Archive for 'Assessment Tools'
See Bandolier in Action
Bandolier is our DOE-funded project where we are working with control system application vendors to define optimal security configuration for the various components (HMI’s, Historians, Realtime Servers, etc…). We then develop Nessus audit files that allow an asset owner/operator to audit their systems. Loyal blog readers have heard us discuss many facets of the project [...]
Author: Jason Holcomb
Posted: March 16th, 2010 under Assessment Tools, Bandolier.
Comments: 1
Fuzzing, practical dumb fuzzing
We’ve had a lot of posts about fuzzing on the blog lately. We’ve looked at the latest technologies and techniques, we’ve talked about fuzzers, intelligent versus dumb, some of the tradeoffs involved with design choices, and in the future we’re going to talk some more about some of the commercial offerings in the space [...]
Author: Daniel Peck
Posted: March 3rd, 2010 under Assessment Tools.
Comments: 1
Using Bandolier and Nessus for CIP-007 R1 Testing
Testing has always been part of making changes to a control system. When a change is made (e.g. new component, upgrade, patch), we have to know if everything is still going to work. Progressive asset owners have incorporated a security element into their functional testing for a while now. Some would even argue that it’s [...]
Author: Jason Holcomb
Posted: February 19th, 2010 under Assessment Tools, Bandolier, NERC CIP.
Comments: none
Advanced Security Training Pre-ICSJWG
Digital Bond’s class, Using and Customizing SCADA Security Tools, was a sellout when first offered the day prior to S4 last month. It teaches advanced students how to use and customize the Bandolier Security Audit Files and the SCADA IDS preprocessors, plugins and signatures. The goal is to help asset owners and vendors take [...]
Author: Dale Peterson
Posted: February 15th, 2010 under Assessment Tools, Bandolier, DHS Research Project.
Comments: 1
SAGE and the increasing smarts in fuzzers
Fuzzing is growing up. From the academics of the late 80s throwing random data at unix command line tools, to the early work by researchers and commercial groups in the last 90s and early 2000s, to the explosion of fuzzing topics at conferences around the world about 5 years ago its come a long way.
As [...]
Author: Daniel Peck
Posted: February 11th, 2010 under Assessment Tools, Microsoft, Security Tools.
Comments: none
Best Way to Fuzz Part 2
A few thoughts after the intelligent comments, additional info, sound and fury:
Microsoft is in the very rare top tier of companies spending time and money on security. In gross $ and time probably number 1 and very high on a percentage of security to software development time. They are also among the most attacked. So [...]
Author: Dale Peterson
Posted: February 5th, 2010 under Assessment Tools, Development Tools, Security Tools.
Comments: 2
Best Way to Fuzz?
There was an interesting discussion and information on what is the “best way from an ROI measure” to fuzz test at the CERT sponsored Vulnerablity Disclosure Workshop in DC this week. It led to some tweets back and forth between Digital Bond alumni Matt Franz and myself. First some background:
Fuzz testing is used by vendors, [...]
Author: Dale Peterson
Posted: February 3rd, 2010 under Assessment Tools, Development Tools, Security Tools.
Comments: 7
Credentialed Scanning Video
This is timely considering my post about credentialed scanning earlier this week… Paul Asadoorian over at Tenable posted a video today that demonstrates Nessus credentialed scanning. You can get a look at how to set up a patch audit and netstat port scan, where to put the credentials, etc…
Another important thing Paul covers is setting [...]
Author: Jason Holcomb
Posted: January 27th, 2010 under Assessment Tools, Bandolier, Security Tools.
Comments: none
3 Reasons You Should Be Using Credentialed Scanning
Scanning with credentials has opened a new frontier for security assessment. Here’s an analogy: traditional vulnerability scanning is like a mechanic evaluating a car just by looking at the outside and listening to the motor run. It’s useful but there is so much more information available by looking under the hood and plugging into the [...]
Author: Jason Holcomb
Posted: January 25th, 2010 under Assessment Tools, Bandolier.
Comments: 2
S4 Preview: Measuring and Comparing Security in Different Control System Applications
Bandolier helps measure optimal security — meaning that we set out to identify and audit the best possible security configuration for a particular control system application. In some cases this means allowing something less than ideal because it is necessary for the function of the application. (Example: a service that is required that most best [...]
Author: Jason Holcomb
Posted: January 13th, 2010 under Assessment Tools, Calculating Risk, S4.
Comments: 2