Tag Archives: pentesting

Examining the Distinguishing Factors of Cyber Security versus IT Security

Little do people realize but Cyber Security is actually quite different from the more generic term, “IT Security”.

The National Security Agency (NSA) uses two terms to define cyber security. Information assurance is a measure that protects and defends the integrity, availability and confidentiality of information and information systems. Information systems security protects information systems from unauthorized access and prevents unauthorized changes or modifications to information that is stored, moved or processed. Businesses, Department of Defense and other governmental agencies require cyber security measures that will ensure that confidential information remains intact without interference from unauthorized sources. ISO/IEC 27032 defines cyberspace security as the preservation of confidential information in cyberspace. Cyberspace is defined as the interaction of people, software and services on the Internet.

The word cyber began as an ancient Greek word that meant either a pilot, rudder operator or other person guiding a boat. In ancient Greece, the word developed into a term referring to central governmental control. In the twentieth century, Norbert Wiener employed the word cybernetics from the ancient Greek word cyber to describe robots with brains that control mechanisms. William Gibson wanted to use a word in his science fiction novels about the electronic future to refer to the place where online interactions occurred. Gibson’s 1984 novel “Neuromancer” popularized the term cyberspace from the word cyber that Weiner had used earlier in the century.

Some early Internet users were avid readers of Gibson’s science fiction novels. They adopted the term cyberspace as an alternate term for using the Internet. Meanwhile, federal government security professionals adopted information security or infosec as another term for information systems security. The military added another interpretation to the terminology adopted by civilian government professionals. Military mindset encompassed the thought processes of defending the terrain known as cyberspace. The military adopted the term cyber security and later shortened the term to cyber.

Cyber security revolves around the three core areas of confidentiality, integrity and authentication. Confidentiality protects information from unauthorized access by others. Integrity prevents information from alteration by unauthorized users. Authentication is the process of recognizing the identity of information users. There are two other terms associated with cyber security. Non-repudiation means that each person sending a message must be identified as the original message sender. Availability refers to an information system that is operational and functional at any time. Cyber security relies upon preventative measures used to protect information from attacks. Cyber security strategies include identity, incident and risk management to study and resolve potential viruses, malicious code and other information threatening issues.

Three cyber security strategies are prevalent in today’s cyber security environment that will lead to cyber security success. First, building a preventive defense system based upon the needed security level of an organization is essential to combating intrusions and cyber security attacks. Second, resilience or the ability to withstand attacks and failures is necessary as a preventive measure against the intrusions that will happen in cyberspace. Third, an offensive mindset will locate vulnerabilities in an organization’s defense system. A credible cyber defense should also include offensive capabilities to build a deterrence system that will prevent intruders from launching a cyber attack against an organization.

The cyber security industry moved from a defensive to offensive strategy of attack after security professionals examined cyber security from a preventive perspective and technological solutions to the problem emerged. An Intrusion Prevention System (IPS) (eg. Snort) was developed to provide security professionals with a proactive capability. Another offensive strategy uses counter terror techniques to find hacker cells, infiltrate and physically limit these hacker attacks.

Cyber security training differs quite a bit from traditional IT security training as well. True cyber security training (see TrainACE’s Advanced Security Cyber Security Training) classes include offensive skill sets like hacking mobile devices, exploit creation and python scripting your own tools to expose vulnerabilities. Traditional IT security classes include certifications like the Security+ and the CISSP, which are designed for defense, only.


What Training Comes Next After The Certified Ethical Hacker – How to Advanced Your Career as a Penetration Tester

Ethical hackers attempt to compromise computer systems or networks at the request of the system or network owner. By using the same methodology and resources available to criminal hackers, ethical hackers help to identify security vulnerabilities that could be exploited. These weaknesses can then be addressed by programmers or others that are assigned to work on that particular vulnerable hardware or software.

An attempt to circumvent system security and compromise a computer system is commonly known as a penetration test. It is a realistic simulation of a malicious computer attack and can be launched from external sources or from a compromised internal source. Ideally, networks and computer systems should be equally secure from both sources. In reality, they often are not.

