Security Testing Of (Web) Applications. Erwin Geirmaert Security Innovation
|
|
- Edwin Henderson
- 8 years ago
- Views:
Transcription
1 Security Testing Of (Web) Applications Erwin Geirmaert Security Innovation
2 SECURITY INNOVATION BVBA Security Testing of (web) applications Erwin Geirnaert Security Innovation BVBA
3 Agenda Objectives Security Test Checklist Risk assessment Source code review Tools Some examples
4 Some examples Parameter tampering Cross-site-scripting Hidden fields
5 Parameter Tampering
6 Parameter Tampering - Example
7 Parameter Tampering - Example
8 Parameter Tampering - Example
9 Parameter tampering
10 Parameter tampering
11 Cross-site-scripting Insert Javascript in input fields to steal cookies, manipulate forms,... Vulnerable applications: forums, search, user login,... To test: <script>alert(document.cookie)</script> XSS Cheat-sheet:
12 Hidden fields
13 Hidden field manipulation
14 Hidden field manipulation
15 WebGoat Demo
16 References Tech-Ed 2004 Designing in Security OWASP AppSec Europe Tools of the Trade: AppSec Assessment Tools
17 That s it Any Questions? Thank you! Erwin Geirnaert egeirnaert@securityinnovation.be +32(0)
18 Hidden fields
19 Security Tester Toolbox Tools are just a way of manipulating web applications They are no silver bullet, a lot of false positives can be the result of automated scan They can be really expensive They can be useful You need to learn how to use them and what the limitations are Internet Explorer can do the job and for
20 Tools Tools that can help: Static Analysis Tools Dynamic Analysis Tools Application Vulnerability Scanners Other Tools
21 Static analysis tools Source code scanners crawl your source tree to discover possible errors at the code level Strengths Finding logical errors Finding security errors Weaknesses Runtime errors False positives False sense of security Examples Klocwork inspect Coverity SWAT Lint
22 Dynamic analysis tools Dynamic Analysis tools watch the application while it is running to find possible errors. Strengths Finding errors that may surface at runtime Code Coverage Performance Analysis Weaknesses Difficult to execute every code path Difficult to find many security problems Examples Compuware Code Coverage tools Perf analysis tools
23 Tools in the past 4 years ago, a limited list of free tools: Achilles: local WebProxy: local proxy& fuzzer, in Java WebSleuth: plugin for IE, raw requests Whisker: vulnerability scanner Nikto: vulnerability scanner Nessus: didn t include web vulnerabilities yet But they did the job, only it required more time...
24 Commercial Fault Injection Test Tools 1. SPI Dynamics WebInspect 2. Sanctum now Watchfire AppScan 3. Kavado Scando 4. AppSecInc AppDetective for Web Apps 5. Cenzic Hailstorm 6. NT Objectives NTOSpider 7. Acunetix Web Vulnerability Scanner 2 8. Compuware DevPartner Fault Simulator 9. Fortify Pen Testing Team Tool Web Proxy Burp Intruder 12. Sandsprite Web Sleuth 13. MaxPatrol Syhunt Sandcat Scanner & Miner 15. TrustSecurityConsulting HTTPExplorer 16. Ecyware BlueGreen Inspector 17. NGS Typhon 18. Parasoft WebKing (more QA-type tool)
25 Application vulnerability scanners Application Vulnerability Scanners test your application through known avenues of attack. Strengths Help to ensure your application is not vulnerable to known attack vectors Find some security vulnerabilities Weaknesses Web Applications only Still in their infancy Examples Kavado Scando Spidynamics WebInspect
26 Other tools Hex Editors Allow a tester to view binary data in an editable hexadecimal/ascii representation Can search for clear text passwords, or sections containing high amounts of entropy which could lead to the discovery of encrypted data or hashes. Debuggers Allow a tester to view memory space, stack, and machine instructions while the application is running. Can be used to help exploit buffer overruns, discover clear text or encrypted data while in memory.
