hargrove PO Box 592241 San Antonio, TX 78259 210-239-9763 stephen@stephenhargrove.com EXPERIENCE Information Security Officer Manager, Information Security Administration, UTHSCSA; San Antonio,

More information

Dynamic Data Center Compliance with Tripwire and Microsoft

Dynamic Data Center Compliance with Tripwire and Microsoft Dynamic Data Center Compliance with Tripwire and Microsoft white paper Configuration Control for Virtual and Physical Infrastructures For IT, gaining and maintaining compliance with one or more regulations

More information

SNOW LICENSE MANAGER (8.X)... 4. Administration Tool requirements (Windows application only)... 5. Web client requirements... 15

SNOW LICENSE MANAGER (8.X)... 4. Administration Tool requirements (Windows application only)... 5. Web client requirements... 15 SYSTEM REQUIREMENTS Products Snow License Manager Snow Automation Platform Snow Device Manager Snow Inventory Server, IDR, IDP Mobile Information Server Client for Windows Client for Unix Client for OS

More information

How Protected Is Your Enterprise?

How Protected Is Your Enterprise? How Protected Is Your Enterprise? Next Gen thinking and technology to help strengthen and protect your critical business systems and data Greg Belanger, CISSP Symantec (Canada) Corporation - Security Practice

More information

Compliance series Guide to meeting requirements of USGCB

Compliance series Guide to meeting requirements of USGCB Compliance series Guide to meeting requirements of USGCB avecto.com Contents Introduction to USGCB 2 > From FDCC to USGCB 3 > USGCB settings and standard user accounts 3 > Application compatibility 4 >

More information

SCAC Annual Conference. Cybersecurity Demystified

SCAC Annual Conference. Cybersecurity Demystified SCAC Annual Conference Cybersecurity Demystified Me Thomas Scott SC Deputy Chief Information Security Officer PMP, CISSP, CISA, GSLC, FEMA COOP Practitioner Tscott@admin.sc.gov 803-896-6395 What is Cyber

More information

STIGs,, SCAP and Data Metrics

STIGs,, SCAP and Data Metrics Defense Information Systems Agency A Combat Support Agency STIGs,, SCAP and Data Metrics Roger S. Greenwell, CISSP, CISA, CISM Technical Director / Capabilities Implementation Division DISA Field Security

More information

FISMA / NIST 800-53 REVISION 3 COMPLIANCE

FISMA / NIST 800-53 REVISION 3 COMPLIANCE Mandated by the Federal Information Security Management Act (FISMA) of 2002, the National Institute of Standards and Technology (NIST) created special publication 800-53 to provide guidelines on security

More information

Information Technology Security Policy for IBTS

Information Technology Security Policy for IBTS Information Technology Security Policy for IBTS Pakistan Stock Exchange Limited Table of contents Information Technology Security Policy for IBTS 1- INTRODUCTION AND SCOPE... 3 2- CHARTER OF THE DOCUMENT...

More information

December 8, 2016 Page 1. Tripwire, Inc. Tripwire Enterprise Platform Support Policy December 2016

December 8, 2016 Page 1. Tripwire, Inc. Tripwire Enterprise Platform Support Policy December 2016 December 8, 2016 Page 1 Tripwire, Inc. Tripwire Enterprise Platform Policy December 2016 SUPPORT DEFINITIONS Active No Officially supported by Tripwire as outlined in our support agreements, has no plans

More information

Top 20 Critical Security Controls

Top 20 Critical Security Controls Top 20 Critical Security Controls July 2015 Contents Compliance Guide 01 02 03 04 Introduction 1 How Rapid7 Can Help 2 Rapid7 Solutions for the Critical Controls 3 About Rapid7 11 01 INTRODUCTION The Need

More information

White Paper: Consensus Audit Guidelines and Symantec RAS

White Paper: Consensus Audit Guidelines and Symantec RAS Addressing the Consensus Audit Guidelines (CAG) with the Symantec Risk Automation Suite (RAS) White Paper: Consensus Audit Guidelines and Symantec RAS Addressing the Consensus Audit Guidelines (CAG) with

More information

Response to Questions CML 15-018 Managed Information Security

Response to Questions CML 15-018 Managed Information Security Response to Questions CML 15-018 Managed Information Security 1. What are the most critical aspects that need to be provided for this RFP, in light of the comment that multiple awards might be provided?

More information

5 Steps to Advanced Threat Protection

5 Steps to Advanced Threat Protection 5 Steps to Advanced Threat Protection Agenda Endpoint Protection Gap Profile of Advanced Threats Consensus Audit Guidelines 5 Steps to Advanced Threat Protection Resources 20 Years of Chasing Malicious

More information

Introduction. Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia jason.lawrence@ey.com Twitter: @ethical_infosec

Introduction. Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia jason.lawrence@ey.com Twitter: @ethical_infosec Introduction Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia jason.lawrence@ey.com Twitter: @ethical_infosec More than 20 years of experience in cybersecurity specializing

More information

Best of Breed of an ITIL based IT Monitoring. The System Management strategy of NetEye

Best of Breed of an ITIL based IT Monitoring. The System Management strategy of NetEye Best of Breed of an ITIL based IT Monitoring The System Management strategy of NetEye by Georg Kostner 5/11/2012 1 IT Services and IT Service Management IT Services means provisioning of added value for

More information

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details Sub: Supply, Installation, setup and testing of Tenable Network Security Nessus vulnerability scanner professional version 6 or latest for scanning the LAN, VLAN, VPN and IPs with 3 years License/Subscription

More information