Network Security Assessment: From Vulnerability to Patch

This book will take readers from the discovery of vulnerabilities and the creation of the corresponding exploits, through a complete security assessment, all the way through deploying patches against these vulnerabilities to protect their networks.

This is unique in that it details both the management and technical skill and tools required to develop an effective vulnerability management system. Business case studies and real world vulnerabilities are used through the book. It starts by introducing the reader to the concepts of a vulnerability management system. Readers will be provided detailed timelines of exploit development, vendors time to patch, and corporate path installations. Next, the differences between security assessment s and penetration tests will be clearly explained along with best practices for conducting both. Next, several case studies from different industries will illustrate the effectiveness of varying vulnerability assessment methodologies. The next several chapters will define the steps of a vulnerability assessment including: defining objectives, identifying and classifying assets, defining rules of engagement, scanning hosts, and identifying operating systems and applications. The next several chapters provide detailed instructions and examples for differentiating vulnerabilities from configuration problems, validating vulnerabilities through penetration testing. The last section of the book provides best practices for vulnerability management and remediation.

• Unique coverage detailing both the management and technical skill and tools required to develop an effective vulnerability management system
• Vulnerability management is rated the #2 most pressing concern for security professionals in a poll conducted by Information Security Magazine
• Covers in the detail the vulnerability management lifecycle from discovery through patch.

About the Authors

Steve Manzuik currently holds the position of Senior Manager, Security Research at Juniper Networks. He has more than 14 years of experience in the information technology and security industry, with a particular emphasis on operating systems and network devices. Prior to joining Juniper Networks, Steve was the Research Manager at eEye Digital Security and in 2001, he founded and was the technical lead for Entrench Technologies. Prior to Entrench, Steve was a manager in Ernst & Young’s Security & Technology Solutions practice, where he was the solution line leader for the Canadian Penetration Testing Practice. Before joining Ernst & Young, he was a security analyst for a world wide group of white hat hackers and security researchers on BindView RAZOR Team.

Steve has co-authored Hack Proofing Your Network, Second Edition (Syngress Publishing, 1928994709). In addition, he has spoken at Defcon, Black Hat, Pacsec, and CERT conferences around the world and has been quoted in industry publications including CNET, CNN, InfoSecurity Magazine, Linux Security Magazine, Windows IT Pro and Windows Magazine.

André Gold is currently the Director of Information Security at Continental Airlines, one of the world’s largest and most successful commercial and freight transportation providers. André was appointed to this position by the company’s former CIO, making him the first person to hold this post in the company’s 50-year history. As the Director of Information Security, André has established a risk-based information security program based in part on increasing the security IQ of over 42,000 employees and protecting the over $2.5 billion continental.com property.

As an identified security practitioner, André has been featured in SC, Information Security, and CSO Magazine. André also presents at or participates in industry-related events. In 2006 André was named an Information Security 7 award winner in the retail sector, for his security contributions in the start-up and air transportation markets.

Before assuming his current role, André served as Technical Director of Internet and Network Services. In this role, he built and was responsible for Continental’s infrastructure and continental.com property; a property which accounts for close to 25% of the company’s revenue.

In addition to his position at Continental, André served on the Microsoft Chief Security Officer Council, the Skyteam Data Privacy and Security Subcommittee, Goldman Sachs’ Security Council, as well as eEye Digital Security’s and ConSentry Networks’ Executive Advisory Councils.

Chris Gatford works for Pure Hacking Ltd. in Sydney, Australia as a Senior Security Consultant performing penetration tests for organizations all around the world. Chris has reviewed countless IT environments and has directed and been responsible for numerous security assessments for a variety of corporations and government departments.

Chris is an instructor for the Pure Hacking OPST course and in his previous role at Ernst & Young he was the lead instructor for eXtreme Hacking course. In both these roles Chris has taught the art of professional hacking to hundreds of students from global organizations.

Chris is a frequent speaker at many security related conferences (most recently presenting at AusCERT 2006). He is a member of several security professional organizations and is a Certified Information Systems Security Professional.