27 OWASP - WebScarab Java based: download stand-alone JAR and runtime HTTP Proxy Client-certificates Session analysis Raw request Spider Custom plugins: BeanShell
28 OWASP WebScarab - Interceptor
29 WebScarab Raw Request
30 WebScarab - Spider
31 WebScarab SessionID Analysis
32 Agenda Objectives Security Test Checklist Risk assessment Source code review Tools Some examples
33 WebScarab Transcoder
34 WebScarab SessionID Analysis
35 Open Source or Freeware Fault Injection Test Tools 1. WebScarab (HTTPush, Exodus) 2. Paros Proxy 3. Burp Spider 4. Burp Proxy 5. SPIKE Proxy 6. SPIKE 7. Achilles Proxy 8. Odysseus Proxy 9. Webstretch Proxy 10. Absinthe 1.1 (formerly SQLSqueal) 11. NGS SQL Injection Inference Tool (BH Europe 2005) 12. Internet Explorer HTMLBar Plugin 13. Firefox LiveHTTPHeaders and Developer Tools 14. Sensepost Wikto (Google cached fault-finding) 15. Foundstone Sitedigger (Google cached fault-finding)
36 Source code review Identify vulnerabilities from the code Requires good eyes Source code scanners can help How to test for this backdoor? public void dopost( HttpServletRequest request, HttpServletResponse response) { String magic = sf8g7sfjdsurtsdieerwqredsgnfg8d ; boolean admin = magic.equals( request.getparameter( magic )); if (admin) doadmin( request, response); else. // normal processing }
37 Agenda Objectives Security Test Checklist Risk assessment Source code review Tools Some examples
38 Risk assessment Identify your risks and test for the threats Existing methodologies: OCTAVE: Operationally Critical Threat, Asset and Vulnerability Evaluation Simplified security risk analysis Threat modeling
39 Threat modeling You cannot test a system until you understand the threats Threat modeling is the design activity to discover the threats that your application is susceptible to. Threat modeling yields both threats and vulnerabilities and provides ways to perform security testing in order to prioritize the security fixes needed.
40 Threat modeling - Definitions Threats are possible attacks. Vulnerabilities are security related software errors: A threat is what an attacker might try to do to an asset or through an entry point A vulnerability is a specific security exploit due to an unmitigated threat path
41 Test Plan The test plan will contain the test cases A test case consists of: Test Case number The possible attacks Details and tools Expected result
42 Agenda Objectives Security Test Checklist Risk assessment Source code review Tools Some examples
43 STRIDE: Examples Type of Threat Examples Spoofing Tampering Repudiation Information disclosure Denial of Service Elevation of Privilege Forging Message Replaying Authentication Altering data during transmission Changing data in database Delete critical data and deny it Purchase product and deny it Expose information in error messages Expose code on web site Flood web service with invalid request Flood network with SYN Obtain Administrator privileges Use assembly in GAC to create acct
44 Threat Tree Inside Attack Enabled Attack domain controller from inside OR AND AND SQL Injection Dev Server Messenger Xfer Trojan Soc Eng An application doesn t validate user s input and allows evil texts Unhardened SQL server used by internal developers Novice admin uses an instant messenger on a server Attacker sends a trojan masquerading as network util
45 Document Threats 1. Identify Assets 2. Create an Architecture Overview 3. Decompose the System 4. Identify the Threats 5. Document the Threats 6. Rate the Threats Document Threat Target Risk Attack Techniques Countermeasure Leave Risk Blank Input test plan
46 Threat modeling - DREAD DREAD: Damage potential what s the extent of the damage if this vulnerability was to be exploited Reproducibility how well can the finder reproduce the issue Exploitability difficulty of taking advantage of the flaw for malicious purpose Affected users how many or what type of users are affected by the flaw Discoverability how fast can it be publicly be discovered DREAD is used to analyze the risk of discovered vulnerabilities
47 Document Threats (Step 5) Description Target Risk Attack Techniques Countermeasures Attacker obtains credentials User Auth process Sniffer Use SSL to encrypt channel Injection of SQL commands Data Access Component Append SQL to user name Validate user name Parameterized stored procedure for data access
48 Rate Threats 1. Identify Assets 2. Create an Architecture Overview 3. Decompose the System Rate Risk Order by Risk Address/test in order Use DREAD 4. Identify the Threats 5. Document the Threats 6. Rate the Threats Risk s Exposure = Probability * Damage Potential
49 Attack Vector in a Threat Tree Theft of Auth Cookies OR AND AND Unencrypted Connection Eavesdropping Cross-Site Scripting XSS Vulnerability Cookies travel over unencrypted HTTP Attacker uses sniffer to monitor HTTP traffic Attacker possesses means and knowledge Application is vulnerable to XSS attacks
50 Attack vectors for web applications Parameter Tampering Cookie Tampering Cross-site Scripting SQL Injection Script Injection Command Injection Encoding Attacks Buffer Overflows Format-string attacks Harvesting User IDs Brute-forcing Accounts Path Truncation Attacks Hidden Path Discovery Application Directory and File Mapping Forceful Browsing Source Code Disclosure Web server vulnerability exploitation
51 Threat Modeling 1. Identify Assets 2. Create an Architecture Overview 3. Decompose the System 4. Identify the Threats 5. Document the Threats 6. Rate the Threats Structured analysis aimed at: Finding infrastructure vulnerabilities Evaluating security threats Identify countermeasures Originated from software development security threat analysis
52 Identify Assets 1. Identify Assets 2. Create an Architecture Overview 3. Decompose the System 4. Identify the Threats 5. Document the Threats 6. Rate the Threats What do you need to protect? Confidential data Orders Customers Web Pages Availability What is important?
