March 2011 Meeting

posted in: Meetings | 0

Talk Title: Decade of IT Security Assessments

As vulnerabilities and threats continue to increase at a daunting pace, so does the demand for performing IT security assessments. This presentation covers the volume of various regulatory compliances associated with assessments and provides examples of policies, configurations, reporting, and recommended optimizations.

The audience will leave the presentation with the following:

  • IT Security assessment policies: Underneath the hood of PCI, HIPAA, FISMA, FDCC, USGCB and other compliances tied to vulnerability assessment, configuration auditing and penetration testing.
  • Optimizing the auditor’s system: Insight on the ideal configuration for assessing heterogeneous networks and applications. Understanding the challenges/limitations when assessments are initiated from various Linux distributions versus, UNIX, Mac and Windows operating systems.
  • Time to perform an assessment: On a daily basis, I am posed the question – How long it takes to perform various assessments. Results are presented from projects and illustrate the various factors that determine speed. This section includes time, dependencies, factors and results from PCI, FDCC, Full and Partial port scans, content scanning and more.
  • What types of assessments are being performed today: Agentless scanning technology has evolved over the years and this section provides an illustration of the valuable scans that can be performed by understanding the policy and configuration.
  • Client Attack/Email Harvesting/Custom Trojan: Illustration of a Client Attack technique by enticing a user to perform an action such as opening an email, visiting a web site, viewing SMS messages and the alike. In addition, we will illustrate inserting a Trojan on CD’s, smart phones and USB Drive’s as a social engineering and security awareness exercise.
  • IT security assessment reporting: Now that the assessment has completed, it is time to prepare for report creation. Understanding the audience that makes sense to their daily operations is important before deciding on what data to include.

Billy Austin, Chief Security Officer, SAINT Corporation

About the speaker: Billy Austin is the Chief Security Officer of SAINT Corporation, the developer of the SAINT Exploit penetration testing tool and industry award winning SAINT Vulnerability Scanner. Mr. Austin is a frequent speaker on vulnerabilities and attacks and was a contributing author to the original SANS/FBI Top 10 Vulnerabilities and has also published the paper “Session Hijacking and Active Sniffing.” Prior to entering the commercial sector, he co-invented the Airsec System and performed security assessments and vulnerability intelligence for US, Mexican and Israeli organizations.