When choosing which vulnerability assessment tools to use to evaluate your business's security posture and where you can improve or fortify your network, it's important that you cover all categories of health without breaking the bank on proprietary tools. Twinstate's focus during a VA is less tool-centric than other security teams' might be. Instead of focusing on the tool brand, we focus on covering those health categories — and suggest you do the same.
Finding the Right VA Tools For the Job
As you go about choosing your VA tools (long prior to actually starting the VA), be sure you have the following categories covered:
Tools to Assess Your Network
"When someone is looking at a vulnerability assessment, network assessment tools is a major category to consider," says Jennifer Allen, Twinstate's Red Team manager. These tools allow you to test devices on the network, including patch levels, configurations, open and closed services, encryption implementation, etc.
For a broad-level assessment, consider an open source toolkit to help you get started, then drill down using vendor-centric tools specific to your organization's network. Using open source VA tools as a first step can be a wise move because they provide the foundational point to begin the project.
Assessing Your Website and Web App Vulnerabilities
Your web server testing tools will likely be in your broader testing toolkit, but site and apps will need different tests that can assess secure coding practices and verify what type of information disclosure you have on your site, Allen explains. These tools can include recon tools, as well as ad hoc tools.
Recommended Read: Not All Vulnerability Tests Are Created Equal
Credential Assessment Tools
The next level to your testing process and tools involves credentials. The tools in this category assess the strength of credentials for accounts on the network. They include password crackers, as well as tools that can assess policy through an understanding of how many rounds of cracking the tester would need to go through to succeed in accessing the network.
Assessing Your Wireless Networks
Depending on how deeply you want to assess vulnerabilities, you might want to consider completing an assessment of your wireless networks.
Bonus: Social Engineering Assessment Tools
If you want to get aggressive with your testing, consider using a social engineering toolkit, which can help you assess the vulnerability of your fellow employees.
Where to Go, Who to Trust
With all of these tools on your team, you'll be poised to begin testing remediation. But if you have any doubt, an objective third-party testing option is always available.
Bear in mind that using these tools will reveal highly sensitive data about your employees and organization that can be very damaging if misused. Make sure the partner you select is credentialed and experienced with these types of tools, and most importantly, trustworthy.
Originally published on 11/10/2016
Topic: Vulnerability