53 Threat modeling - STRIDE Threats can be classified using the STRIDE classification: Spoofing lying about identity Tampering Destroying data Repudiation Cleaning the steps of an attack/denying a transaction Information Disclosure Stealing valuable private data Denial of Service Stopping an application from providing its basic functionality Escalation of Privileges Executing code with stolen high privileges Whenever discovering threats the analyst will always think about STRIDE elements
54 Decomposition (Step 3) Forms Authentication URL Authorization Web Server Trust Database Server Bob Alice Bill Firewall IIS ASP.NET Login Main State DPAPI Windows Authentication
55 Identify Threats 1. Identify Assets 2. Create an Architecture Overview 3. Decompose the System 4. Identify the Threats 5. Document the Threats Use STRIDE to identify threats Use categorized threat lists Network Host Application 6. Rate the Threats
56 Architecture Diagram (Step 2) Asset #1 Asset #2 Asset #3 Web Server Database Server Bob Alice Bill Firewall IIS ASP.NET Login Main State Asset #4 Asset #5 Asset #6
57 Decompose Application 1. Identify Assets 2. Create an Architecture Overview 3. Decompose the System 4. Identify the Threats 5. Document the Threats Identify trust boundaries Identify data flow Identify entry points Identify privileged code Document the security profile Architecture & Design Review 6. Rate the Threats
58 Create Architecture Overview 1. Identify Assets 2. Create an Architecture Overview 3. Decompose the System 4. Identify the Threats Identify what the application does Create an architecture diagram Identify the technologies used 5. Document the Threats 6. Rate the Threats
59 Security Test Checklist You need an EXPERIENCED TESTER Create a threat model and a test plan Web application testing <> penetration testing Do not rely ONLY on automated web application security scanners Source code of the web application HELPS Have a Security Tester Toolbox
60 Online Checklist OWASP = Open Web Application Security Project - Web Application Penetration Checklist v1.1 from OSSTMM = Open Source Security Testing Methodology Manual
61 Agenda Objectives Security Test Checklist Risk assessment Source code review Tools Some examples
62 Objectives Define security testing Best practices to execute security tests Discover some tools that you can use Testing is not the silver bullet
63 Agenda Objectives Security Test Checklist Risk assessment Source code review Tools Some examples
Web Application Penetration Testing
Web Application Penetration Testing 2010 2010 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property. Will Bechtel William.Bechtel@att.com
More informationThreat Modeling. Categorizing the nature and severity of system vulnerabilities. John B. Dickson, CISSP
Threat Modeling Categorizing the nature and severity of system vulnerabilities John B. Dickson, CISSP What is Threat Modeling? Structured approach to identifying, quantifying, and addressing threats. Threat
More informationWhat is Web Security? Motivation
brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web
More informationEvaluation of Penetration Testing Software. Research
Evaluation of Penetration Testing Software Research Penetration testing is an evaluation of system security by simulating a malicious attack, which, at the most fundamental level, consists of an intellectual
More information(WAPT) Web Application Penetration Testing
(WAPT) Web Application Penetration Testing Module 0: Introduction 1. Introduction to the course. 2. How to get most out of the course 3. Resources you will need for the course 4. What is WAPT? Module 1:
More informationThe purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.
This sample report is published with prior consent of our client in view of the fact that the current release of this web application is three major releases ahead in its life cycle. Issues pointed out
More informationCreating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011 Agenda Evolving Threats Operating System Application User Generated Content JPL s Application Security Program Securing
More informationThreat Modeling/ Security Testing. Tarun Banga, Adobe 1. Agenda
Threat Modeling/ Security Testing Presented by: Tarun Banga Sr. Manager Quality Engineering, Adobe Quality Leader (India) Adobe Systems India Pvt. Ltd. Agenda Security Principles Why Security Testing Security
More informationEssential IT Security Testing
Essential IT Security Testing Application Security Testing for System Testers By Andrew Muller Director of Ionize Who is this guy? IT Security consultant to the stars Member of OWASP Member of IT-012-04
More informationWeb Application Security Considerations
Web Application Security Considerations Eric Peele, Kevin Gainey International Field Directors & Technology Conference 2006 May 21 24, 2006 RTI International is a trade name of Research Triangle Institute
More informationApplication Security Testing
Tstsec - Version: 1 09 July 2016 Application Security Testing Application Security Testing Tstsec - Version: 1 4 days Course Description: We are living in a world of data and communication, in which the
More informationThe Top Web Application Attacks: Are you vulnerable?
