• Home

  • Documents

  • Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL?...
14
Open Source Security SECURITY POVERTY AND THE SMALL ENTERPRISE LEE V. MANGOLD JANUARY2014

Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL? •Coined by Wendy Nather, 451 Research •Little-to-no security budget •No new

  • Upload
    others

  • View
    5

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL? •Coined by Wendy Nather, 451 Research •Little-to-no security budget •No new

Open Source SecuritySECUR IT Y POVER T Y AND T HE SMALL ENT ER PRISE

L E E V. MA NG O LDJ A NUA R Y20 14

Page 2: Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL? •Coined by Wendy Nather, 451 Research •Little-to-no security budget •No new

About me…

• 15 years in computer & information security

• VP @ Central Florida ISSA

• VP @ Florida Cyber Alliance

• President @ LVM Engineering, Inc.

• Sr. Security Researcher @ DAS, Inc.

• Information Assurance Security Officer @ US Army ARL

• CyberPatriot Mentor

• CISSP, CEH, GSLC, ITIL-3, PMP…

Page 3: Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL? •Coined by Wendy Nather, 451 Research •Little-to-no security budget •No new

The Security Poverty Line (SPL)

• What is the SPL?

• Coined by Wendy Nather, 451 Research

• Little-to-no security budget

• No new capital for IT or security

• No new software

• No IDS/IPS licenses

• No upgrades

• Once you fall below the line, it’s difficult to come back.

• Small businesses do this every-single-day!

Page 4: Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL? •Coined by Wendy Nather, 451 Research •Little-to-no security budget •No new

Open Source ≠ Free

Page 5: Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL? •Coined by Wendy Nather, 451 Research •Little-to-no security budget •No new

Addressing the SPL with Open Source Software

P R O

• Open Source Security software can fill the gaps

• OSS Tools are often as good as commercial counterparts

• Very mature tools, some with paid support

• The price is right… **

CO N

• Open Source ≠ Free!

• Open Source defensive security tools can lag behind paid tools

• Open Source support is usually non-existent

Page 6: Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL? •Coined by Wendy Nather, 451 Research •Little-to-no security budget •No new

FOSS Assisted Processes

• Network Discovery

• Domain Services

• Vulnerability Scanning

• Availability Monitoring

• Intrusion Detection System and Monitoring

• Event Log Management

Page 7: Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL? •Coined by Wendy Nather, 451 Research •Little-to-no security budget •No new

IDS&

Log Monitor

Network Monitoring

Vulnerability Scanner

Domain Services

Admin Box(W7)

Domain Member

(W7)

Domain Member

(W7)

Domain Member

(XP)

Linux Server(CentOS)

Production Network

Management Network

Demonstration Network

Page 8: Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL? •Coined by Wendy Nather, 451 Research •Little-to-no security budget •No new

Network Discovery

The Dude

http://www.mikrotik.com/thedude

http://www.mikrotik.com/thedude
Page 9: Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL? •Coined by Wendy Nather, 451 Research •Little-to-no security budget •No new

Domain Services

Samba4 (SerNet) and RSAT

http://www.samba.org | http://www.enterprisesamba.com | http://www.microsoft.com

http://www.samba.org/
http://www.enterprisesamba.com/
http://www.microsoft.com/
Page 10: Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL? •Coined by Wendy Nather, 451 Research •Little-to-no security budget •No new

Vulnerability Scanning

OpenVAS

http://www.openvas.org/

Includes• Nmap• Nikto• Ike-scan• Snamwalk• Amap• Ldapsearch• SLAD

• John the Ripper• Chkrootkit• LSOF• ClamAV• Tripwire• TIGER• Logwatch• etc...

• Ovaldi• PNScan• Port Bunny• W3af

http://www.openvas.org/
Page 11: Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL? •Coined by Wendy Nather, 451 Research •Little-to-no security budget •No new

IDS and Event Monitoring

Security Onion

http://securityonion.net

Included• Snort• Securita• Bro• ELSA• Squil• Squert• Snorby• CamMe• OSSEC• NetworkMiner• Argus• Driftnet• Much more…

http://securityonion.net/
Page 12: Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL? •Coined by Wendy Nather, 451 Research •Little-to-no security budget •No new

Availability Monitoring

Nagios via Fully Automated Nagios

http://www.fullyautomatednagios.org/

http://www.fullyautomatednagios.org/
Page 13: Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL? •Coined by Wendy Nather, 451 Research •Little-to-no security budget •No new

Other stuff worth your time…

• AppSec: RIPS (PHP), SonarQube

• A/V: Microsoft Security Essentials, Comodo, Avast, etc…

• Backup: BackupPC

• Support: RT, Jira($), OSTicket, etc…

Page 14: Open Source Security - ISSA International · The Security Poverty Line (SPL) •What is the SPL? •Coined by Wendy Nather, 451 Research •Little-to-no security budget •No new

Questions?


