Security Patterns

Samples of application security vulnerability patterns.- "DeepSource Application Security Patterns"

White Paper

Primeon's whitepaper - "Enterprise Applications: Wide Open to Attack in 2018" - tells business execs and IT managers the truth about application risk.
Resource Links

Common Vulnerability Scoring System Version 3.1 Calculator

Open Web Application Security Project (OWASP)

SecurityFocus Bugtraq Database

Registry Whois Search

Microsoft - URLScan Tool

Metasploit Project - for penetration testing, IDS signature development, and exploit research.

National Vulnerability Database

Infrastructure Vulnerability Assessments

Primeon's Infrastructure Testing services can be conducted from both outside the firewall and from inside the firewall via VPN access. This provides a comprehensive assessment which utilizes multiple scanning tools, vulnerability knowledge base and proprietary tools to identify common security issues within an infrastructure.

Infrastructural security assessment approaches:
For infrastructural security assessments, Primeon testers employ a hybrid method including two basic assessment approaches:

  • Credentialed Vulnerability Assessment Approach - This approach performs the assessment from the perspective of a normal, authenticated system administrator. The assessment requires that it be performed with an administrator user account and password. The major focus of the approach is to detect missing patches, insecure configuration settings, and unnecessary, potentially vulnerable services. A typical service based on the approach offered, is an infrastructure security lockdown assessment.
  • Non-Credentialed Vulnerability Assessment Approach - This approach takes the perspective of an unauthenticated malicious intruder who is trying to break into the network. The assessment detects security issues of a system through a combination of service detection, fingerprinting, version identification, and actual exploitation attempts. A typical service based on the approach offered, is an infrastructure penetration test.

    • Test Activities

    During the security vulnerability assessment, Primeon testers perform the following test activities:

    Infrastructure tests:

    o Lockdown assessment (Credentialed Vulnerability Assessment)
  • Administrative vulnerability assessment - The testers assess the system's security from the perspective of a normal, authenticated system administrator to detect security issues associated with OS level components such as, file permission, basic network services, network administration, user permissions, account management, password policies, system logging and monitoring practice, and unnecessary and suspicious services, etc.
  • Service configuration review - The testers detect possible security issues in configurations of installed services such as, Name service, Email service, Web server, Database server, and File services.
  • Patch management analysis - The testers analyze the configurations of the targeted system to decide whether the latest patches are properly installed.

    • o Penetration Vulnerability Assessment (non-Credentialed Vulnerability Assessment)

  • Port discovery scan - The testers perform a thorough port scan of the target, accurately determining which ports on an IP address are open which is the crucial first step to a comprehensive security audit.
  • Network services detection - After determining which ports are alive, the tester begins a network services test on each port to determine exactly what software is running and how it is configured. This information is leveraged in order to launch additional specific and generic service tests.
  • Vulnerability scan - The tester employs automatic vulnerability tools to identify possible vulnerabilities for each exposed service.
  • Manual vulnerability testing and verification - The tester verifies all vulnerabilities found from the vulnerability scan, eliminates false positives and attempts to exploit positives.

    • The results from testing tools will be analyzed by Primeon Security Professionals to confirm if each reported finding is correct. Our experience shows that the majority of tools' findings are false-positives. However, instead of simply passing this output report onto our clients, Primeon goes the "extra mile" and further analyzes these reported findings and eliminates "false-positives" to remove this burden from your IT staff. In addition, because we also perform manual testing during this process, Primeon will find additional vulnerabilities, such as configuration issues, which could be missed by scanning tools.

    Primeon's Infrastructure Testing Services covers the following subset areas:
    o AIX Local Security Checks
    o Mandrake Local Security Checks
    o Backdoors
    o Misc
    o Brute force attacks
    o Netware
    o CGI abuses
    o NIS
    o CGI abuses : XSS
    o Peer-To-Peer File Sharing
    o CISCO
    o Port scanners
    o Debian Local Security Checks
    o Red Hat Local Security Checks
    o Default Unix Accounts
    o Remote file access
    o Denial of Service
    o RPC
    o Fedora Local Security Checks
    o Service detection
    o Finger abuses
    o Settings
    o Firewalls
    o SMTP problems
    o FreeBSD Local Security Checks
    o SNMP
    o FTP
    o Solaris Local Security Checks
    o Gain a shell remotely
    o SuSE Local Security Checks
    o Gain root remotely
    o Useless services
    o General
    o Windows
    o Gentoo Local Security Checks
    o Windows : Microsoft Bulletins
    o HP-UX Local Security Checks
    o Windows : User management
    o HP-UX Local Security Checks
    		  

    Copyright © Primeon, Inc. 2022