QM07 The Top Web Application Attacks: Are you vulnerable? John Burroughs, CISSP Sr Security Architect, Watchfire Solutions jburroughs@uk.ibm.com Agenda Current State of Web Application Security Understanding
More informationSecure Web Development Teaching Modules 1. Security Testing. 1.1 Security Practices for Software Verification
Secure Web Development Teaching Modules 1 Security Testing Contents 1 Concepts... 1 1.1 Security Practices for Software Verification... 1 1.2 Software Security Testing... 2 2 Labs Objectives... 2 3 Lab
More informationApplication Code Development Standards
Application Code Development Standards Overview This document is intended to provide guidance to campus system owners and software developers regarding secure software engineering practices. These standards
More informationSecuring Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group
Securing Your Web Application against security vulnerabilities Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group Agenda Security Landscape Vulnerability Analysis Automated Vulnerability
More informationWeb application testing
CL-WTS Web application testing Classroom 2 days Testing plays a very important role in ensuring security and robustness of web applications. Various approaches from high level auditing through penetration
More informationRational AppScan & Ounce Products
IBM Software Group Rational AppScan & Ounce Products Presenters Tony Sisson and Frank Sassano 2007 IBM Corporation IBM Software Group The Alarming Truth CheckFree warns 5 million customers after hack http://infosecurity.us/?p=5168
More informationOWASP and OWASP Top 10 (2007 Update) OWASP. The OWASP Foundation. Dave Wichers. The OWASP Foundation. OWASP Conferences Chair dave.wichers@owasp.
and Top 10 (2007 Update) Dave Wichers The Foundation Conferences Chair dave.wichers@owasp.org COO, Aspect Security dave.wichers@aspectsecurity.com Copyright 2007 - The Foundation This work is available
More informationWeb Application Security
E-SPIN PROFESSIONAL BOOK Vulnerability Management Web Application Security ALL THE PRACTICAL KNOW HOW AND HOW TO RELATED TO THE SUBJECT MATTERS. COMBATING THE WEB VULNERABILITY THREAT Editor s Summary
More informationUsing Free Tools To Test Web Application Security
Using Free Tools To Test Web Application Security Speaker Biography Matt Neely, CISSP, CTGA, GCIH, and GCWN Manager of the Profiling Team at SecureState Areas of expertise: wireless, penetration testing,
More informationChapter 1 Web Application (In)security 1
Introduction xxiii Chapter 1 Web Application (In)security 1 The Evolution of Web Applications 2 Common Web Application Functions 4 Benefits of Web Applications 5 Web Application Security 6 "This Site Is
More information3. Broken Account and Session Management. 4. Cross-Site Scripting (XSS) Flaws. Web browsers execute code sent from websites. Account Management
What is an? s Ten Most Critical Web Application Security Vulnerabilities Anthony LAI, CISSP, CISA Chapter Leader (Hong Kong) anthonylai@owasp.org Open Web Application Security Project http://www.owasp.org
More informationApplication Security Testing. Erez Metula (CISSP), Founder Application Security Expert ErezMetula@AppSec.co.il
Application Security Testing Erez Metula (CISSP), Founder Application Security Expert ErezMetula@AppSec.co.il Agenda The most common security vulnerabilities you should test for Understanding the problems
More informationIntegrating Security into the Application Development Process. Jerod Brennen, CISSP CTO & Principal Security Consultant, Jacadis
Integrating Security into the Application Development Process Jerod Brennen, CISSP CTO & Principal Security Consultant, Jacadis Agenda Seek First to Understand Source Code Security AppSec and SQA Analyzing
More informationIntroduction to Web Application Security. Microsoft CSO Roundtable Houston, TX. September 13 th, 2006
Introduction to Web Application Security Microsoft CSO Roundtable Houston, TX September 13 th, 2006 Overview Background What is Application Security and Why Is It Important? Examples Where Do We Go From
More informationExternal Vulnerability Assessment. -Technical Summary- ABC ORGANIZATION
External Vulnerability Assessment -Technical Summary- Prepared for: ABC ORGANIZATI On March 9, 2008 Prepared by: AOS Security Solutions 1 of 13 Table of Contents Executive Summary... 3 Discovered Security
More informationWEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY
WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY www.alliancetechpartners.com WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY More than 70% of all websites have vulnerabilities
More informationWHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats
WHITE PAPER FortiWeb and the OWASP Top 10 PAGE 2 Introduction The Open Web Application Security project (OWASP) Top Ten provides a powerful awareness document for web application security. The OWASP Top
More informationIntegrating Tools Into the SDLC
Integrating Tools Into the SDLC FIRST Conference 2007 The problem Too many organizations have either: Failed to try software security tools at all Tried tools, but became overwhelmed Tools relegated to
More informationPassing PCI Compliance How to Address the Application Security Mandates
Passing PCI Compliance How to Address the Application Security Mandates The Payment Card Industry Data Security Standards includes several requirements that mandate security at the application layer. These
More informationApplication Security Testing. Generic Test Strategy
Application Security Testing Generic Test Strategy Page 2 of 8 Contents 1 Introduction 3 1.1 Purpose: 3 1.2 Application Security Testing: 3 2 Audience 3 3 Test Strategy guidelines 3 3.1 Authentication
More informationØredev 2006. Web application testing using a proxy. Lucas Nelson, Symantec Inc.