The International Council of E-Commerce Consultants, which is known in the IT industry as the EC-Council, offers training and professional certification in ethical hacking. Certified Ethical Hackers must attend an accredited training center or combine at least two years of information security work with an approved self-study program. The CEHv8 test consists of 150 multiple-choice questions that must be completed within a 4-hour period with a minimum score of 70 percent. The test costs approximately $500, and a $100 eligibility fee is also required.

After CEH certification, IT security professions seek more advanced Certified Security Analyst/Licensed Penetration Tester credentials. The ECSA/LPT certification (http://www.trainace.com/courses/lpt/) covers advanced information security techniques and is also provided by the EC-Council. ECSA/LPTs focus on the analysis of penetration test outcomes and create risk mitigation measures to protect IT infrastructure. The course emphasizes best practices from experts in many areas of IT security.

The third tier of certification in the ethical hacking credentialing hierarchy is the Cyber War / Advanced Penetration Testing training. This certification, which is offered through Advanced Security by Academy of Computer Education, instructs IT security professionals in advanced, persistent threat tactics for penetration testing of high-security systems and networks. Advanced Security by Academy of Computer Education is a preferred training provider for the U.S. military, DHS, the FBI and other government agencies for this reason.

The course lasts for five days and focuses on the penetration of highly secured data environments. Patched and hardened versions of Vista, Windows 7, Windows Server 2008, and up-to-date Linux servers are used as course targets. The course covers both host-based and network intrusion detection systems and intrusion prevention systems.

In this industry leading advanced hacking training class, students first learn to deal with load balancing, network IDS/IPS, and deep packet inspection while attempting penetration from outside a network. The course then progresses to penetration of web-based applications with typical security measures in place.

The third step in the class is the study of LAN-based attacks, the penetration of locked down workstations, and a study of methods of dealing with host-based IDS/IPS as opposed to networked systems. The final phase of the advanced pen testing class deals with controlling active directories.

Criminal hackers are constantly sharing new ideas and penetration techniques. Many of their approaches can be quite sophisticated. IT security professionals often hear about these approaches only after it is too late to prevent intrusion. CEH, ESCA/LPT, and Cyber War are designed to ensure exposure to cutting-edge penetration and exploitation methodologies, and the courses cover hands-on hacking techniques that simply aren’t taught in routine educational settings. By teaching security professionals to think like hackers, these classes enable IT personnel to anticipate advances that hackers have not yet made.


Free Certified Ethical Hacker Class Giveaway

Advanced Security by Academy of Computer Education is giving away one free enrollment into any one of our Award Winning Certified Ethical Hacker (CEH) training classes.

Advanced Security is the reigning, two-time EC-Council ATC of the Year of the year award winner. Their training is recognized worldwide as the leading hands-on CEH training available because of the amount of time we spend on labs and method they have to prepare students for the exam. Their instructors are internationally known and followed Subject Matter Experts who speak at conferences and are followed by many in the industry.

They are giving away a free enrollment (certification exam included) to any one of their open enrollment Certified Ethical Hacker (CEH) training classes. This free enrollment can be used during any one of their open enrollment courses for up to one year from the end of this drawing. Details are as follows:

You must either blog about, Tweet about, Facebook post about or Google+ post about this Certified Ethical Hacker course giveaway contest. In any of the mentioned forms of posting you must include a link to this page: http://www.trainace.com/courses/ceh/

If you already have the CEH or equivalent experience you may follow the same steps, but do so for the Cyber War, Advanced Penetration Testing class: http://www.trainace.com/courses/apt/

For each online activity above that you do, you will receive the following entries into the drawing:

Blog Post – 10 entries

Tweet –  3 entries

Facebook – 2 entries

Google+ – 2 entries

When complete, you must send an email with the Subject “Free CEH Class Contest”. In the email include a link where they can find each posting. Send the email to rcorey@trainace.com  They will tally all entries and randomly select a winner. The winner will be selected on 5/16/12.


