Upload
spirent-communications
View
517
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Aswath Mohan & Ankur Chadda discuss why an advanced security testing strategy is an essential component in preparing for the onslaught of cyber-attacks. Learn more about security testing: http://bit.ly/P5cTXz
Citation preview
PROPRIETARY AND CONFIDENTIAL
Oct 11, 2012
Advanced Security Testing In The Age of Cyber War
2PROPRIETARY AND CONFIDENTIAL
Cyber Security Market Trends
Growth of Targeted Attacks
Rise of Social Engineering
CaaS – Crime as a Service
3PROPRIETARY AND CONFIDENTIAL
Between 2005 to 2011 the number of targeted attacks rose by a factor of:• 10
• 50
• 500
• 1000
In 2005 the number of targeted attacks detected by Symantec.cloud was 1 per week. In Nov 2011 it was 95 per day
Rapid Increase In Targeted Attacks
4PROPRIETARY AND CONFIDENTIAL
Report indicates that a large % of people reused passwords or the passwords were very similar:• 55 %
• 75 %
• 95 %
University of Cambridge study found that 75% of users shared passwords between two separate accounts
Social Engineering Is The Main Attack Vector
5PROPRIETARY AND CONFIDENTIAL
The price for one exploit is as high as $250K • iOS
• Chrome
• Windows
• Microsoft Word
A Bangkok based security researcher with a handle called ‘The Grugq’ sold an iOS exploit for $250K. He is on track to make over $1M this year.
The Growth Of The Zero Day Market
7PROPRIETARY AND CONFIDENTIAL
Accurate• Test with the latest attacks and vulnerabilities
• Discover unknown weaknesses in software
Agile• Recreate new apps and attacks immediately
• Leverage new threat profiles
Simple• Intuitive workflow for ease-of-use and adoption
• Auto-generate test cases using Studio
Requirements for Advanced Security Testing
8PROPRIETARY AND CONFIDENTIAL
1,000s of ready-to-run tests Continuous stream of the latest attacks and apps Multiple end–points (iPhone, PC, Android) & versions (Skype v5.3.0.8)
8
Spirent TestCloud – Apps & Security Test Store
10PROPRIETARY AND CONFIDENTIAL
DEMO 1 – Let’s Discover A Zero Day in Jabber
11PROPRIETARY AND CONFIDENTIAL
DEMO 2 – Now Let’s Unleash Attacks At Scale
PROPRIETARY AND CONFIDENTIAL
Thank you