Øredev 2006 Web application testing using a proxy Lucas Nelson, Symantec Inc. Agenda What is a proxy? Setting up your environment Pre-login tests Post-login tests Conclusion A man in the middle proxy The
More informationMobile Application Threat Analysis
The OWASP Foundation http://www.owasp.org Mobile Application Threat Analysis Ari Kesäniemi Nixu Copyright The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under
More informationSample Report. Security Test Plan. Prepared by Security Innovation
Sample Report Security Test Plan Prepared by Security Innovation Table of Contents 1.0 Executive Summary... 3 2.0 Introduction... 3 3.0 Strategy... 4 4.0 Deliverables... 4 5.0 Test Cases... 5 Automation...
More informationWhere every interaction matters.
Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper
More informationHackMiami Web Application Scanner 2013 PwnOff
HackMiami Web Application Scanner 2013 PwnOff An Analysis of Automated Web Application Scanning Suites James Ball, Alexander Heid, Rod Soto http://www.hackmiami.org Overview Web application scanning suites
More informationhttps://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting
https://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting Chapter 1 1. Introducing Penetration Testing 1.1 What is penetration testing 1.2 Different types of test 1.2.1 External Tests
More informationMingyu Web Application Firewall (DAS- WAF) - - - All transparent deployment for Web application gateway
Mingyu Web Application Firewall (DAS- WAF) - - - All transparent deployment for Web application gateway All transparent deployment Full HTTPS site defense Prevention of OWASP top 10 Website Acceleration
More informationA Network Administrator s Guide to Web App Security
A Network Administrator s Guide to Web App Security Speaker: Orion Cassetto, Product Marketing Manager, Incapsula Moderator: Rich Nass, OpenSystems Media Agenda Housekeeping Presentation Questions and
More informationWeb Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability
Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability WWW Based upon HTTP and HTML Runs in TCP s application layer Runs on top of the Internet Used to exchange
More informationSAST, DAST and Vulnerability Assessments, 1+1+1 = 4
SAST, DAST and Vulnerability Assessments, 1+1+1 = 4 Gordon MacKay Digital Defense, Inc. Chris Wysopal Veracode Session ID: Session Classification: ASEC-W25 Intermediate AGENDA Risk Management Challenges
More informationThick Client Application Security
Thick Client Application Security Arindam Mandal (arindam.mandal@paladion.net) (http://www.paladion.net) January 2005 This paper discusses the critical vulnerabilities and corresponding risks in a two
More informationSecure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda
Secure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda 1. Introductions for new members (5 minutes) 2. Name of group 3. Current
More informationHow to break in. Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering
How to break in Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering Time Agenda Agenda Item 9:30 10:00 Introduction 10:00 10:45 Web Application Penetration
More informationBlack Box versus White Box: Different App Testing Strategies John B. Dickson, CISSP
Black Box versus White Box: Different App Testing Strategies John B. Dickson, CISSP Learning objectives for today s session Understand different types of application assessments and how they differ Be
More informationWeb application security: Testing for vulnerabilities
Web application security: Testing for vulnerabilities Using open source tools to test your site Jeff Orloff Technology Coordinator/Consultant Sequoia Media Services Inc. Skill Level: Intermediate Date:
More informationSecurity Testing Tools
- A Gallop Insight The Average security breach can cost a company between $90 and $305 per lost record, according to a new study from forrester research. Introduction The new age enterprises face a relentless
More informationLearning objectives for today s session
Black Box versus White Box: Different App Testing Strategies John B. Dickson, CISSP Learning objectives for today s session Understand what a black box and white box assessment is and how they differ Identify
More informationWeb Security Testing Cookbook*
Web Security Testing Cookbook* Systematic Techniques to Find Problems Fast Paco Hope and Ben Walther O'REILLY' Beijing Cambridge Farnham Koln Sebastopol Tokyo Table of Contents Foreword Preface xiii xv
More informationFINAL DoIT 11.03.2015 - v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES
