Feeds:
Posts
Comments

Posts Tagged ‘Vulnerability Assessment’

unified-vulnerability-management-suite-espincorp.png

Background

With the recent Gartner published new market guide with the introduce of “container security” be part of the vulnerability management, Tenable be the only one possess that by bought over FlawCheck last year and introduce Tenable.io platform in the market, the market change again.
Tenable.io also introduce web application security (WAS) as part of the platform offering. With Container security and web application security, it now cross over to leading container security and enter into what we traditional called application security market (traditionally occupied by web vulnerability scanner and static source code analyzer vendor). Rapid7 from the past bought over NTO and enter into application security as well, by rebranding it as AppSpider product. We will expect all will catch up on the container security, most likely acquired existing player who offer it.
Technology keep changing from years, where from the past on the cloud and online, software as a service (SaaS) model, with emerge of Qualys as the leading player on that field. With the latest acquired and integration of other new technology take place, the real differentiator for major player become minimal, we can expected major vendor will try to introduce unique and specialized area and be differentiate themselves over another (take over, merger and acquisition is the obvious option for enter market rapidly) .
With application security in depth alone, traditionally Tenable do not enter in the past, where dominance by web application scanner offer dynamic , static application security testing technology (DAST, SAST) or new interactive application security testing (IAST). We can expect the market will be changing again.
Traditional vulnerability management or specialized web application scanner become more generic offering, and the price point is bring down significantly as technologies matured and more me-too product introduce in the market. Available of open sources alternative, let enterprise market who willing to paid for commercial offering being the primary target for all the commercial vendor.
We also saw the trend for traditional penetration testing tool vendor attempt to enter vulnerability management market. With the Rapid7 acquired Metasploit in the past and the recent Core Security make the vulnerability management offering.
We also see the trend for company used to offer SAST now try to enter DAST in application security field. For mobile application security testing (Mobile AST) as new technology also rising demand for today mobile application driven business.
On the other end, we saw the smaller vendor who previously focus on one tool product now day also attempt to expand their offering to large audience. Big player is extend their product with niche product/ to penetrate those previously recognize as niche as well.

Future of Vulnerability Management

Predicting for near future product-market

future-of-application-security-market.png

  • Mobile application security testing (Mobile AST) will be included in Application Security Testing (AST) tool market (together with DAST, SAST, IAST).
  • Container Security will be one of the unique, and slowly all the major player will incorporate into their offering (whether as a option or bundled).
  • Unified of vulnerability management and application security in the near future (and eliminate some of the player that can not transit over the new changing market reality).
  • Standalone and niche focus product that easy to be use continue to be play a role in the market for those who look for solving specific purpose, both generic and specialize product /tools continue to be available for those who need them.
  • Shift left (move from product security to software development) trend, more and more customer look for integrated tool to streamline the vulnerability/security fixing cycle as early as at the early development process.

security-risk-mnagement-SRM-espincorp.png

  • Trend toward threat/vulnerability management (VTM) slowly emerge and recognize as single unified process (threat assessment -> vulnerability assessment -> risk analysis) to streamline the whole process for address enterprise threat/vulnerability and risk analysis / security risk management (SRM).
The future of vulnerability management suite, depend on the end user requirement. For complex enterprise requirement, will include the above unified vulnerability management suite aspect/functional module or option in the package bundled.
As you can see for the market product shift underway, if you want to make any major decision for the short term, for sure, license subscription (LS) is the way to go, since it is pointless to own “outdated product” and pay significant investment upfront that you may or may not really found it relevant to the changed market at all.
E-SPIN Group being vulnerability management, application security and penetration testing product and solution provider for over 13 years in the market. E-SPIN will continue to be active in the business domain and helping customer to make right investment that yield return of investment.
Feel free to contact our E-SPIN solution consultant for any project or operation requirements.

