SlideShare a Scribd company logo

Securing legacy systems

R
Revital Lapidot

Using legacy systems such as outdated software and hardware or using components that do not have security capabilities may expose the system and even the entire network to a security breach. We understand that sometimes legacy systems cannot be discarded due to technical and business limitations but it does not mean you have to accept the risks… The next slides will help you to secure legacy systems in user… stay safe!

Technology
1 of 6
Download to read offline
1 Securing Legacy Systems Raphy Bitton | CISSP, CCSK Head of Infrastructure Division & CISO @ Comsec 2018 © Comsec Global
Meet Raphy Bitton About Raphy Bitton Head of Infrastructure Division & Global CISO @ Comsec • Expertise in infrastructure security • Consultant for secured architecture and hardening • As CISO, responsible for Comsec’s security • Holds valuable certifications such as CISSP and CCSK
3 Securing Legacy Systems What are legacy systems? Obsolete Operating System Operating systems (Windows, Linux, macOS, etc.) which are no longer supported by their vendor and no updates nor patches are released by the vendor. Non-Security Capabilities Software that has no security features and settings by design and needs to be secured by 3rd party solutions. Obsolete Software Any software which are no longer supported by their vendor, having no updates nor patches released for them. Outdated Components Any application, device, etc. that is supported by the vendor for operational issues but security issues are left unfixed.
4 So, lets get to the root of it… You can easily secure it! All you need to do is follow the next few security tips…
5 Securing Legacy Systems How To Hardening Implement system hardening procedures recommended by the vendor and the security industry. Patching Install all available patches for the system from the time it was supported. It will ensure fixing known old vulnerabilities. Segmentation Separate the system from other components in the network to prevent it from being leveraged by attackers towards other components. Monitoring Monitor any privileged action or suspicious activity to set alerts for any security issue. Use HIPS Host-Based Intrusion Prevention application will prevent execution of vulnerability exploitations on the system. Use Anti-Malware This application will block any known malicious file copied to, or processed on the system.
6 Want to Know More? +972 (0)3-9234277 raphyb@comsecglobal.com Yegia Kapayim St. 21D, P.O. Box 3474, Petach-Tikva, Israel, 49130 www.comsecglobal.com

Recommended

OSB190: What's New in Xtraction
OSB190: What's New in XtractionOSB190: What's New in Xtraction
OSB190: What's New in XtractionIvanti
 
Canadian Cyber Cecurity
Canadian Cyber CecurityCanadian Cyber Cecurity
Canadian Cyber CecurityPeter Scheffler
 
Canadian Cyber Cecurity
Canadian Cyber CecurityCanadian Cyber Cecurity
Canadian Cyber CecurityPeter Scheffler
 
Network Field Day 11 - Skyport Systems Presentation
Network Field Day 11 - Skyport Systems PresentationNetwork Field Day 11 - Skyport Systems Presentation
Network Field Day 11 - Skyport Systems PresentationDouglas Gourlay
 
NTXISSACSC3 - Removing the Snake Oil from Your Security Program by Jim Broome
NTXISSACSC3 - Removing the Snake Oil from Your Security Program by Jim Broome NTXISSACSC3 - Removing the Snake Oil from Your Security Program by Jim Broome
NTXISSACSC3 - Removing the Snake Oil from Your Security Program by Jim Broome North Texas Chapter of the ISSA
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Digital Bond
 
Sntc April 2: Decrease Network Risk with Alert Management Draft v2
Sntc April 2: Decrease Network Risk with Alert Management Draft v2Sntc April 2: Decrease Network Risk with Alert Management Draft v2
Sntc April 2: Decrease Network Risk with Alert Management Draft v2B2BContact
 
Sntcapril2 decreasenetworkriskwithalertmanagementdraftv2-150417114740-convers...
Sntcapril2 decreasenetworkriskwithalertmanagementdraftv2-150417114740-convers...Sntcapril2 decreasenetworkriskwithalertmanagementdraftv2-150417114740-convers...
Sntcapril2 decreasenetworkriskwithalertmanagementdraftv2-150417114740-convers...garciathomasbic
 

Recommended

OSB190: What's New in Xtraction
OSB190: What's New in XtractionOSB190: What's New in Xtraction
OSB190: What's New in XtractionIvanti
 
Canadian Cyber Cecurity
Canadian Cyber CecurityCanadian Cyber Cecurity
Canadian Cyber CecurityPeter Scheffler
 
