Consulting Services

BACK TO BASICS

in security means:
  • Cheaper - most "advanced", "intelligent", "heuristic", "visionary", or "next gen" offerings are very expensive burnt offerings. The illuminaries behind such ventures know that their offering is of poor quality or doesn't deliver in line with the price tag, but they don't care. They paid off the VC and then some, and can now be found on a beach somewhere nice.
  • We seek to help clients who are interested in saving money and also sleeping better at night. There's plenty of consultancies who will help use your security budget (therein help to get a higher budget in the next financial year), if cheaper is not what you seek.
  • Recent high profile incidents, such as Wannacry, are defeatable with back-to-basics tech from 1995. You probably already have the means to manage risks from ransomware and other such threats.
  • Of course not all new concepts are duds. Some are worth resource investment, and we will help you with those.

Check our service offerings and profile.

Software

Netdelta

Detect perimeter changes before hackers detect them!

If your network perimeter changes unexpectedly, that's unlikely to be a good thing. What is the cause?

  • Unauthorised change?
  • Steve in networking misconfigured a firewall?
  • Hacker's shell?
  • Shadow IT?
  • Rogue device?
  • Post-M&A networking headaches?

More details...

Musang

Oracle Database Security Assessment

Authenticated vulnerability scanning for auditing, with a tests library based on 20 years of Oracle Database Security assessment.

  • Oracle Database versions 10g, 11g, and 12c are supported.
  • Vulnerability assessment - covering usual compliance requirements for PCI-DSS, HIPAA, etc.
  • Covers TNS listener, auditing, passwords, user accounts and privileges, typical default security issues, and many more.

More details...

Contact Us

Name *
Email *
Message *

Security Macromorphosis

Sacred Cows

Latest Blog Post

 

What Is Your VA Scanner Really Doing?

April 20, 2021, 1:05 p.m.

 

It's clear from social media and first hand reports, that the awareness of what VA (Vulnerability Assessment) scanners are really doing in testing scenarios is quite low. So I setup up a test box with Ubuntu 18 and exposed some services which are well known to the hacker community and also still popular in production business use cases: Secure Shell (SSH) and an Apache web service.

This post isn't an attack on VA products at all. It's aimed at setting a more healthy expectation, and I will cover a test scenario with a packet sniffer (Wireshark), Nessus Professional, and OpenVAS, that illustrates the point.

I became aware 20 years ago, from validating VA scanner output, that a lot of what VA scanners barf out is alarmist (red flags, CRITICAL [fix NOW!]) and also based purely on guesswork - when the scanner "sees" a service, it grabs a service banner (e.g. "OpenSSH 7.6p1 Ubuntu 4ubuntu0.3"), looks in its database for public disclosed vulnerability with that version, and flags vulnerability if there are any associated CVEs. Contrary to popular belief, there is no actual interaction in the way of further investigating or validating vulnerability. All vulnerability reporting is based on the service banner. So if i change my banner to "hi OpenVAS", nothing will be reported. And in security, we like to advise hiding product names and versions - this helps with drive-by style automated attacks, in a much more effective way than for example, changing default service ports.

Read on ...

Publication

Security DeEngineering

Security
De-engineering

 

 

Security De-engineering, published by Taylor Francis, covers ubiquitous problems in information security and offers a solution in the final chapter

Areas covered: Penetration testing, Hackers, CASEs (Checklists and Standards Evangelists), IDS, Cloud Security, jobs in security, Identity Management, and organisational elements.

 

Partners

Literatecode

Literatecode

 

 

Literatecode was established in 2003 as an informal R&D lab and reorganized to a registered business in 2012.

Literatecode specializes in applied research and experimental development to help companies and individuals defend themselves against security threats.