Read Full Post »

It is a very typical scenario Enterprise/government IT Auditor, compliance officer and security consultant required customise Windows Server password length policy from software default 12 characters to higher or lower length to full fill company or local regulatory requirements.

So below it is a very typical example, when you can change the configuration from default state  to your requirements.

Example below shows the password length 8 characters:

Audit_Password_from_12_characters_to_8_characters

How to change?

Answer refer below steps:

  1. To proceed this changes can go through Audit Customization.
  2. From the UI, go to Tools –> Customize Audits –>
  3. Type 6411 in the Audit box –>
  4. Click the orange pen to make changes to the Audit.

Read Full Post »

For those who are unable to attend the Acunetix v10 Whats New training event, here the extract video clip for the event. Product Demo is coming next. Stay tune.

Read Full Post »

acunetix10

E-SPIN delighted to announce the release of Acunetix Vulnerability Scanner version 10. The new version includes an improved Login Sequence Recorder for automatic scanning of login protected pages, extends support for Java Frameworks, Ruby on Rails and WordPress security scanning, and can use input from various web development and pen-testing tools.

New in Acunetix Vulnerability Scanner v10

  • ‘Login Sequence Recorder’ has been re-engineered from the ground-up to allow restricted areas to be scanned entirely automatically.
  • Now tests for over 1200 WordPress-specific vulnerabilities in the WordPress core and plugins.
  • Acunetix WVS Crawl data can be augmented using the output of: Fiddler .saz files, Burp Suite saved items, Burp Suite state files, HTTP Archive (.har) files, Acunetix HTTP Sniffer logs, Selenium IDE Scripts.
  • Improved support for Java Frameworks (Java Server Faces (JSF), Spring and Struts) and Ruby on Rails.
  • Increased web services support for web applications which make use of WSDL based web-services, Microsoft WCF-based web services and RESTful web services.
  • Ships with a malware URL detection service, which is used to analyse all the external links found during a scan against a constantly updated database of Malware and Phishing URLs.

Acunetix10-technical-overview

Continue with E-SPIN long term tradition, two round of technology briefing for what news will be hold on following date, totally free of charge and fully sponsor by E-SPIN for existing channel partner and end user.

Acunetix10-agenda

    • 28 July 2015 (Tuesday) Channel reseller partner track open for reseller partner understanding the what new and related go to market (GTM) channel support activities. Reseller interest to attend, please click here for registration.

Eventbrite - E-SPIN Complementary Acunetix 10 Technical Overview (Reseller Track)

    • 29 July 2015 (Wednesday) End user track open for end user company understanding the what new and related benefits of adoption, prepare for migration and upgrade. End user interest to attend, please click here for registration.

Eventbrite - E-SPIN Complementary Acunetix 10 Technical Overview (End User Track)

Contact us for any inquiry for the event or product information.

Acunetix also updating the features in the online version of the product, (Acunetix OVS). The new version includes automated scanning of login protected pages and extends support for Java Frameworks, Ruby on Rails and WordPress security scanning.

Modified Pricing Modules
Pricing for Acunetix WVS Enterprise and Consultant licenses have been changed. Licensing models are now limited to:

  • Enterprise 2 concurrent scans (perpetual and subscription)
  • Consultant 5 concurrent scans (perpetual and subscription)
  • Consultant 10 concurrent scans (perpetual and subscription)

Please note that:

  • Small Business Edition will no longer be supported
  • Both the Enterprise and Consultant licenses will include one year of free maintenance. Contact E-SPIN for further detailed.

Read Full Post »

Cloud and Virtualization Security

Cloud and Virtualization Security

Like it or not, more and more company IT infrastructure was migrated from physical to “private cloud” or “public cloud” to leverage shared and  highly scalable multi-tenant cloud infrastructure.

Traditional vulnerability management vendor is make their effort to complete their unified solution capable to covered traditional infrastructure, mobile and “cloud and virtualisation infrastructure”.