Canadian Cyber Cecurity
Canadian Cyber CecurityCanadian Cyber Cecurity
Canadian Cyber CecurityPeter Scheffler
 
Network Field Day 11 - Skyport Systems Presentation
Network Field Day 11 - Skyport Systems PresentationNetwork Field Day 11 - Skyport Systems Presentation
Network Field Day 11 - Skyport Systems PresentationDouglas Gourlay
 
NTXISSACSC3 - Removing the Snake Oil from Your Security Program by Jim Broome
NTXISSACSC3 - Removing the Snake Oil from Your Security Program by Jim Broome NTXISSACSC3 - Removing the Snake Oil from Your Security Program by Jim Broome
NTXISSACSC3 - Removing the Snake Oil from Your Security Program by Jim Broome North Texas Chapter of the ISSA
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Digital Bond
 
Sntc April 2: Decrease Network Risk with Alert Management Draft v2
Sntc April 2: Decrease Network Risk with Alert Management Draft v2Sntc April 2: Decrease Network Risk with Alert Management Draft v2
Sntc April 2: Decrease Network Risk with Alert Management Draft v2B2BContact
 
Sntcapril2 decreasenetworkriskwithalertmanagementdraftv2-150417114740-convers...
Sntcapril2 decreasenetworkriskwithalertmanagementdraftv2-150417114740-convers...Sntcapril2 decreasenetworkriskwithalertmanagementdraftv2-150417114740-convers...
Sntcapril2 decreasenetworkriskwithalertmanagementdraftv2-150417114740-convers...garciathomasbic
 
Managing Organizational Security with Seqrite Cloud
Managing Organizational Security with Seqrite CloudManaging Organizational Security with Seqrite Cloud
Managing Organizational Security with Seqrite CloudQuick Heal Technologies Ltd.
 
Why NAC and Why Not NAC
Why NAC and Why Not NACWhy NAC and Why Not NAC
Why NAC and Why Not NACdigitallibrary
 
What Suppliers Don't Tell You About Security?
What Suppliers Don't Tell You About Security?What Suppliers Don't Tell You About Security?
What Suppliers Don't Tell You About Security?PECB
 
Presentacion demo mc afee siem
Presentacion demo mc afee siemPresentacion demo mc afee siem
Presentacion demo mc afee siemvictor bueno
 
presentacion Demo McAfee SIEM
presentacion Demo McAfee SIEMpresentacion Demo McAfee SIEM
presentacion Demo McAfee SIEMvictor bueno
 
Technology Overview - Symantec Endpoint Protection (SEP)
Technology Overview - Symantec Endpoint Protection (SEP)Technology Overview - Symantec Endpoint Protection (SEP)
Technology Overview - Symantec Endpoint Protection (SEP)Iftikhar Ali Iqbal
 
Symantec 賽門鐵克產線機台防護方案建議
Symantec 賽門鐵克產線機台防護方案建議Symantec 賽門鐵克產線機台防護方案建議
Symantec 賽門鐵克產線機台防護方案建議Randy Lin
 
Security Monitoring using SIEM null bangalore meet april 2015
Security Monitoring using SIEM null bangalore meet april 2015Security Monitoring using SIEM null bangalore meet april 2015
Security Monitoring using SIEM null bangalore meet april 2015n|u - The Open Security Community
 
SIEM (Security Information and Event Management)
SIEM (Security Information and Event Management)SIEM (Security Information and Event Management)
SIEM (Security Information and Event Management)Osama Ellahi
 
Top 10 Questions to Ask Your Vulnerability Management Provider
Top 10 Questions to Ask Your Vulnerability Management ProviderTop 10 Questions to Ask Your Vulnerability Management Provider
Top 10 Questions to Ask Your Vulnerability Management ProviderTawnia Beckwith
 
Security Information Event Management - nullhyd
Security Information Event Management - nullhydSecurity Information Event Management - nullhyd
Security Information Event Management - nullhydn|u - The Open Security Community
 
"Backoff" Malware: How to Know If You're Infected
"Backoff" Malware: How to Know If You're Infected"Backoff" Malware: How to Know If You're Infected
"Backoff" Malware: How to Know If You're InfectedTripwire
 
