Recommandé
Recommandé
Contenu connexe
Similaire à Syhunt Presentation 2011
Similaire à Syhunt Presentation 2011 (20)
Dernier
Dernier (20)
Syhunt Presentation 2011
- 1. SYHUNT Web Application Security Assessment Provider
- 2. Sandcat Assessment Suite What is Sandcat? P Sandcat is a hybrid multilanguage web application security assessment suite P A software suite that simulates web-based attacks P Proactively guards an organization's Web infrastructure against web application security threats < Finds the vulnerabilities before the hackers
- 3. Sandcat Assessment Suite Evolution P Initially an evasion-capable web server scanner < With CGI/directory brute force scanning and a very extensive database of checks. (2001-2003) P Added spidering & injection capabilities. < Became a remote web app sec scanner (2004) P Added source code scanning capabilities (2008)
- 4. Sandcat Assessment Suite How It Works P Scans live websites for multiple classes of vulnerabilities - an external pen-test < This is the hacker’s perspective (aka blackbox) P Scans locally, its source for the same multiple classes of vulnerabilities - an internal code review (aka whitebox) P When it combines both approaches, you have what is called a hybrid analysis (or greybox)
- 5. Sandcat Assessment Suite Sandcat’s hybrid multilanguage web application security scanning capabilities External Internal Remote Scanner Source Scanner HTML5- JavaScript Scans Aware Spider Emulation Any Web App
- 6. Features Core Functionality P Concurrency/Scan Queue Support (Multithreads) P Deep Crawling (Spidering) < Maps the entire web site structure (all links, forms, XHR requests and other entry points) P Multiple Versions (Windows Only) < GUI (Graphical User Interface) < CLI (Command-Line Interface) < Web-Interface (Apache-Based)
- 7. Sandcat Assessment Suite Core Functionality P Report Generation < Multiple formats and templates < Compliance - OWASP Top 10, PHP Top 5, CWE/SANS Top 25, Payment Card Industry (PCI), etc. Also includes: < OSVDB references < CVE & CWE references < Charts
- 9. Vulnerability Coverage Sandcat Database P Over 460 remote web application security checks in over 24 categories of web attacks < XSS, SQL Injection, File Inclusion, Command Execution, etc P OWASP's Top Ten Most Critical Web Application Security Vulnerabilities & PHP Top 5 Vulnerabilities
- 10. Vulnerability Coverage Sandcat Database P Over 561 source checks, covering several types of web attacks: < SQL Injection – Both remote and source checks tailored to cover MySQL, Oracle, PostgreSQL, Microsoft Access, Microsoft SQL Server, SQLite, Firebird, Sybase... < Cross-Site Scripting (XSS), Arbitrary File Manipulation, Command Execution, File Inclusion (Local & Remote) and more.
- 11. Vulnerability Coverage Sandcat Database P 29K (29 thousand) web vulnerabilities researched since 2003 affecting specific web applications/servers. P Examples: < StatPressCN Plugin for Wordpress wp- admin/admin.php Multiple Parameter XSS (CVE- 2011-0641) < PHPCMS 2008 data.php where_time Parameter SQL Injection (CVE-2011-0645)
- 12. Additional Components Other Sandcat Components P Sandcat Log Analyzer < Scans HTTP logs (created by web servers) for intrusion attempts P Sandcat Apache/PHP Hardener < Scans Apache and PHP configuration files for weak security settings
- 13. WAVSEP 2011 Comparison WAVSEP Comparison P Independent web application scanner accuracy tests produced every year by Shay Chen (OWASP Israel), an application security consultant P The most comprehensive ever made (a total of 60 tools were included this year, including the leading commercial tools) P What did we find out?
- 14. WAVSEP 2011 Comparison Sandcat Accuracy Tests (August 2011) P We’ve the best XSS vulnerability detection rate in the market < #1 when the Free Edition of Sandcat is compared with other free and open source tools < #2 when Sandcat Pro is compared to other commercial tools such as IBM AppScan, HP WebInspect and others – Sandcat Pro, AppScan and ParosPro top the WAVSEP benchmark charts with 100 percent or near-100 percent XSS detection rates
- 16. WAVSEP 2011 Comparison Sandcat Accuracy Tests (August 2011) P SQL Injection (SQLi) < Sandcat also scored a 100 percent error-based SQL Injection detection rate – Sandcat excelled at identifying an additional large set of 80 error-based SQL Injection vulnerabilities (detected 100% of the vulnerabilities, both GET-based and POST-based) – Sandcat’s SQL Injection checks covers several types of databases
- 17. WAVSEP 2011 Comparison Sandcat Accuracy Tests (August 2011) P Sandcat scored a 100 percent detection rate running at half its capabilities < Sandcat’s white-box (source code) scanning capabilities were not covered in the tests.
- 18. Additional Highlights Standards & Additional Info P Sandcat makes the list of CVE-compatible products and services provided by the Mitre Corporation who created the standard. P Invited this year by the U.S. NIST (National Institute of Standards and Technology) to participate the Static Analysis Tool Exposition (SATE) < SATE’s goal: advance research in the field of static analysis tools
- 19. Additional Highlights Standards & Additional Info P Used by the U.S. Department of Defense P Listed and covered in the Information Assurance Tools Report published this year (2011) by the U.S. Department of Defense’s IATAC (Information Assurance Technology Analysis Center), alongside leading tools
- 20. Customers Where they come from P From over 26 countries. Mainly from the United States, United Kingdom and Canada P From different markets and industries < Consulting, Education/Government, Finance, Banking, and Insurance, High Technology & Software, Hospitality, Travel & Tourism, Telecommunications, etc
- 21. Customers Where they come from (Government & Military) P NASA, US NOAA, US DoE (Department of Energy) and others P US Navy, UK’s Royal Air Force P Intelligence Agencies < CSE (Canada’s intelligence agency) < CISEN (Mexico’s intelligence agency)
- 22. The End Thank You More Info: www.syhunt.com Twitter: @syhunt Email: contact@syhunt.com