Are vulnerability assessment of the virtual is the same as the physical? The answer is yes and no. The answer is yes, you still need to audit accordingly to the infrastructure, network, wireless, application, database, server, operating system, web application and so on. The answer is also no, you got to covered additional layer – cloud and virtualisation layer, the potential vulnerability caused by virtualisation platform vendor and their respective technologies.

A good vulnerability assessment tool always capable to let your configured and audit additional layer of mobile as well as cloud/virtualization infrastructure.

From the day one, E-SPIN have pick up the best of the breed vendor to develop our complete product lineup solution that cover unified vulnerability assessment for generic use to special assessment tool for real IT auditor, security professional and compliance officer who need the right tools to deliver their duties.

Whether for the unified vulnerability management, on premises or hosted, E-SPIN is provide truly practical choice of vulnerability management mix accordingly to your budget and operation requirement, backed with our pre-sales solution consultant, implementation and onsite support team.

Please feel free to contact us for advice how to choose the right vulnerability management solution accordingly to your operation requirement. Just write in with the subject line “RFI – Vulnerability Management for Cloud Infrastructure” and attend to our sales(a)e-spincorp.com, our assigned personnel will contact your for your request.

Read Full Post »

Cyber-Attack

Cyber security is the set of “measures taken to protect a computer or computer system against unauthorized access or attack. Therefore, it is highly critical for enterprises to have an in-depth cyber security strategy and plan in place in order to provide the maximum level of protection from cyber security risks at not just the network perimeter but also the application layer.

The first and oldest wave is nuisance hacking, in which there is little material impact to the company. A classic example is hackers defacing your company’s website. More serious and widespread is the second wave, which is hacking for financial gain.

As business has migrated to the digital world, criminals have, too. What has emerged is a sophisticated criminal ecosystem that has matured to the point that it functions much like any business—management structure, quality control, offshoring, and so on. This type of hacking now goes beyond blindly stealing customer credit card information or employee passwords. For example, hackers might target a company’s financial function in order to obtain its earnings report before it is publicly released. With such advance knowledge, they can profit by acquiring or dumping stock.

Protecting the business from cybercrime is one thing, but companies also must worry about a new type of risk—the advanced persistent threat. If you think the term sounds like it’s out of a spy movie, you’re not far off. This type of hacking is predominantly about stealing intellectual property and typically is associated with state-sponsored espionage. The motives go beyond financial gain. Experts may quibble about the specifics of this type of attack and whether it always has involved use of advanced techniques, but this is a serious and growing threat. It is not an understatement to say that what’s at risk is not only your intellectual property but possibly national security.

Protect business from cyber attacks

With so many risks, business leaders may be unsure of where to focus. In our experience, it is crucial to elevate the role of information security in the organization and emphasize the fact that it is not just a technology function. As a make-or-break business issue, it requires a leader who reports directly to a senior executive. The title of the person—chief security officer, chief information security officer, security director—isn’t what matters. Instead, it’s the ability of that individual to bring security issues to the C-suite and help the management team think and talk about how security affects every other business decision.

Effective security leaders consistently demonstrate the linkages between security and the company’s goals. They remind the rest of the management team that security is a strategic issue. In the survey, the Front-runner group emphasized this approach by citing client requirements as the driving force behind the company’s information security investments. The other respondents pointed to legal and regulatory requirements as the main justification for information security spending in their organizations.

An organization that embraces this mindset, for example, might engage the security leader and the sales leader, together, to consider how better information security can help close or speed sales. They might determine that having well-documented information security controls, processes, or certifications in place enables them to anticipate and address customer concerns immediately when or before the issue first is raised.

Some companies we work with find it effective to have security leaders embedded within each business unit. These individuals report to line-of-business heads and work directly with them to evaluate how security can support each group’s business goals.