Msp deck v1.0
Msp deck v1.0Msp deck v1.0
Msp deck v1.0AccelOps
 
Lesson 2 Cryptography tools
Lesson 2 Cryptography toolsLesson 2 Cryptography tools
Lesson 2 Cryptography toolsMLG College of Learning, Inc
 
3 florin coada - sast in the days of dev ops
3 florin coada - sast in the days of dev ops3 florin coada - sast in the days of dev ops
3 florin coada - sast in the days of dev opsIevgenii Katsan
 
The New Normal: Managing the constant stream of new vulnerabilities
The New Normal: Managing the constant stream of new vulnerabilitiesThe New Normal: Managing the constant stream of new vulnerabilities
The New Normal: Managing the constant stream of new vulnerabilitiesMajor Hayden
 
13.Anton-Position-Security-Considerations-23June2015[1]
13.Anton-Position-Security-Considerations-23June2015[1]13.Anton-Position-Security-Considerations-23June2015[1]
13.Anton-Position-Security-Considerations-23June2015[1]Anton Kaska
 
Top 10 SIEM Best Practices, SANS Ask the Expert
Top 10 SIEM Best Practices, SANS Ask the ExpertTop 10 SIEM Best Practices, SANS Ask the Expert
Top 10 SIEM Best Practices, SANS Ask the ExpertAccelOps
 
7 Reasons your existing SIEM is not enough
7 Reasons your existing SIEM is not enough7 Reasons your existing SIEM is not enough
7 Reasons your existing SIEM is not enoughCloudAccess
 
Security Information and Event Management
Security Information and Event ManagementSecurity Information and Event Management
Security Information and Event ManagementUTD Computer Security Group
 
LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
LOUCA23 Yusuf Hadiwinata Linux Security BestPracticeLOUCA23 Yusuf Hadiwinata Linux Security BestPractice
LOUCA23 Yusuf Hadiwinata Linux Security BestPracticeYusuf Hadiwinata Sutandar
 
MOSIP Country Conversations 2023 Consolidated.pdf
MOSIP Country Conversations 2023 Consolidated.pdfMOSIP Country Conversations 2023 Consolidated.pdf
MOSIP Country Conversations 2023 Consolidated.pdfMOSIP
 

More Related Content

What's hot

Managing Organizational Security with Seqrite Cloud
Managing Organizational Security with Seqrite CloudManaging Organizational Security with Seqrite Cloud
Managing Organizational Security with Seqrite CloudQuick Heal Technologies Ltd.
 
Why NAC and Why Not NAC
Why NAC and Why Not NACWhy NAC and Why Not NAC
Why NAC and Why Not NACdigitallibrary
 
What Suppliers Don't Tell You About Security?
What Suppliers Don't Tell You About Security?What Suppliers Don't Tell You About Security?
What Suppliers Don't Tell You About Security?PECB
 
Presentacion demo mc afee siem
Presentacion demo mc afee siemPresentacion demo mc afee siem
Presentacion demo mc afee siemvictor bueno
 
presentacion Demo McAfee SIEM
presentacion Demo McAfee SIEMpresentacion Demo McAfee SIEM
presentacion Demo McAfee SIEMvictor bueno
 
Technology Overview - Symantec Endpoint Protection (SEP)
Technology Overview - Symantec Endpoint Protection (SEP)Technology Overview - Symantec Endpoint Protection (SEP)
Technology Overview - Symantec Endpoint Protection (SEP)Iftikhar Ali Iqbal
 
Symantec 賽門鐵克產線機台防護方案建議
Symantec 賽門鐵克產線機台防護方案建議Symantec 賽門鐵克產線機台防護方案建議
Symantec 賽門鐵克產線機台防護方案建議Randy Lin
 
Security Monitoring using SIEM null bangalore meet april 2015
Security Monitoring using SIEM null bangalore meet april 2015Security Monitoring using SIEM null bangalore meet april 2015
Security Monitoring using SIEM null bangalore meet april 2015n|u - The Open Security Community
 
SIEM (Security Information and Event Management)
SIEM (Security Information and Event Management)SIEM (Security Information and Event Management)
SIEM (Security Information and Event Management)Osama Ellahi
 
Top 10 Questions to Ask Your Vulnerability Management Provider
Top 10 Questions to Ask Your Vulnerability Management ProviderTop 10 Questions to Ask Your Vulnerability Management Provider
Top 10 Questions to Ask Your Vulnerability Management ProviderTawnia Beckwith
 