Computer Forensics Training in Miami, FL

Computer forensics is a topic that hackers are paying a lot of attention to lately. Ethical hackers are signing up for computer forensics training in large numbers because the work is now dictating that it is no longer good enough to be able to exploit vulnerabilities on our website, now you must be able to accumulate the evidence in an actionable manner for a court of law.  People aren’t just relying on protecting their own network, now they want to be able to prosecute violators and attackers. If you haven’t noticed, the industry is maturing quickly.

And with that maturity is the spread of computer forensics training. The leading certification in this vertical is the CHFI by the EC-Council. In fact, the EC-Council is holding its annual Hacker Halted security conference in Miami, Florida from 10/21 – 10/27. The first four days are dedicated to training class and then then last three are the security conference, which includes an amazing list of speakers. Hacker Halted has become the leading conference to get away to and learn some new tricks. The venue is exceptional, the speakers list is top tier, the presenters / instructors are industry leading and the party that they hold is world renowned!!

To join the CHFI or any other class at Hacker Halted, use this coupon code: HHACE

and then go here: http://www.hackerhalted.com/2011/


EC-Council Holds a Conference in the Washington DC Area

The DC and Baltimore metro-area is arguably the largest concentrated region in the country for IT security professionals, hackers, penetration testers, application security specialists etc. The fact that a highly advanced and technical conference by the EC-Council is coming to the area, should have the DC cyber security scene pumped up.

EC-Council has made a commitment recently to bring highly technical and advanced training seminars and conferences to the market. The recent launch of TakeDown Con and then the existence of their Hacker Halted conference has them emerging as a leader in this space. The reviews from TakeDown Con were excellent. They are clearly doing what it takes to get some of the top experts in the field to present and teach shorter version classes at these conferences.

Many of the security conferences that are out there these days leave a true seasoned IT security professional wanting more. The lack of deeper, advanced technique training is always what keeps the pros away and seems to attract more and more newbies to them. The recent launch of the EC-Council conferences is a sigh of relief for many in the field. Being able to visit great locations for a conference and walk away with advanced skill sets, on the company dollar, is what many in our field are hoping for. Now with the CAST Summit Washington DC, many in the MD, VA and DC area should be able to easily justify this with the training budget managers. Here is the series of classes being held:

You can register through the featured reseller, Advanced Security by ACE:

CAST Summit Washington DC Registration


EC-Council’s Take Down Con is Huge Success

The reviews are in from the EC-Council’s Take Down Con in Dallas a few weeks ago. We had the chance to speak to some presenters, instructors and attendees and the feedback is unanimous. The conference was a success. The conference was created to be a technical skill set leader in the field of pentesting and hacking, and it achieved that goal.

Other conferences in the security space often carry too little high level tech presentations and instruction. They often offer blanket presentations that are more geared for beginners. The few conferences out there now that are geared for the higher level security professional are very expensive and have recently received some mixed reviews, but Take Down Con blew them all away!

The feedback was that the conference was intimate and had a level of attendees that is much higher level in skills than the norm. The EC-Council did a great job in bringing in some exceptional names and respected true professionals to offer high level classes, speeches and presentations. The high level of content at this conference lead to high level discussions and idea sharing among the attendees at night and in between events.

Overall people really seemed to benefit from and enjoy this conference a great deal. It looks like EC-Council is really beginning to emerge as a leader in the technical conference space. The next Take Down Con is listed for Las Vegas in December, 2011.

For more information, visit the Take Down Con website.


