infosec updates v1.0

8/18/2019 InfoSec Updates v1.0

http://slidepdf.com/reader/full/infosec-updates-v10 1/38

InfoSec Updates

n o ec p atesCyber Security Trends, VulnerabilityAssessment & Penetration Testing,Secure SDLC, Incident esponse, Digital!orensics & SI"#

v1.0



InfoSec Updates

$%A#I

Semi Yulianto // [email protected] Security Practitioner#CP, #CSA, #CS", #CD'A, #CTS, #CITP, #CT, CC(A, CC(P, CCA, CI$)P, CI$)SA, C"%, C%!I,"CSA, "CSP, "DP, C"I, SSCP, CISSP, CASP, CSSLP, CISA, CIS#

"C)Council 'est Trainer f T*e +ear --. /Asia Paci0c1 & Instructor of "2cellence -3-/Asia Paci0c1

3st an4 Distinguis*ed Spea4er 5 SecureAsia --. /Asia Paci0c1

CompTIA Security6 Sub7ect #atter "2pert /S#"1 -38 9 -3:

/ISC1 Aut*ori;ed <cial Training Instructor -3: 9 -3=

Tec*nical $riter and e>ie?er for Pac4t Publis*ing /U@1, PenTest #aga;ine /Poland1 & CIS#aga;ine Indonesia

Aut*or of Writing an Efective Penetration Testing Report B 5 PenTest #aga;ine

/Poland1 IS Security Auditor, Penetration Tester, "t*ical %ac4er, !orensics Analyst & Cyber Crime"2pert Ad>isor

Senior Tec*nical Trainer ?it* egional and International e2perience /Indonesia, #alaysia,Singapore, T*ailand, '*utan, P*ilippines, Saudi Arabia9@SA, Tunisia & Sout* @orea, etc1

ood trac4 of record in deli>ering IT Security courses & consulting ser>ices to POLRI,KEMENHAM, BMKG, BASARNAS, BI, CIMB Bank, Bank Danamon, BCA, QNB, PANIN Bank,

Astra International (Inonesia!, B"#tan Ro$al Poli%e (&"ailan'B"#tan!, &N&EL (&#nisia!,SAAB ) Ati*ari Bank (KSA!, S Air +or%e (So#t" Korea!, HP +orti$ &eam (P"ili--ines ) SA!,DELL Asia Pa%i.% (Mala$sia! etc



InfoSec Updates

Agenda

IntroductionCyber

Security Trends

Penetration Testing

%ac4ing &Pen)Test

Li>e D"#



InfoSec Updates

INTRODUCTION

INTRODUCTION



InfoSec Updates

Introduction E Information

Information is the new currency of business, with instant accessibility

across international, corporate and organizational boundaries. Most of theworld is now connected via the internet. While this has enabled globalconnectivity and business growth, it has also fostered cyber modification,theft and destruction.

The increasing severity and number of attacks means that companieswithout adequate protection programs and systems are extremelyvulnerable. Attacks on information assets, whether malicious orinadvertent, can seriously disable or destroy an organization by damaging operations, brand and financial stability.



InfoSec Updates

Introduction E Information Security

Information security, sometimes shortened to nfo!ec, is the practice of

defending information from unauthorized access, use, disclosure,disruption, modification, perusal, inspection, recording or destruction. t isa general term that can be used regardless of the form the data may take#e.g. electronic, physical$.

%ata theft, damage to databases and other types of cybercrimes pose animmense threat to businesses and organizations of all kinds today. Asuccessful attack can cost huge sums of money and destroy reputations,along with years of work. With so much at stake, it is imperative thatleaders acknowledge and respond to the new and intensified threats ofcomputer security flaws.

The best prevention is to have a strong defensive plan, communicatethe policies and provide risk training.


http://slidepdf.com/reader/full/infosec-updates-v10 7/38InfoSec Updates

Information Security E Defense In Dept*



CYBER SECURITY

TRENDS

CYBER SECURITY

TRENDS



Cyber Security Trends E -38

n late &'(), most companies are devoting renewed energy to bolstering

their cybersecurity measures. The awareness that digital information is atrisk extends across businesses of all sizes as well as to private citizens,who have become much less complacent over the past year.

A sense of urgency about digital security is fueled not *ust by thewidespread occurrence of data theft by hackers, but also via the ongoingconcern for privacy issues driven by disclosures of extensive informationgathering.

n response to these threats, companies are taking a variety of steps, andthe digital security industry is seeing strong growth and innovation.