Feel free to contact E-SPIN for any requirement related to CyberSecurity. E-SPIN have being worked with national cybersecurity authority, multinational corporation on the various CyberSecurity Center, Vulnerability Assessment Center, Security Operation Center, Vulnerability Assessment Lab setup, from supply, commissioning, maintenance, knowledge and technology transfer, main/sub contracting to managed services engagement.

Read Full Post »

Retina CS enables IT Security professionals to centrally manage organization-wide IT security – physical, virtual, mobile and cloud – from a single, web-based console. It is the only unified vulnerability and compliance management solution that integrates security risk discovery, prioritization, remediation, and reporting, which dramatically decreases the time and effort required to manage IT security. 

Retina Insight: Get actionable reporting, analytics, and trending across the vulnerability lifecycle via this powerful reporting engine, included with Retina CS at no additional cost.

– Configuration Compliance: A Retina CS Add-on Module: Simplify how you audit and report on common industry configuration guidelines and best practices.

– Regulatory Reporting: A Retina CS Add-on Module: Choose from Regulatory Reporting packs to automate how you navigate through the increasingly complex regulatory landscape.

– Patch Management: A Retina CS Add-on Module: Close the loop on vulnerabilities by providing integrated, automated, agent-less patching from a single console

Retina CS Dashboard

E- EYE SOLUTION SUITE

1. Retina Network Security Scanner

Identify known and zero-day vulnerabilities using the industry’s most mature and effective vulnerability scanning technology.

2. Retina.GOV
Rely on integrated end-to-end vulnerability and compliance management designed specifically for Government departments and agencies.

3. Retina Web Security Scanner

Rapidly and accurately scan large, complex websites and web applications to assess web-based vulnerabilities.

ADDITIONAL SECURITY PRODUCTS

1. Blink Endpoint Protection

Augment existing security products with integrated multi-layered endpoint protection in a single, lightweight client.

2. Iris Network Traffic Analyzer

See analysis and integrated forensics reporting on network security traffic.

3. SecureIIS Web Server Security

Ensure protection for Windows IIS Servers by preventing known exploits, zero day attacks, and other harmful web server traffic.

Retina CS from eEye provides a lot of functionality – beyond just vulnerability scanning – in an easy-to-use format. It is a great value for almost any environment.

As a sole Retina Solution distributor in the Asia-Pac region, Please feel free to contact E-SPIN for your inquiry and requirement, so we can assist you on the exact requirement in the packaged solutions that you may required for your operation or project needs.

Read Full Post »

Zero-day endpoint protection has never been more critical. Attacks against business networks occur every day, all in an attempt to gain unrestricted access to these systems. Regardless of an attacker’s intention, the exploit process, whether for intrusions or scams, follows a common script.

eEye Blink

Blink integrates multi-layered endpoint protection in a single, lightweight client to protect against known exploits, zero-day attacks, and all other attack vectors. Blink provides a complete endpoint protection platform with full-featured integrated threat management capabilities. Our award-winning endpoint protection solutions are available as standalone products or as a key component of our Unified Vulnerability Management Solution: Retina.

Blink provides complete signature and heuristics-based attack protection. Using patented sandbox technology, Blink actively blocks malicious activity from being loaded into memory. Signatures provide an additional protection layer, but Blink is not signature dependent and can stop new attacks as they are released without the need for updates.

LOCAL VULNERABILITY ASSESSMENT

Blink includes a local copy of the award winning Retina Network Security Scanner. This embedded agent provides complete vulnerability assessment for local host and can report findings locally or to eEye’s Retina CS.

SYSTEM PROTECTION

Blink provides control over which applications are allowed to function by authorizing or denying program file execution. Registry protection prevents specific registry settings from being modified, stopping malicious programs from infecting or modifying systems. Storage protection prevents data leakage by regulating USB and Firewire storage devices.

INTRUSION PREVENTION AND ZERO-DAY PROTECTION

Blink provides protection where a vendor has not yet created signatures or patches to protect against vulnerabilities in their operating system or application. Blink blocks “zero-day” attacks that bypass traditional signature-based solutions, eliminating the need or use of specific attack signatures.

