Tag Archives: Qualys

PHDays VII: To Vulnerability Database and beyond

3 Replies

PHDays VII: To Vulnerability Database and beyond. Last Tuesday and Wednesday, May 23-24, I attended PHDays VII conference in Moscow. I was talking there about vulnerability databases and the evolution process of vulnerability assessment tools, as far as I understand it.

To Vulnerability Database and beyond

But first of all, a few words about the conference itself. I can tell that since the last year the event got even better. I’ve seen lot of new faces. Some people I didn’t know, but they knew me by my blog and accounts in social networks. What a strange, strange time we live in! I was very pleased to see and to talk with you all, guys! 🙂

PHDays is one of the few events that truly brings all Russian community of security professionals together. I’ve seen people I have studied with in university, colleagues from the all places where I have been worked, and nearly all researchers and security practitioners that I follow. Big thanks for the organizers, Positive Technologies, for such an amazing opportunity!

It is also a truly international event. You can see speakers from all over the world. And all information is available both in Russian and English. Almost all slides are in English. Three parallel streams of reports, workshops and panel discussions were dubbed by professional simultaneous interpreters, like it is a United Nations sessions or something, recorded and broadcast live by the team of operators and directors. Final result looks really great.

Video of my presentation:

I was talking too fast and used some expressions that was hard to translate. The translator, however, did an awesome job. He is my hero! 🙂 If you didn’t understand something on video, I made a transcript bellow.

A version without translation for Russian-speakers is here.

Slides:

Unfortunately gif animation is not working in the Slideshare viewer.

Today I would like to discuss vulnerability databases and how vulnerability assessment systems has been evolving. Prior to discussing vulnerability databases I need to say that any vulnerability is just a software error, a bug, that allowing hacker to do some cool things. Software developers and vendors post information about such vulnerabilities on their websites. And there are tons and tones of vendors, and websites, and software products, and vulnerabilities.

Continue reading

New vulnersBot for Telegram with advanced searches and subscriptions

1 Reply

New vulnersBot for Telegram with advanced searches and subscriptions. Vulners.com team have recently presented a new version of vulnerability intelligence bot for Telegram messenger. Now you can search for vulnerabilities and other security content by talking with bot.

Searches

For example, I’ve heard about new critical vulnerability in Samba called SambaCry by analogy with famous WannaCry. Let’s see what Vulners knows about it.

SambaCry Vulners Bot Search

Ok, I see it has id CVE-2017-7494. Do we have exploits related to this vulnerability?
cvelist:CVE-2017-7494 AND bulletinFamily:”exploit”

Continue reading

My comments on Forrester’s “Vulnerability Management vendor landscape 2017”

1 Reply

My comments on Forrester’s “Vulnerability Management vendor landscape 2017”. A top consulting company, Forrester Research, recently published report “Vendor Landscape: Vulnerability Management, 2017“. You can read for free by filling a small form on Tenable web site.

Forrester Vendor Landscape: Vulnerability Management, 2017

What’s interesting in this document? First of all, Josh Zelonis and co-authors presented their version of VM products  evolution. It consists of this steps (I have reformulated them a bit for the copyright reasons) :

  1. Initial fear of automated vulnerability assessment tools
  2. Mid-1990s and first productized offerings
  3. Authenticated scanning dramatically improved accuracy of scans
  4. Application scanning (DAST)
  5. Security assessment of software containers and DevOps in general.

As you see, the last one is about containerization. And it is now presented only in Tenable.io/FlawCheck. 😉

Continue reading

Rapid7 Nexpose in 2017

3 Replies

Rapid7 Nexpose in 2017. Last year I tested Rapid7 Nexpose and wrote two posts about installation and use of Nexpose Community Edition and Nexpose API. I didn’t follow news of this vendor for a about year. Today I watched live demo of Nexpose latest version. It has some new interesting features, improvements and ideas, that I would like to mention.

Rapid7 Nexpose in 2017

And of course, things that sales people say to you should be always taken with some skepticism. Only concrete implementation tested in your environment matters. But they usually mention some useful ideas that can be perceived independently from the products they promote.
Continue reading

Selenium, SikuliX and Social Network posting

2 Replies

Selenium, SikuliX and Social Network posting. The last post was about SikuliX. It’s fair to say that it’s not optimal for web applications automation. For such applications, it’s better to use something, that will natively work with your web-browse. The first solution that comes to mind is, of course, Selenium.

Selenium is a portable software-testing framework for web applications. Selenium provides a record/playback tool for authoring tests without the need to learn a test scripting language.

This app is released under the Apache 2.0 license and is a very common tool for Quality Assurance (QA). It can be also used in Information Security. For example, you can upload Selenium scripts in Qualys WAS (Web Application Scanner)  to help scanner in performing some complex operations, for example in authentication on the website.

Selenium Upload script in Qualys

Selenium is available in a form of two products: Selenium WebDriver for some hardcore automation and web-browser plugin Selenium IDE, which will help you to create and run scripts. I chose Selenium IDE.

Selenium types

Continue reading

Gartner’s view on Vulnerability Management market

2 Replies

Gartner’s view on Vulnerability Management market. Not so long time ago Gartner’s report “Vulnerability Management an essential piece of the security puzzle” has become publicly available. Now you can read it for free by filling out a questionnaire on F-Secure website.

Gartner VM Market Guide

At the bottom of the document there is a reference to Gartner G00294756 from 05 December 2016. This document is quite fresh, especially for not very dynamic VM market ;-), and pretty expensive. Thanks for F-secure, we can read it now for free. If you are wondering why this anti-virus company is sponsoring Gartner VM reports: year ago they have bought Finnish VM vendor nScence, and I even did a small review of this product (F-Secure Radar Vulnerability Management solution, F-Secure Radar basic reporting, F-Secure Radar ticketing, F-Secure API for scanning).

Talking about the document, I would like, firstly, to thank Gartner. Do you know who writes most articles about VM? Of course, VM vendors. And we all understand that their main goal is to promote their own products. Reports of independent consulting firms, primarily IDC, Forrester and Gartner, allow us to get some balanced view from the side. It is very important.

Here I would like to comment some theses of the text.

Continue reading

Let’s Encrypt for shared hosting

2 Replies

Let’s Encrypt for shared hosting. I have recently moved my blog to https using free Let’s Encrypt (Linux Foundation Project) certificate.

Let’s Encrypt service works the best, when you have your own server. You just need to configure some scripts that will regularly request new certificates and everything will work automatically. But, even if your site is on shared hosting, it’s still possible to use Let’s Encrypt. You can make the certificate on your machine, I used Ubuntu Linux, and then add them in the web interface of your hoster, of course if this feature is supported. Certificate will be valid for 4 month, and then you will need make a new one.

To say the truth, I did it because search engines and browser vendors will discriminate http-only sites very soon. And, of course, for fun. Green lock icon in address bar looks cool. ^_^

Continue reading