Purpose: The Department of Information Technology (DoIT) is committed to developing secure applications. DoIT s System Development Methodology (SDM) and Application Development requirements ensure that
More informationMatriXay WEB Application Vulnerability Scanner V 5.0. 1. Overview. (DAS- WEBScan ) - - - - - The best WEB application assessment tool
MatriXay DAS-WEBScan MatriXay WEB Application Vulnerability Scanner V 5.0 (DAS- WEBScan ) - - - - - The best WEB application assessment tool 1. Overview MatriXay DAS- Webscan is a specific application
More informationNetwork Security Audit. Vulnerability Assessment (VA)
Network Security Audit Vulnerability Assessment (VA) Introduction Vulnerability Assessment is the systematic examination of an information system (IS) or product to determine the adequacy of security measures.
More informationArcGIS Server Security Threats & Best Practices 2014. David Cordes Michael Young
ArcGIS Server Security Threats & Best Practices 2014 David Cordes Michael Young Agenda Introduction Threats Best practice - ArcGIS Server settings - Infrastructure settings - Processes Summary Introduction
More informationApplication Layer Encryption: Protecting against Application Logic and Session Theft Attacks. Whitepaper
Application Layer Encryption: Protecting against Application Logic and Session Theft Attacks Whitepaper The security industry has extensively focused on protecting against malicious injection attacks like
More informationDANNY ALLAN, STRATEGIC RESEARCH ANALYST. A whitepaper from Watchfire
WEB APPLICATION SECURITY: AUTOMATED SCANNING OR MANUAL PENETRATION TESTING? DANNY ALLAN, STRATEGIC RESEARCH ANALYST A whitepaper from Watchfire TABLE OF CONTENTS Introduction... 1 History... 1 Vulnerability
More informationFunctional vs. Load Testing
Best Practices in Performance & Security Testing March 26, 2009 CVN www.sonata-software.com Functional vs. Load Testing Functional test Objective Functionality Example Do business processes function properly
More informationThreat Modeling. Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE UNIVERSITEIT LEUVEN
Threat Modeling Frank Piessens (Frank.Piessens@cs.kuleuven.be ) Secappdev 2007 1 Overview Introduction Key Concepts Threats, Vulnerabilities, Countermeasures Example Microsoft s Threat Modeling Process
More informationWeb application security
Web application security Sebastian Lopienski CERN Computer Security Team openlab and summer lectures 2010 (non-web question) Is this OK? int set_non_root_uid(int uid) { // making sure that uid is not 0
More informationAttack and Penetration Testing 101
Attack and Penetration Testing 101 Presented by Paul Petefish PaulPetefish@Solutionary.com July 15, 2009 Copyright 2000-2009, Solutionary, Inc. All rights reserved. Version 2.2 Agenda Penetration Testing
More informationColumbia University Web Security Standards and Practices. Objective and Scope
Columbia University Web Security Standards and Practices Objective and Scope Effective Date: January 2011 This Web Security Standards and Practices document establishes a baseline of security related requirements
More informationPenetration Testing Service. By Comsec Information Security Consulting
Penetration Testing Service By Consulting February, 2007 Background The number of hacking and intrusion incidents is increasing year by year as technology rolls out. Equally, there is no hiding place your
More informationConducting Web Application Pentests. From Scoping to Report For Education Purposes Only
Conducting Web Application Pentests From Scoping to Report For Education Purposes Only Web App Pen Tests According to OWASP: A Web Application Penetration Test focuses only on evaluating the security of
More informationIntroduction:... 1 Security in SDLC:... 2 Penetration Testing Methodology: Case Study... 3
Table of Contents Introduction:... 1 Security in SDLC:... 2 Penetration Testing Methodology: Case Study... 3 Information Gathering... 3 Vulnerability Testing... 7 OWASP TOP 10 Vulnerabilities:... 8 Injection
More informationAn Introduction to Application Security In ASP.NET Environments. Houston.NET User Group. February 23 rd, 2006
An Introduction to Application Security In ASP.NET Environments Houston.NET User Group February 23 rd, 2006 Overview Background What is Application Security and Why Is It Important? Examples ASP.NET Specific
More informationList of Scanner Features (3 of 3)
List of Features (3 of 3) Advanced Features Acunetix WVS ) JS/ analysis & crawling, URI Coverage for XSS & SQLi, Web Services Scanning Features, GHDB, Network Scanning Features, Subdomain, Authentication
More informationAutomating Security Testing. Mark Fallon Senior Release Manager Oracle