FIREWALL PROTECTION

Blink allows or denies traffic based on a set of predetermined rules and it monitors the source of network traffic in real time allowing traffic only from authorized applications.

RETINA CS MANAGEMENT CONSOLE

Combined with the Retina CS console, Blink provides integrated security and compliance management across

Read Full Post »

retinanetworksecurityscanner

Here are the reasons on why you should use Retina Network Security Scanner :

1.Department or enterprise-wide vulnerability assessment

Retina scales to meet the requirements of any size organization and supports scanning in distributed environments using software or appliances.

2. Compliance with industry or federal regulations
Retina helps companies comply with Payment Card Industry (PCI), Federal Desktop Core Configuration (FDCC), Health Insurance Portability and Accountability Act (HIPAA), Sarbanes Oxley (SOX), Gramm-Leach-Bliley Act, Federal Information Security Management (FISM) Act, European Union Data Directive, and others by providing customizable security policies and extensible reports.

3. Identify security risks and eliminate business interruptions
Less sophisticated scanners can crash a server or device as a result of their scanning methods that include running partial or full exploit code. Retina does not run any type of exploit code to conduct a scan and can accurately identify vulnerabilities without compromising a host.

4. Asset and risk identification
Retina can accurately detect and classify all assets within an environment and determine rogue, wireless, and virtual devices connected to the infrastructure. Vulnerability assessment determines which devices pose the greatest risk to the environment from malware to hackers to unauthorized computing devices.

Retina Key Features

  • Reliable, Non-Intrusive Scanning Technology

Most scanners rely on exploit code to test network vulnerabilities, which frequently crashes servers, devices, or even networks in the process. Retina tests without using exploit code and harming your devices and network.

  • Comprehensive and Current Database

The most advanced, comprehensive database available. Critical vulnerabilities are updated within 48 hours of public disclosure. This is three times faster than the leading competition.

  • Superior Research Team

No security vendor can match the expertise of the eEye Research Team. Over the last 10 years, eEye has discovered more critical vulnerabilities than any other research group.

  • Extensive Third-Party Integration Support

Retina’s open architecture allows for integration with third-party applications such as event managers, security information managers, network management systems, call centers and many framework based solutions

  • Best Practice Approach to Vulnerability Assessment

Retina guides users through the logical steps of discovering assets, auditing known vulnerabilities and configuration issues, recommending remediation actions and reporting on the entire vulnerability management process using industry accepted best practices.

  • Unrestricted Asset Discovery

Retina allows for the discovery of a network’s entire infrastructure without restrictions or separate licensing. At a glance, administrators can determine the number and type of hosts on the network and build policies and groups for vulnerability assessment based on the results.

  • Flexible Remediation Reporting

Within the workflow or Retina, users can create targeted reports to identify specific vulnerabilities for remediation by risk, vulnerability, host or even export the data to common file formats for inclusion in other reports and management systems.

  • Wizard Based Customizable Audits

Custom audits help ensure corporate policies with regard to anti-virus installations, file sharing programs, instant messaging,and third party applications are being correctly identified and mitigated.

  • Granular Job Scheduling and Job Duration Support

Administrators can schedule and run multiple scan jobs against multiple targets and groups (business groups, subnets, for example) for scanning at one time, and control when a job must terminate (scan windows) in order not to impact business
requirements like change control windows.

  • Adaptive High-Speed Scanning

Recognized as the fastest security scanner available, Retina can scan an entire Class C network in approximately 15 minutes. Retina scans every machine on your network, all types of operating systems, network devices and third-party or custom applications with extreme accuracy and speed.

Other eEye Solutions

RETINA ENTERPRISE
Do you need to centrally manage and report on distributed network
scanning and vulnerability assessment initiatives?

