advanced security testing in the age of cyber war
DESCRIPTION
Aswath Mohan & Ankur Chadda discuss why an advanced security testing strategy is an essential component in preparing for the onslaught of cyber-attacks. Learn more about security testing: http://bit.ly/P5cTXzTRANSCRIPT
![Page 1: Advanced Security Testing in the Age of Cyber War](https://reader035.vdocuments.net/reader035/viewer/2022062614/54624da4b1af9f92238b4e5b/html5/thumbnails/1.jpg)
PROPRIETARY AND CONFIDENTIAL
Oct 11, 2012
Advanced Security Testing In The Age of Cyber War
![Page 2: Advanced Security Testing in the Age of Cyber War](https://reader035.vdocuments.net/reader035/viewer/2022062614/54624da4b1af9f92238b4e5b/html5/thumbnails/2.jpg)
2PROPRIETARY AND CONFIDENTIAL
Cyber Security Market Trends
Growth of Targeted Attacks
Rise of Social Engineering
CaaS – Crime as a Service
![Page 3: Advanced Security Testing in the Age of Cyber War](https://reader035.vdocuments.net/reader035/viewer/2022062614/54624da4b1af9f92238b4e5b/html5/thumbnails/3.jpg)
3PROPRIETARY AND CONFIDENTIAL
Between 2005 to 2011 the number of targeted attacks rose by a factor of:• 10
• 50
• 500
• 1000
In 2005 the number of targeted attacks detected by Symantec.cloud was 1 per week. In Nov 2011 it was 95 per day
Rapid Increase In Targeted Attacks
![Page 4: Advanced Security Testing in the Age of Cyber War](https://reader035.vdocuments.net/reader035/viewer/2022062614/54624da4b1af9f92238b4e5b/html5/thumbnails/4.jpg)
4PROPRIETARY AND CONFIDENTIAL
Report indicates that a large % of people reused passwords or the passwords were very similar:• 55 %
• 75 %
• 95 %
University of Cambridge study found that 75% of users shared passwords between two separate accounts
Social Engineering Is The Main Attack Vector
![Page 5: Advanced Security Testing in the Age of Cyber War](https://reader035.vdocuments.net/reader035/viewer/2022062614/54624da4b1af9f92238b4e5b/html5/thumbnails/5.jpg)
5PROPRIETARY AND CONFIDENTIAL
The price for one exploit is as high as $250K • iOS
• Chrome
• Windows
• Microsoft Word
A Bangkok based security researcher with a handle called ‘The Grugq’ sold an iOS exploit for $250K. He is on track to make over $1M this year.
The Growth Of The Zero Day Market
![Page 6: Advanced Security Testing in the Age of Cyber War](https://reader035.vdocuments.net/reader035/viewer/2022062614/54624da4b1af9f92238b4e5b/html5/thumbnails/6.jpg)
7PROPRIETARY AND CONFIDENTIAL
Accurate• Test with the latest attacks and vulnerabilities
• Discover unknown weaknesses in software
Agile• Recreate new apps and attacks immediately
• Leverage new threat profiles
Simple• Intuitive workflow for ease-of-use and adoption
• Auto-generate test cases using Studio
Requirements for Advanced Security Testing
![Page 7: Advanced Security Testing in the Age of Cyber War](https://reader035.vdocuments.net/reader035/viewer/2022062614/54624da4b1af9f92238b4e5b/html5/thumbnails/7.jpg)
8PROPRIETARY AND CONFIDENTIAL
1,000s of ready-to-run tests Continuous stream of the latest attacks and apps Multiple end–points (iPhone, PC, Android) & versions (Skype v5.3.0.8)
8
Spirent TestCloud – Apps & Security Test Store
![Page 8: Advanced Security Testing in the Age of Cyber War](https://reader035.vdocuments.net/reader035/viewer/2022062614/54624da4b1af9f92238b4e5b/html5/thumbnails/8.jpg)
10PROPRIETARY AND CONFIDENTIAL
DEMO 1 – Let’s Discover A Zero Day in Jabber
![Page 9: Advanced Security Testing in the Age of Cyber War](https://reader035.vdocuments.net/reader035/viewer/2022062614/54624da4b1af9f92238b4e5b/html5/thumbnails/9.jpg)
11PROPRIETARY AND CONFIDENTIAL
DEMO 2 – Now Let’s Unleash Attacks At Scale
![Page 10: Advanced Security Testing in the Age of Cyber War](https://reader035.vdocuments.net/reader035/viewer/2022062614/54624da4b1af9f92238b4e5b/html5/thumbnails/10.jpg)
PROPRIETARY AND CONFIDENTIAL
Thank you