Average Salary Value of the CEH Certification

There is a great post on the IT Training Blog about the Average Salary of the CEH Certification. The post covers data from a few different parts of the world where the CEH cert is most popular. The numbers seemed a little low to me at first, but after some more consideration, the CEH cert is a baseline hacking certification and typically is held by people with a lower level of pen testing experience. I’d be interested to see the increase in average salasry of the ECSA cert, but there may not be available data for that yet. Check out the post here:

Average Salary of the CEH Certification


Assessing the Value of the ECSA and LPT Certifications by the EC-Council

The EC Council Certified Security Analyst (ECSA) and Licensed Penetration Tester (LPT) certification is the most advanced ethical hacking certification by the EC-Council. The certification is based on the analytical process of ethical hacking and complements the more basic Certified Ethical Hacker (CEH). While CEH presents hacking technologies and tools to the learner, ECSA focuses on analyzing what the outcome of these tools are. Learners who go through ECS training and certification are able to identify security risks to a network, system or infrastructure and mitigate these risks, thus keeping data safe.

Given the highly sensitive nature of this kind of training, it is important that learners enroll with licensed content providers called ATC’s (Accredited Training Center) and get authentic training from CEI’s (Certified EC-Council Instructor). Achieving the ECSA certification ensures that you get a high quality, recognizable certificate, which can help you work on security architectures of many types.

The ECSA certification is approved by ANSI. Many of the other competing certifications are not licensed by ANSI and typically carry no value ( Google “certified penetration tester” and see what arbitrary made up wonders you come up with). Getting certified by such bodies is virtually worthless as anyone, literally anyone, can found their own “Certification body”. So stick with the ANSI approved certs like the ECSA and most of the SANS certs.

You must obtain the ECSA exam before enrolling for the Licensed Penetration Tester (LPT) certification. The LPT is advanced course content as well, covering pentesting and security based on intense past assessments and best practices.

Both the ECSA and LPT certification curriculum are developed by the top brains in the field. A minimum of 47 modules and topics are taught, including basics such as need for security analysis and War Dialing, Advanced Sniffing techniques, advanced wireless testing, log and snort analysis and advanced exploits and tools. Penetration testing includes pre-penetration testing checklists, VoIP, VPN, database, log management, broadband, Bluetooth/hand held and physical security penetration testing.

EC Council certifications are not just extensive but credible too. The ECSA and Licensed Penetration Tester certs are just now hitting the popularity levels that CEH was at about two years ago. Once CEH saturates in the market a bit more, expect these two certs to be right where CEH is now. Because, well, hackers aren’t going to want to stop learning how to hack. Right?


CEH v7

Certified Ethical Hacker Version 7 (aka v7) has been much anticipated for some time now. The certification has needed updating and version 6.1 only took the updates so far. CEH v7 is going to be a more difficult curriculum, it will include much improved instructor resources (like slides and diagrams etc.), it includes more test-included modules and it includes many new and advanced hacking techniques. Most importantly, the exam is changing. It is going to include a more difficult and updated set of questions. So far, the passing score is set to be the same, but the material / question base is what is changing.

More details can be found at the IT Training Blog.


DoD 8570 Directive and the Certified Ethical Hacker

A further testament to two main trends arose recently when the DoD 8570 directive had Certified Ethical Hacker added to its list of certifications that prove worthiness to work in a certain capacity that serves the DoD community. Those statements were:

1) The Certified Ethical Hacker is, without argument, the hottest certification out right now.
and
2) Hacking / Pentesting is the future of IT security / information assurance workers.

Delving more into item #1, the CEH is the most highly sought after cert in the business. The searches per month on google (use the keyword tool) will prove that to you if you need subjective information about that. The certification has been done the right way entirely, from top to bottom, by the EC-Council management. Marketing, content etc.

As for the second topic, hacking and pentesting has become the main training priority of information assurance workers. Not only are people going in large numbers to learn the concepts or the Certified Ethical Hacker, but now, more than ever before, employees are being trained on advanced defense tactics (ie from the ECSA / LPT) and advanced hacking concepts like the Advanced Penetration Tester (APT) certification. Sorry CISSP, but your days of being at the top are so limited its not even funny. Theoretical / conceptual information assurance practitioners are taking a back seat to people who can break into a network from a major corporation that has a huge annual security budget and spends millions on their firewall and security software. Because I would trust my network to that guy (again see APT).

Certified Ethical Hacker Training Information

Get  more  information on this course!


Follow

Get every new post delivered to your Inbox.