"Backoff" Malware: How to Know If You're Infected
"Backoff" Malware: How to Know If You're Infected"Backoff" Malware: How to Know If You're Infected
"Backoff" Malware: How to Know If You're InfectedTripwire
 
Msp deck v1.0
Msp deck v1.0Msp deck v1.0
Msp deck v1.0AccelOps
 
3 florin coada - sast in the days of dev ops
3 florin coada - sast in the days of dev ops3 florin coada - sast in the days of dev ops
3 florin coada - sast in the days of dev opsIevgenii Katsan
 
The New Normal: Managing the constant stream of new vulnerabilities
The New Normal: Managing the constant stream of new vulnerabilitiesThe New Normal: Managing the constant stream of new vulnerabilities
The New Normal: Managing the constant stream of new vulnerabilitiesMajor Hayden
 
13.Anton-Position-Security-Considerations-23June2015[1]
13.Anton-Position-Security-Considerations-23June2015[1]13.Anton-Position-Security-Considerations-23June2015[1]
13.Anton-Position-Security-Considerations-23June2015[1]Anton Kaska
 
Top 10 SIEM Best Practices, SANS Ask the Expert
Top 10 SIEM Best Practices, SANS Ask the ExpertTop 10 SIEM Best Practices, SANS Ask the Expert
Top 10 SIEM Best Practices, SANS Ask the ExpertAccelOps
 
7 Reasons your existing SIEM is not enough
7 Reasons your existing SIEM is not enough7 Reasons your existing SIEM is not enough
7 Reasons your existing SIEM is not enoughCloudAccess
 

What's hot (20)

Managing Organizational Security with Seqrite Cloud
Managing Organizational Security with Seqrite CloudManaging Organizational Security with Seqrite Cloud
Managing Organizational Security with Seqrite Cloud
 
Why NAC and Why Not NAC
Why NAC and Why Not NACWhy NAC and Why Not NAC
Why NAC and Why Not NAC
 
What Suppliers Don't Tell You About Security?
What Suppliers Don't Tell You About Security?What Suppliers Don't Tell You About Security?
What Suppliers Don't Tell You About Security?
 
Presentacion demo mc afee siem
Presentacion demo mc afee siemPresentacion demo mc afee siem
Presentacion demo mc afee siem
 
presentacion Demo McAfee SIEM
presentacion Demo McAfee SIEMpresentacion Demo McAfee SIEM
presentacion Demo McAfee SIEM
 
Technology Overview - Symantec Endpoint Protection (SEP)
Technology Overview - Symantec Endpoint Protection (SEP)Technology Overview - Symantec Endpoint Protection (SEP)
Technology Overview - Symantec Endpoint Protection (SEP)
 
Symantec 賽門鐵克產線機台防護方案建議
Symantec 賽門鐵克產線機台防護方案建議Symantec 賽門鐵克產線機台防護方案建議
Symantec 賽門鐵克產線機台防護方案建議
 
Security Monitoring using SIEM null bangalore meet april 2015
Security Monitoring using SIEM null bangalore meet april 2015Security Monitoring using SIEM null bangalore meet april 2015
Security Monitoring using SIEM null bangalore meet april 2015
 
SIEM (Security Information and Event Management)
SIEM (Security Information and Event Management)SIEM (Security Information and Event Management)
SIEM (Security Information and Event Management)
 
Top 10 Questions to Ask Your Vulnerability Management Provider
Top 10 Questions to Ask Your Vulnerability Management ProviderTop 10 Questions to Ask Your Vulnerability Management Provider
Top 10 Questions to Ask Your Vulnerability Management Provider
 
Security Information Event Management - nullhyd
Security Information Event Management - nullhydSecurity Information Event Management - nullhyd
Security Information Event Management - nullhyd
 
"Backoff" Malware: How to Know If You're Infected
"Backoff" Malware: How to Know If You're Infected"Backoff" Malware: How to Know If You're Infected
"Backoff" Malware: How to Know If You're Infected
 
Msp deck v1.0
Msp deck v1.0Msp deck v1.0
Msp deck v1.0
 
Lesson 2 Cryptography tools
Lesson 2 Cryptography toolsLesson 2 Cryptography tools
Lesson 2 Cryptography tools
 
3 florin coada - sast in the days of dev ops
3 florin coada - sast in the days of dev ops3 florin coada - sast in the days of dev ops
3 florin coada - sast in the days of dev ops
 