Automating Security Testing Mark Fallon Senior Release Manager Oracle Some Ground Rules There are no silver bullets You can not test security into a product Testing however, can help discover a large percentage
More informationWeb Application Security
Chapter 1 Web Application Security In this chapter: OWASP Top 10..........................................................2 General Principles to Live By.............................................. 4
More informationSecrets of Vulnerability Scanning: Nessus, Nmap and More. Ron Bowes - Researcher, Tenable Network Security
Secrets of Vulnerability Scanning: Nessus, Nmap and More Ron Bowes - Researcher, Tenable Network Security 1 About me Ron Bowes (@iagox86) My affiliations (note: I m here to educate, not sell) 2 SkullSpace
More informationSecurity Tools - Hands On
Security Tools - Hands On SecAppDev 2014 Ken van Wyk, @KRvW! Leuven, Belgium 10-14 February 2014 Caveats and Warnings This is not a sales pitch for any product(s) If you want to talk to a sales person,
More informationDetecting Web Application Vulnerabilities Using Open Source Means. OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008
Detecting Web Application Vulnerabilities Using Open Source Means OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008 Kostas Papapanagiotou Committee Member OWASP Greek Chapter conpap@owasp.gr
More informationSecurity and Vulnerability Testing How critical it is?
Security and Vulnerability Testing How critical it is? It begins and ends with your willingness and drive to change the way you perform testing today Security and Vulnerability Testing - Challenges and
More informationEVALUATING COMMERCIAL WEB APPLICATION SECURITY. By Aaron Parke
EVALUATING COMMERCIAL WEB APPLICATION SECURITY By Aaron Parke Outline Project background What and why? Targeted sites Testing process Burp s findings Technical talk My findings and thoughts Questions Project
More informationOWASP Top Ten Tools and Tactics
OWASP Top Ten Tools and Tactics Russ McRee Copyright 2012 HolisticInfoSec.org SANSFIRE 2012 10 JULY Welcome Manager, Security Analytics for Microsoft Online Services Security & Compliance Writer (toolsmith),
More informationMETHODS TO TEST WEB APPLICATION SCANNERS
METHODS TO TEST WEB APPLICATION SCANNERS Fernando Román Muñoz, Luis Javier García Villalba Group of Analysis, Security and Systems (GASS) Department of Software Engineering and Artificial Intelligence
More informationUsing Nessus In Web Application Vulnerability Assessments
Using Nessus In Web Application Vulnerability Assessments Paul Asadoorian Product Evangelist Tenable Network Security pasadoorian@tenablesecurity.com About Tenable Nessus vulnerability scanner, ProfessionalFeed
More informationCommon Security Vulnerabilities in Online Payment Systems
Common Security Vulnerabilities in Online Payment Systems Author- Hitesh Malviya(Information Security analyst) Qualifications: C!EH, EC!SA, MCITP, CCNA, MCP Current Position: CEO at HCF Infosec Limited
More informationTHREAT MODELLING FOR SQL SERVERS Designing a Secure Database in a Web Application
THREAT MODELLING FOR SQL SERVERS Designing a Secure Database in a Web Application E.Bertino 1, D.Bruschi 2, S.Franzoni 2, I.Nai-Fovino 2, S.Valtolina 2 1 CERIAS, Purdue University, West Lafayette, IN,
More informationCS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module
CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human
More informationFINAL DoIT 04.01.2013- v.8 APPLICATION SECURITY PROCEDURE
Purpose: This procedure identifies what is required to ensure the development of a secure application. Procedure: The five basic areas covered by this document include: Standards for Privacy and Security
More informationClient logo placeholder XXX REPORT. Page 1 of 37
Client logo placeholder XXX REPORT Page 1 of 37 Report Details Title Xxx Penetration Testing Report Version V1.0 Author Tester(s) Approved by Client Classification Confidential Recipient Name Title Company
More informationInformation Technology Policy
Information Technology Policy Enterprise Web Application Firewall ITP Number ITP-SEC004 Category Recommended Policy Contact RA-ITCentral@pa.gov Effective Date January 15, 2010 Supersedes Scheduled Review
More informationWeb Application Scanners: Definitions and Functions
Web Application Scanners: Definitions and Functions Elizabeth Fong and Vadim Okun Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8970 {efong,vadim.okun}@nist.gov
More informationThreat Modeling. A workshop on how to create threat models by creating a hands-on example