Cyber Security Trends E #a7or Security %appenings in -38



Cyber Security Trends E Ad>anced Persistent T*reat /APT1



InfoSec Updates

Cyber Security Trends E #al?are



InfoSec Updates

Cyber Security Trends E Attac4s Types



InfoSec Updates

Cyber Security Trends E Data 'reac* In>estigation eport



InfoSec Updates

Cyber Security Trends E Data 'reac* C*aracteristics



InfoSec Updates

Cyber Security Trends E $eb %ac4ing Incident Database /$%ID1



InfoSec Updates

Cyber Security Trends E $eb %ac4ing Incident /"2ample1



InfoSec Updates

Cyber Security Trends E T)Anonymi;ed Crac4do?n



InfoSec Updates

Cyber Security Trends E %eartbleed 'ug /penSSL1



InfoSec Updates

Cyber Security Trends E PDL"bleed /SSL >81



InfoSec Updates

Cyber Security Trends E #ost $idespread Vulns in $eb App



InfoSec Updates

Cyber Security Trends E Vulnerability rigin /$eb App1



InfoSec Updates

Cyber Security Trends E -3:

!ecurity firms across the industry reported the following trends in

&'(+ surrounding data protection and cybersecurity

-nhanced use of encryption ncreased scrutiny of internal data use esistance to cloud technology

isk assessment and software analysis More destructive attacks ising levels of smartphone malware /ld fashioned phishing and hacking of individual users More sophisticated malware

Active defense 0ollowing up on network threats 1irtualization 2 cloud computing security



InfoSec Updates

Cyber Security Trends E Infograp*ics



InfoSec Updates

Due Care) Due Diligent E Secure SDLC



InfoSec Updates

Due Care) Due Diligent E #icrosoft SDL



InfoSec Updates

Due Care) Due Diligent E Incident esponse



InfoSec Updates

Due Care) Due Diligent E Digital !orensics



InfoSec Updates

Due Care) Due Diligent E SI"#



InfoSec Updates

PENETRATION

TESTING

PENETRATION

TESTING



InfoSec Updates

Penetration Testing E De0nition

A penetration test is a proactive and authorized attempt to evaluate the

security of an T infrastructure by safely attempting to exploit systemvulnerabilities, including /!, service and application flaws, improperconfigurations, and even risky end3user behavior. !uch assessments arealso useful in validating the efficacy of defensive mechanisms, as well asend3users4 adherence to security policies.

5enetration tests are typically performed using manual or automatedtechnologies to systematically compromise servers, endpoints, webapplications, wireless networks, network devices, mobile devices and otherpotential points of exposure. /nce vulnerabilities have been successfullyexploited on a particular system, testers may attempt to use thecompromised system to launch subse6uent exploits at other internalresources, specifically by trying to incrementally achieve higher levels ofsecurity clearance and deeper access to electronic assets and informationvia privilege escalation.



InfoSec Updates

Penetration Testing E Purpose

nformation about any security vulnerabilities successfully

exploited through penetration testing is typically aggregated andpresented to T and network systems managers to help thoseprofessionals make strategic conclusions and prioritize relatedremediation efforts.

The fundamental purpose of penetration testing is to measure thefeasibility of systems or end3user compromise and evaluate anyrelated conse6uences such incidents may have on the involvedresources or operations.



InfoSec Updates


Why erform enetration !esting"

!ecurity breaches and service interruptions are costly t is impossible to safeguard all information, all the time 5enetration testing identifies and prioritizes security risks

#enefit of enetration !esting"

ntelligently manage vulnerabilities Avoid the cost of network downtime Meet regulatory re6uirements and avoid fines 5reserve corporate image and customer loyalty



InfoSec Updates


$o% &ften Should You erform en-!est"

/n a regular basis to ensure more consistent T and networksecurity management by revealing how newly discovered threatsor emerging vulnerabilities may potentially be assailed byattackers, or whenever

7ew network infrastructure or applications are added !ignificant upgrades or modifications are applied to

infrastructure or applications 7ew office locations are established !ecurity patches are applied

-nd user policies are modified



InfoSec Updates

HACKING &

PENETRATIONTESTING LIVE DEMO

HACKING &

PENETRATIONTESTING LIVE DEMO



InfoSec Updates

%ac4ing & Penetration Testing E D"#

'et%ork Infrastructure ()ata *enter+Attacking 5asswords on Multiple 8osts

1ulnerability -xploitation #Manual 2 Automated$

We, pplication $acking

Web Application 1ulnerability dentificationWeb Application -xploitation #Manual$

*lient-Side (nd-ser+ $acking

9ocal 5rivilege -scalation5hishing #!ocial -ngineering$ with Malicious 0iles



f S d

Summary E F&A Session

Question?

infosec updates v1.0

Documents