The New Normal: Managing the constant stream of new vulnerabilities
The New Normal: Managing the constant stream of new vulnerabilitiesThe New Normal: Managing the constant stream of new vulnerabilities
The New Normal: Managing the constant stream of new vulnerabilities
 
13.Anton-Position-Security-Considerations-23June2015[1]
13.Anton-Position-Security-Considerations-23June2015[1]13.Anton-Position-Security-Considerations-23June2015[1]
13.Anton-Position-Security-Considerations-23June2015[1]
 
Top 10 SIEM Best Practices, SANS Ask the Expert
Top 10 SIEM Best Practices, SANS Ask the ExpertTop 10 SIEM Best Practices, SANS Ask the Expert
Top 10 SIEM Best Practices, SANS Ask the Expert
 
7 Reasons your existing SIEM is not enough
7 Reasons your existing SIEM is not enough7 Reasons your existing SIEM is not enough
7 Reasons your existing SIEM is not enough
 
Security Information and Event Management
Security Information and Event ManagementSecurity Information and Event Management
Security Information and Event Management
 

Similar to Securing legacy systems

LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
LOUCA23 Yusuf Hadiwinata Linux Security BestPracticeLOUCA23 Yusuf Hadiwinata Linux Security BestPractice
LOUCA23 Yusuf Hadiwinata Linux Security BestPracticeYusuf Hadiwinata Sutandar
 
MOSIP Country Conversations 2023 Consolidated.pdf
MOSIP Country Conversations 2023 Consolidated.pdfMOSIP Country Conversations 2023 Consolidated.pdf
MOSIP Country Conversations 2023 Consolidated.pdfMOSIP
 
Securing your Windows Network with the Microsoft Security Baselines
Securing your Windows Network with the Microsoft Security BaselinesSecuring your Windows Network with the Microsoft Security Baselines
Securing your Windows Network with the Microsoft Security BaselinesFrank Lesniak
 
Cyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemCyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemRogue Wave Software
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Qualcomm Developer Network
 
Static Application Security Testing Strategies for Automation and Continuous ...
Static Application Security Testing Strategies for Automation and Continuous ...Static Application Security Testing Strategies for Automation and Continuous ...
Static Application Security Testing Strategies for Automation and Continuous ...Kevin Fealey
 
10 tips for hardening your system
10 tips for hardening your system10 tips for hardening your system
10 tips for hardening your systemRevital Lapidot
 
10 tips for hardening your system
10 tips for hardening your system10 tips for hardening your system
10 tips for hardening your systemRevital Lapidot
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare ☁
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare ☁
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare ☁
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on VehiclesPriyanka Aash
 
Locking down server and workstation operating systems
Locking down server and workstation operating systemsLocking down server and workstation operating systems
Locking down server and workstation operating systemsBen Rothke
 
Getting Started with IBM i Security: Securing PC Access
Getting Started with IBM i Security: Securing PC AccessGetting Started with IBM i Security: Securing PC Access
Getting Started with IBM i Security: Securing PC AccessHelpSystems
 
Leveraging Open Source Opportunity in the Public Sector Without the Risk
Leveraging Open Source Opportunity in the Public Sector Without the RiskLeveraging Open Source Opportunity in the Public Sector Without the Risk
Leveraging Open Source Opportunity in the Public Sector Without the RiskProtecode
 
Leveraging Open Source Opportunity in the Public Sector Without the Risk
Leveraging Open Source Opportunity in the Public Sector Without the RiskLeveraging Open Source Opportunity in the Public Sector Without the Risk
Leveraging Open Source Opportunity in the Public Sector Without the RiskSource Code Control Limited
 
Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?Digital Bond
 
Revealing the 2016 State of IBM i Security
Revealing the 2016 State of IBM i SecurityRevealing the 2016 State of IBM i Security
Revealing the 2016 State of IBM i SecurityHelpSystems
 
Software audit strategies: how often is enough?
Software audit strategies: how often is enough? Software audit strategies: how often is enough?
Software audit strategies: how often is enough? Protecode
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionLinaro
 

Similar to Securing legacy systems (20)

LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
LOUCA23 Yusuf Hadiwinata Linux Security BestPracticeLOUCA23 Yusuf Hadiwinata Linux Security BestPractice
LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
 