Spl Vawc Final

Spl Vawc Final

Documents
spl. # BRITTNEY

spl. # BRITTNEY

Documents
SPL Primer

SPL Primer

Technology
DEDICATED TO SPEECH - assets.sennheiser.com SpeechLine DW. SL BODYPACK DW Intuitive handling, perfect transmission. SL HEADMIC 1 ... Max. SPL 152 dB SPL 142 dB SPL 142 dB SPL BATTERY

DEDICATED TO SPEECH - assets.sennheiser.com SpeechLine DW. SL BODYPACK DW Intuitive handling, perfect transmission. SL HEADMIC 1 ... Max. SPL 152 dB SPL 142 dB SPL 142 dB SPL BATTERY

Documents
SPL thermal studies

SPL thermal studies

Documents
Survey for SPL

Survey for SPL

Documents
Critic SPL

Critic SPL

Documents
Spl Explanation

Spl Explanation

Documents
SPL Engineering

SPL Engineering

Documents
Womns day spl

Womns day spl

Documents
SPL - Crimson

SPL - Crimson

Documents
Spec Security Power SPL 12-40 (12V40AH) Security Power SPL 12-40 (12V40A… · Title: Spec Security Power SPL 12-40 (12V40AH).cdr Author: Дмитрий Иванов Created Date:

Spec Security Power SPL 12-40 (12V40AH) Security Power SPL 12-40 (12V40A… · Title: Spec Security Power SPL 12-40 (12V40AH).cdr Author: Дмитрий Иванов Created Date:

Documents
Pillbox SPL training

Pillbox SPL training

Health & Medicine
Spl 15.16.bioremidiasi

Spl 15.16.bioremidiasi

Environment
spl sawdjaan

spl sawdjaan

Documents
Calamos Investments (SPL)

Calamos Investments (SPL)

Documents
SPL Implementation Guide for FDA Content of Labeling ...xml.coverpages.org/SPL-Implement200412.pdf · SPL Implementation Guide for FDA Content of Labeling Submissions Release 1 SPL

SPL Implementation Guide for FDA Content of Labeling ...xml.coverpages.org/SPL-Implement200412.pdf · SPL Implementation Guide for FDA Content of Labeling Submissions Release 1 SPL

Documents
SPL power coupler

SPL power coupler

Documents
SPL/2010 Test-Driven Development (TDD) 1. SPL/2010 2

SPL/2010 Test-Driven Development (TDD) 1. SPL/2010 2

Documents
MULTIMODE DIGITAL BOTTOM PORT SISONIC MICROPHONE - … · 0.1 1 10 100 1,000 10,000 THD (%) Frequency (Hz) 94dB SPL 115dB SPL 120dB SPL 125dB SPL 132dB SPL 0.1 1 10 90 100 110 120

MULTIMODE DIGITAL BOTTOM PORT SISONIC MICROPHONE - … · 0.1 1 10 100 1,000 10,000 THD (%) Frequency (Hz) 94dB SPL 115dB SPL 120dB SPL 125dB SPL 132dB SPL 0.1 1 10 90 100 110 120

Documents
Security at the Speed of Development: Featuring Wendy Nather, 451 Research Analyst

Security at the Speed of Development: Featuring Wendy Nather, 451 Research Analyst

Technology
SPL-P15218121813280 · 2018. 12. 18. · Title: SPL-P15218121813280 Created Date: 20181218132840Z

SPL-P15218121813280 · 2018. 12. 18. · Title: SPL-P15218121813280 Created Date: 20181218132840Z

Documents
Nather And Furst Rubin Rise To The Challenge At CBLM ...barbarastrawson.com/images/pdf/CBLM-Champs.pdf · 82. The. Chronicle. of the. Horse. Nather And Furst Rubin Rise To The Challenge

Nather And Furst Rubin Rise To The Challenge At CBLM ...barbarastrawson.com/images/pdf/CBLM-Champs.pdf · 82. The. Chronicle. of the. Horse. Nather And Furst Rubin Rise To The Challenge

Documents
SPL 4000 (SPL 9000) - Nussbaum lifts · Operating Instruction and Documentation SPL 4000 (SPL 9000) - 3 - Foreword Nussbaum-Lifts are a result of long-standing experiences. The high

SPL 4000 (SPL 9000) - Nussbaum lifts · Operating Instruction and Documentation SPL 4000 (SPL 9000) - 3 - Foreword Nussbaum-Lifts are a result of long-standing experiences. The high

Documents
Zonex Enclosures - The Future of Connection and Protection ...Terminal block marking /SPL Enclosure tagging /SPL Drains and breathers /SPL Paint /SPL Silicone gasket /SPL Change ¼-turn

Zonex Enclosures - The Future of Connection and Protection ...Terminal block marking /SPL Enclosure tagging /SPL Drains and breathers /SPL Paint /SPL Silicone gasket /SPL Change ¼-turn

Documents
Spl 100107093247-phpapp01

Spl 100107093247-phpapp01

Technology
Spl Crimson Manual

Spl Crimson Manual

Documents
spl digest2.arrests

spl digest2.arrests

Documents
Cryomodule SPL

Cryomodule SPL

Documents
Series SPL- 800 Ultra SPL-1000 Ultra SPL-1200 Ultra

Series SPL- 800 Ultra SPL-1000 Ultra SPL-1200 Ultra

Documents