Threat Modeling A workshop on how to create threat models by creating a hands-on example Introduction 2 Introduction 3 Part 1: Application- Layer Attacks A brief primer on some web application attacks
More informationWEB SECURITY. Oriana Kondakciu 0054118 Software Engineering 4C03 Project
WEB SECURITY Oriana Kondakciu 0054118 Software Engineering 4C03 Project The Internet is a collection of networks, in which the web servers construct autonomous systems. The data routing infrastructure
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationDetecting and Defending Against Security Vulnerabilities for Web 2.0 Applications
Detecting and Defending Against Security Vulnerabilities for Web 2.0 Applications Ray Lai, Intuit TS-5358 Share experience how to detect and defend security vulnerabilities in Web 2.0 applications using
More informationTesting for Security
Testing for Security Kenneth Ingham September 29, 2009 1 Course overview The threat that security breaches present to your products and ultimately your customer base can be significant. This course is
More informationExpert Services Group (Security Testing) Nilesh Dasharathi Sadaf Kazi Aztecsoft Limited
Practical Aspects of Web Application Penetration Testing & Vulnerability Analysis Expert Services Group (Security Testing) Nilesh Dasharathi Sadaf Kazi Aztecsoft Limited Presentation Path Motivation Penetration
More informationTestnet Summerschool. Web Application Security Testing. Dave van Stein
Testnet Summerschool Web Application Security Testing Dave van Stein Welcome Your coach for today Dave van Stein Security Consultant Web Application Penetration Tester Purpose of today s workshop Creating
More informationWeb Application Security. Vulnerabilities, Weakness and Countermeasures. Massimo Cotelli CISSP. Secure
Vulnerabilities, Weakness and Countermeasures Massimo Cotelli CISSP Secure : Goal of This Talk Security awareness purpose Know the Web Application vulnerabilities Understand the impacts and consequences
More informationWeb Application Report
Web Application Report This report includes important security information about your Web Application. Security Report This report was created by IBM Rational AppScan 8.5.0.1 11/14/2012 8:52:13 AM 11/14/2012
More informationIs Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security
Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security Presented 2009-05-29 by David Strauss Thinking Securely Security is a process, not
More informationCopyright 2006. Watchfire Corporation. All Rights Reserved.
AppScan Frequently Asked Technical Questions 1. How is AppScan different from other web application scanners? (p. 2) 2. How do I know if I ve covered all of my applications? (p. 3) 3. How is AppScan different
More informationIntegrated Network Vulnerability Scanning & Penetration Testing SAINTcorporation.com
SAINT Integrated Network Vulnerability Scanning and Penetration Testing www.saintcorporation.com Introduction While network vulnerability scanning is an important tool in proactive network security, penetration
More informationLast update: February 23, 2004
Last update: February 23, 2004 Web Security Glossary The Web Security Glossary is an alphabetical index of terms and terminology relating to web application security. The purpose of the Glossary is to
More informationSix Essential Elements of Web Application Security. Cost Effective Strategies for Defending Your Business
6 Six Essential Elements of Web Application Security Cost Effective Strategies for Defending Your Business An Introduction to Defending Your Business Against Today s Most Common Cyber Attacks When web
More informationWeb Application Security
Web Application Security John Zaharopoulos ITS - Security 10/9/2012 1 Web App Security Trends Web 2.0 Dynamic Webpages Growth of Ajax / Client side Javascript Hardening of OSes Secure by default Auto-patching
More informationAnybody who has a Web presence understands that
Article ISSA Title Article The Author Global Voice of Information Security Evaluating the safety of your Web presence Web Application Testing By Brad C. Johnson There is inherent risk on the Internet the
More informationWeb App Security Audit Services
locuz.com Professional Services Web App Security Audit Services The unsecured world today Today, over 80% of attacks against a company s network come at the Application Layer not the Network or System
More informationWeb Application Vulnerability Testing with Nessus
The OWASP Foundation http://www.owasp.org Web Application Vulnerability Testing with Nessus Rïk A. Jones, CISSP rikjones@computer.org Rïk A. Jones Web developer since 1995 (16+ years) Involved with information
More information