MOSIP Country Conversations 2023 Consolidated.pdf
MOSIP Country Conversations 2023 Consolidated.pdfMOSIP Country Conversations 2023 Consolidated.pdf
MOSIP Country Conversations 2023 Consolidated.pdf
 
Securing your Windows Network with the Microsoft Security Baselines
Securing your Windows Network with the Microsoft Security BaselinesSecuring your Windows Network with the Microsoft Security Baselines
Securing your Windows Network with the Microsoft Security Baselines
 
Cyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemCyber security - It starts with the embedded system
Cyber security - It starts with the embedded system
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
 
Static Application Security Testing Strategies for Automation and Continuous ...
Static Application Security Testing Strategies for Automation and Continuous ...Static Application Security Testing Strategies for Automation and Continuous ...
Static Application Security Testing Strategies for Automation and Continuous ...
 
10 tips for hardening your system
10 tips for hardening your system10 tips for hardening your system
10 tips for hardening your system
 
10 tips for hardening your system
10 tips for hardening your system10 tips for hardening your system
10 tips for hardening your system
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on Vehicles
 
Locking down server and workstation operating systems
Locking down server and workstation operating systemsLocking down server and workstation operating systems
Locking down server and workstation operating systems
 
Getting Started with IBM i Security: Securing PC Access
Getting Started with IBM i Security: Securing PC AccessGetting Started with IBM i Security: Securing PC Access
Getting Started with IBM i Security: Securing PC Access
 
Leveraging Open Source Opportunity in the Public Sector Without the Risk
Leveraging Open Source Opportunity in the Public Sector Without the RiskLeveraging Open Source Opportunity in the Public Sector Without the Risk
Leveraging Open Source Opportunity in the Public Sector Without the Risk
 
Leveraging Open Source Opportunity in the Public Sector Without the Risk
Leveraging Open Source Opportunity in the Public Sector Without the RiskLeveraging Open Source Opportunity in the Public Sector Without the Risk
Leveraging Open Source Opportunity in the Public Sector Without the Risk
 
Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?
 
Revealing the 2016 State of IBM i Security
Revealing the 2016 State of IBM i SecurityRevealing the 2016 State of IBM i Security
Revealing the 2016 State of IBM i Security
 
Software audit strategies: how often is enough?
Software audit strategies: how often is enough? Software audit strategies: how often is enough?
Software audit strategies: how often is enough?
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: Introduction
 

Recently uploaded

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 

Recently uploaded (20)

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 

Securing legacy systems

  • 1. 1 Securing Legacy Systems Raphy Bitton | CISSP, CCSK Head of Infrastructure Division & CISO @ Comsec 2018 © Comsec Global
  • 2. Meet Raphy Bitton About Raphy Bitton Head of Infrastructure Division & Global CISO @ Comsec • Expertise in infrastructure security • Consultant for secured architecture and hardening • As CISO, responsible for Comsec’s security • Holds valuable certifications such as CISSP and CCSK
  • 3. 3 Securing Legacy Systems What are legacy systems? Obsolete Operating System Operating systems (Windows, Linux, macOS, etc.) which are no longer supported by their vendor and no updates nor patches are released by the vendor. Non-Security Capabilities Software that has no security features and settings by design and needs to be secured by 3rd party solutions. Obsolete Software Any software which are no longer supported by their vendor, having no updates nor patches released for them. Outdated Components Any application, device, etc. that is supported by the vendor for operational issues but security issues are left unfixed.
  • 4. 4 So, lets get to the root of it… You can easily secure it! All you need to do is follow the next few security tips…
  • 5. 5 Securing Legacy Systems How To Hardening Implement system hardening procedures recommended by the vendor and the security industry. Patching Install all available patches for the system from the time it was supported. It will ensure fixing known old vulnerabilities. Segmentation Separate the system from other components in the network to prevent it from being leveraged by attackers towards other components. Monitoring Monitor any privileged action or suspicious activity to set alerts for any security issue. Use HIPS Host-Based Intrusion Prevention application will prevent execution of vulnerability exploitations on the system. Use Anti-Malware This application will block any known malicious file copied to, or processed on the system.
  • 6. 6 Want to Know More? +972 (0)3-9234277 raphyb@comsecglobal.com Yegia Kapayim St. 21D, P.O. Box 3474, Petach-Tikva, Israel, 49130 www.comsecglobal.com