BACK TO BASICSin security means:
- Cheaper - most "advanced", "intelligent", "heuristic", "visionary", or "next gen" offerings are very expensive burnt offerings. The illuminaries behind such ventures know that their offering is of poor quality or doesn't deliver in line with the price tag, but they don't care. They paid off the VC and then some, and can now be found on a beach somewhere nice.
- We seek to help clients who are interested in saving money and also sleeping better at night. There's plenty of consultancies who will help use your security budget (therein help to get a higher budget in the next financial year), if cheaper is not what you seek.
- Recent high profile incidents, such as Wannacry, are defeatable with back-to-basics tech from 1995. You probably already have the means to manage risks from ransomware and other such threats.
- Of course not all new concepts are duds. Some are worth resource investment, and we will help you with those.
Detect perimeter changes before hackers detect them!
If your network perimeter changes unexpectedly, that's unlikely to be a good thing. What is the cause?
- Unauthorised change?
- Steve in networking misconfigured a firewall?
- Hacker's shell?
- Shadow IT?
- Rogue device?
- Post-M&A networking headaches?
Oracle Database Security Assessment
Authenticated vulnerability scanning for auditing, with a tests library based on 20 years of Oracle Database Security assessment.
- Oracle Database versions 10g, 11g, and 12c are supported.
- Vulnerability assessment - covering usual compliance requirements for PCI-DSS, HIPAA, etc.
- Covers TNS listener, auditing, passwords, user accounts and privileges, typical default security issues, and many more.
Latest Blog Post
What Is Your VA Scanner Really Doing?
April 20, 2021, 1:05 p.m.
It's clear from social media and first hand reports, that the awareness of what VA (Vulnerability Assessment) scanners are really doing in testing scenarios is quite low. So I setup up a test box with Ubuntu 18 and exposed some services which are well known to the hacker community and also still popular in production business use cases: Secure Shell (SSH) and an Apache web service.
This post isn't an attack on VA products at all. It's aimed at setting a more healthy expectation, and I will cover a test scenario with a packet sniffer (Wireshark), Nessus Professional, and OpenVAS, that illustrates the point.
I became aware 20 years ago, from validating VA scanner output, that a lot of what VA scanners barf out is alarmist (red flags, CRITICAL [fix NOW!]) and also based purely on guesswork - when the scanner "sees" a service, it grabs a service banner (e.g. "OpenSSH 7.6p1 Ubuntu 4ubuntu0.3"), looks in its database for public disclosed vulnerability with that version, and flags vulnerability if there are any associated CVEs. Contrary to popular belief, there is no actual interaction in the way of further investigating or validating vulnerability. All vulnerability reporting is based on the service banner. So if i change my banner to "hi OpenVAS", nothing will be reported. And in security, we like to advise hiding product names and versions - this helps with drive-by style automated attacks, in a much more effective way than for example, changing default service ports.
Security De-engineering, published by Taylor Francis, covers ubiquitous problems in information security and offers a solution in the final chapter
Areas covered: Penetration testing, Hackers, CASEs (Checklists and Standards Evangelists), IDS, Cloud Security, jobs in security, Identity Management, and organisational elements.