At appsec phoenix, we do a lot of research and run intelligence services. Nonetheless, we all come from years of practice in the application, vulnerability management and open-source intelligence.
Each week we will cover a topic that spans vulnerability management, cloud security, and application security.
We will cover a post on open-source intelligence and Open Source Security, OSS security tools available every week.
Vulnerability management definition
Vulnerability management is the process of identifying, assessing, and mitigating vulnerabilities in computer systems. It is a critical part of cybersecurity, as vulnerabilities can be exploited by malicious actors to gain access to systems, data, and networks.
The goal of vulnerability management is to reduce the risk of successful attacks by identifying and addressing vulnerabilities before they can be exploited. This requires a comprehensive and ongoing approach that includes everything from patch management to system hardening to user education.
Vulnerability management is an essential part of any cybersecurity program, and organizations of all sizes need a robust vulnerability management plan.
Application security definition
Application security is the process of protecting applications from hazards and vulnerabilities. It includes identifying, classifying, and mitigating risks to the security of an application. Application security is a subset of cybersecurity.
Many different types of risks can threaten the security of an application. These risks can be divided into two categories: internal risks and external risks. Internal risks originate within the organisation, such as careless employees or malicious insiders. External risks come from outside the organization, such as hackers or malware.
To properly protect an application from risks, it is important to identify and assess its risks. Once the risks have been identified, they can be mitigated through security controls. Security controls are measures put in place to reduce the likelihood and/or impact of a security incident. They
This week we start with analysing a minimum stack for application and vulnerability management.
Open source is increasingly being used in cybersecurity intelligence. Here’s how you can use it to bolster your organization’s security posture. Open source software (OSS) is any software whose source code is available for anyone to use, modify, and distribute. OSS is often developed collaboratively, with developers from all over the world contributing to its development. While OSS has traditionally been used primarily by developers, it is now also used in other areas, including cybersecurity. In cybersecurity, OSS can be used in several ways, including: – To find and fix vulnerabilities in software – To create and manage security incident response plans – For intelligence gathering Using OSS in cybersecurity can help organizations save time and money, as well as improve their security posture. When used correctly, OSS can be a powerful
Some references for this week as a framework
1) Static code analyser – https://github.com/ShiftLeftSecurity/sast-scan
2) Dependency-Check – https://github.com/jeremylong/DependencyCheck
also npm audit
3) Code relationships – https://github.com/crubier/code-to-graph
3) Cloud Assessment – Prowler – https://github.com/toniblyx/prowler
4) Network assessment – Nettacker – https://github.com/zdresearch/OWASP-Nettacker
> Tsunami – https://github.com/google/tsunami-security-scanner
*) Vulnerability Management, Scanners and intelligence framework
- intelligence framework – https://github.com/intelowlproject/IntelOwl
- Attack flow: https://github.com/center-for-threat-informed-defense/attack-flow
- Google Zero Day – https://googleprojectzero.github.io/0days-in-the-wild/rca.html
- Zero Day initiative – https://www.zerodayinitiative.com/about/benefits/
- CISA KVC – https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- NVD – Mitre