|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Dave Aitel (dave
immunityinc.com)
Date: Tue Dec 09 2008 - 08:45:23 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
One technique we're doing this week with a client is taking an attack
tree and marking it up with dollar values. I.E. if you wanted to buy
an 0day in X component, how much would it cost?
This then is a simple summation to produce a "how much is it to get
into the internal network from the internet" which the business can
use to help them decide yay/nay on the project as a whole depending on
their own view of the threat and the value of the information they are
protecting.
- -dave
Halvar Flake wrote:
> Hey all,
>
> It seems that discussions in ITsec are periodic -- the same
> discussions and same arguments come up again and again.
>
> 1. Of course attackers use new vulnerabilities. It is the nature of
> offense. Defense is done "to the maximum of current knowledge".
> Offense, by it's nature, has to expand on the status quo.
>
> 2. How do you simulate an attack with a new vulnerability if you
> don't have one ?
>
> Well, military folks do wargames all the time without actually
> using up the arsenal they have on the shelves. Network attacks
> should probably be done in a similar manner -- have an umpire, and
> give the attacking team a few "0day cards". With these cards they
> get high-probability code execution for a piece of software of
> their choice.
>
> The pentest then proceeds like a game, but can be conducted on the
> real network, too.
>
> But I am repeating myself ...
>
> Cheers, Halvar _______________________________________________
> Dailydave mailing list Dailydavelists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFJPoSCtehAhL0gheoRAqofAJ0Yvic/Ro6dRr+xWLavp+DizANyAACfWUXc
JRFeXEvy4EJeg5gkuXxC2ZU=
=6PWU
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]