APPLIANCES
Do you want a turnkey appliance solution or to setup and license
servers on their own?

BLINK ENTERPRISE
Do you want an agent-based vulnerability assessment solution
in lieu of a network-based scanner?

Interested to know more on Retina Product Suites??Please feel free to contact E-SPIN for your inquiry and requirement, so we can assist you on the exact requirement in the packaged solutions that you may required for your operation or project needs.

Read Full Post »

Retina is a powerful unified vulnerability management and compliance solution designed to help organizations of all sizes with vulnerability assessment, mitigation and protection.

eEye Retina Vulnerability Management

Retina, founded from over a decade of technology innovation by eEye’s world renowned security research team, is an integrated end-to-end vulnerability and compliance solution designed to help organizations with protection and compliancy by defining and monitoring relevant IT controls. Retina monitors both patch and configuration vulnerabilities and compliance to pre-defined configuration baselines and provides automated notification of violations. The environment is assessed, capturing established security controls along with any vulnerabilities or configuration violations that impact the network.Detailed reports providing prescriptive guidance and recommendations are then forwarded and response is initiated to ensure that corrective action can be taken in a timely fashion.

Retina’s management console is a fully integrated and complete rich internet-enabled application for security and compliance management. Now you can simplify the management of distributed, complex infrastructures while protecting your mission critical assets from evolving threats with a single unified management system

Benefits and Features
1. Confidently identify all vulnerabilities with the lowest false positive rate in the industry; on average less than 1%

The eEye Research Team provides vulnerability audit update for US Government recognized critical vulnerabilities three times faster than the leading competition. Updates are provided with a service level of 48 hours from public disclosure and are automatically downloaded and incorporated by the solution.

2. Proactively guard against known and newly-identified vulnerabilities with frequent, automated updates from the unrivaled eEye Research Team

Retina can reliably and non-intrusively scan your environment to identify all systems and devices. Essentially, if the device has a TCP/IP address, Retina will scan it and classify it with the highest accuracy in the industry.
3. Quickly identify all machines on your network including rogue, virtual, and wireless devices 

Retina does not scan and test with exploit code and will not crash your systems during a scan. With Retina, you can scan an entire Class C network in approximately 15 minutes using our proprietary Adaptive Speed technology.
4. Safely scan your network without crashing system devices and causing business interruptions

Retina provides an extensive command line, and event forwarding through SNMP, Syslogs, email, and Windows Event Logs to integrate into virtually any network management solution, security information manager, or call center.

5. Extensive third party integration support into your existing infrastructure

Retina does not require high-end or high cost servers to perform vulnerability assessments.

6. The only network vulnerability scanner to be available as an appliance, managed service or software supporting Windows 2000, XP, 2003, Vista, and 2008

Retina does not require high-end or high cost servers to perform vulnerability assessments

Questions to Consider?
1. Do you currently perform network based vulnerability assessment scans?
2. Do you currently have, or are you planning to initiate a vulnerability assessment project as it relates to security or compliance?
3. Do you have resources and budget set aside for this project?
4. Do you have rogue and wireless assets appearing on your network? How do you know?
5. Have you been exploited or attacked due to a missing patch?
6. Do you know the financial impact of being hit with an attack?

As a sole Retina solution distributor in the asia-pac region, E-SPIN have actively in promoting eEye Digital Security full range of products and technologies as part of the company Vulnerability Management solution portfolio – for vulnerability assessment, unified unified vulnerability management and with E-SPIN, we have all the answers to provide the solution to suit your business needs and operation.

The enterprise range from university, government and enterprise IT security professionals on the vulnerability assessment, penetration testing, or IT security company on the security audit and security operation center (SOC) or cyber security / cyber warfare / military security defense operation center unified vulnerability management.

Please feel free to contact E-SPIN for your inquiry and requirement, so we can assist you on the exact requirement in the packaged solutions that you may required for your operation or project needs.

Read Full Post »

Older Posts »