The RSA Algorithm. Content Review of Encryption RSA An RSA example.
RSA 2014: Non-Disruptive Vulnerability Discovery, Without Scanning Your Network
9
Liran Chen Technical Director Risk Analytics for Cyber Security
-
Upload
skybox-security -
Category
Technology
-
view
236 -
download
1
description
Skybox has a complete portfolio solving many common problems in enterprise cyber security. In the Vulnerability and Threat Management space we offer solutions that span the entire process of discovering and remediation vulnerabilities. Liran Chen from Skybox, will be showing how our scanless vulnerability discovery feature can make a huge impact on reducing risk in the enterprise.
Transcript of RSA 2014: Non-Disruptive Vulnerability Discovery, Without Scanning Your Network
Liran Chen Technical Director
Risk Analytics for Cyber Security
© 2013 Skybox Security Inc. 2
Risk Control’s Differentiators: Discovery
Discovery Analysis Remediation
Scanless: Vulnerability Detector
Scanless vulnerability assessment, finds vulnerabilities
from existing repositories without a scan
Advantages: ■ Automatically and accurately deduces vulnerabilities
Provides faster scan cycles (hours or even minutes)
Delivers continuous, up-to-date discovery
Covers all nodes including difficult-to-scan systems,
e.g. critical systems, mobile devices, cloud assets
© 2013 Skybox Security Inc. 3
Ask Yourself…
How Well is our VM Program Working?
How often is vulnerability data collected?
How much of the network is covered?
Is scanning disruptive to the business?
How fast are critical vulnerabilities fixed?
Do we consider alternatives to patching?
Does the VM approach consider the
network and security controls context?
Are we prioritizing by exploitation risk?
Is risk level going up or down over time?
Discovery
Analysis and
Prioritization
Remediation
© 2013 Skybox Security Inc. 7
Consolidated Vulnerability List (CVE)
Updated Daily
Vulnerability Discovery
Augment Active Scans with Daily Updates
Active Scanner Skybox
Vulnerability Detector
Asset
Database
Patch
Database
Threat
Intel
Product Catalog (CPE)
Rule-based Profiling
Skybox Vulnerability Dictionary
© 2013 Skybox Security Inc. 8
With or Without a 3rd Party Scanner
Continuous View of Vulnerabilities
Time
Month 1 Month 2 Month 3
50%
Q
Combining 3rd party and Skybox Vulnerability Detector
data gives constant vulnerability knowledge
100%
3rd party
scanner
Skybox
Vulnerability
Detector
© 2013 Skybox Security Inc. 9
Vulnerability Dictionary
Most comprehensive vulnerability data source
41,000 vulnerabilities on 1,000 products
Vulnerability Research Team consolidates info from 20+ sources. Latest advisories, scanners, IPS, others
Additional data analysis, modeling, info added for use by Skybox analytics engine
CVE compliant, CVSS v2 standard, cross-referenced
Also contains vulnerabilities not found in CVE list
© 2013 Skybox Security Inc. 10
Vulnerability information sources
The Vulnerability Dictionary aggregates data from these
sources:
© 2013 Skybox Security Inc. 11
Vulnerability Detector supported platforms
Enterprise service Applications
Network Devices Operating Systems
Client side Applications
© 2013 Skybox Security Inc. 13
Summary
Augment your scanner with Risk Control to get better
discovery – analysis and remediation reporting.
Discover vulnerabilities across your entire enterprise –
especially in places you currently don’t scan
Discover vulnerabilities within days of announcement,
not weeks or months
