From Vulnerability Management to Combined Vulnerability Management to Penetration Testing
Vulnerability
“A flaw in a system that, if leveraged by an attacker, can potentially impact the security of said system”
Also: security bug, security flaw, security hole
Exploit
“To use or manipulate to one’s advantage”
“A security hole or an instance of taking advantage of a security hole”
Proof of Concept Exploit
“A software program or tool that exploits vulnerability with the sole purpose of proving its existence”
Remote Exploit
“A program or tool that does not require legitimate access to the vulnerable system in order to exploit the security flaw”
Exploit Code
“A software program or tool developed to exploit a vulnerability in order to accomplish a specific goal”
Possible goals: denial of service, arbitrary execution of code, etc
Exploit Attack Vector
“The means used by the exploit code to trigger the vulnerability on the target system”
Why Talk About Exploit Code
The classic attack uses exploit code. Once a target (be it a server or a desktop) is compromised, the attacker uses it as a vantage point to penetrate the corporate net and to perform further attacks as an internal user
Legitimate Uses for Exploits
Penetration Testing
Test and fine-tune firewall configuration
Test and fine-tune IDS configuration
Test incident response capabilities
Vulnerability management
EXPLOIT CODE AND PENETRATION TESTING
Please note that both the Attack & Penetration phase and the Privilege Escalation phase uses exploit code
THE VULNERABILITY MANAGEMENT PROCESS
(Vulnerability management, i.e., scan and patch strategy)
IMPROVED VULNERABILITY MANAGEMENT PROCESS
(Vulnerability management + Exploit code)
The attack phase used exploit code
AN ADDITIONAL IMPROVEMENT
Both the attack and the verify phases use exploit code
VULNERABILITY MANAGEMENT AND PENETRATION TESTING COMBO