Luis Quiñones Engineering Manager Latin America [email protected].
-
Upload
agapito-bermudes -
Category
Documents
-
view
216 -
download
0
Transcript of Luis Quiñones Engineering Manager Latin America [email protected].
![Page 2: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/2.jpg)
ISS Hoy
• Nació en Atlanta, GA - 1994• Pioneros y líderes de auditoria y monitoreo • Fuimos a la bolsa (went public) Marzo 23, 98.• 30-40% crecemiento por trimestre• +300 empleados• +1000 clientes por todo el mundo
![Page 3: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/3.jpg)
Operaciones de ISS
ISS KKTokyo,Japan
HeadquartersAtlanta, GA
ISS Sales & Support Offices
ISS Certified Security Partner/Distributor
ISS NVBrussels, Belgium
![Page 4: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/4.jpg)
Mercado Financiero
9 of 10 Top U.S. Banks• Citibank• Bank of America• Chase Manhattan/ Chemical• JP Morgan• BancOne Corp• First Union• NationsBank• MBNA• Deutsche Bank• Charles Schwab
![Page 5: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/5.jpg)
Alta Tecnología
• Motorola• Raytheon• IBM• Intel• Compuserve• America Online• Adobe• Hewlett Packard• Lockheed Martin• MCI• BellSouth• Lucent
![Page 6: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/6.jpg)
Gobierno
• Department of Energy• NASA• Naval Research
Laboratory• Commonwealth of
Virginia• Federal Trade
Commission• US Army
• Los Alamos National Laboratory
• Defense Megacenter• Bureau of Public Debt• Lawrence Livermore
National Labs• US Air Force
![Page 7: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/7.jpg)
Socios Estratégicos
• Unisys• Ernst & Young• Price Waterhouse• KPMG Peat Marwick• Coopers & Lybrand• SAIC• INS• NCSA• Siemans• EDS• Paranet
• Check Point• IBM Global Services• Sun• NCR• Tivoli• GTE Internetworking
![Page 8: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/8.jpg)
La Necesidad de Seguridad
• Sistemas Abiertos: beneficios vs. riesgo
• Rapida adopción de tecnología internet
• Redes dinámicas• La amenaza
creciente: dentro y fuera
• Seguridad Limitada recursos/expertos
• Políticas centrales vs. Prácticas distribuidas
![Page 9: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/9.jpg)
• www.10pht.com• www.r00t.org/warez.html• www.microagewny.com/home/claw/hackers.html• www.golden.net/~jester/court.html• www.rootshell.com• www.fe.net/phrack.html
¿ Cuál es el Problema? Es muy fácil aprender a hackear...
![Page 10: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/10.jpg)
Evidencia de la Amenaza
![Page 11: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/11.jpg)
![Page 12: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/12.jpg)
![Page 13: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/13.jpg)
![Page 14: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/14.jpg)
Consecuencias
• Pérdidas financieras• Pérdida de propiedad
intelectual• Pérdida de
productividad por mal uso
• Mal uso de acceso a extranet
![Page 15: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/15.jpg)
Datos del Problema
• 42% reportaron ataques externos, sobre 16% el último año
• 43% reportaron ataques de los empleados, 29% el último año
• 38% dicen haber sido víctimas de espionaje industrial, sobre 6% el último año
• Cerca del 1% están activamente monitoreando posibles intrusos
Source: Ernst & Young
![Page 16: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/16.jpg)
Infrastructrura
N E T W O R K S
S Y S T E M S
A P P L I C A T I O N S
![Page 17: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/17.jpg)
Bases para la Seguridad
N E T W O R K SN E T W O R K S
S Y S T E M SS Y S T E M S
A P P L I C A T I O N SA P P L I C A T I O N S
ACCESSCONTROL AUTHENTICATION ENCRYPTION
![Page 18: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/18.jpg)
Seguridad Tradicional
Security =
ACCESSCONTROL AUTHENTICATION ENCRYPTION
Safeguards
Safeguards
![Page 19: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/19.jpg)
Vulnerabilidades
N E T W O R K SN E T W O R K S
S Y S T E M SS Y S T E M S
A P P L I C A T I O N SA P P L I C A T I O N S
ACCESSCONTROL AUTHENTICATION ENCRYPTION
![Page 20: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/20.jpg)
Medidas Tradicionales de Seguridad
• Se ignoran las amenazas internas
• Poco amigable• No hay manera de medir su
efectividad• Medidas estáticas, cuando
las redes son realmente dinámicas
Muy importante, pero...
![Page 21: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/21.jpg)
Abierto Protegido
Políticas de Políticas de SeguridadSeguridad
Determinar las prácticas de seguridad Determinar las prácticas de seguridad actualesactuales
Pérdida de Información
Dónde Comienzo?
UniversidadesInstitucionesfinancieras
![Page 22: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/22.jpg)
21.3%
60.8%
17.9%
High Medium Low
Percent of Vulnerabilities by Severity
No puedes manejar lo que no puedes medir
10
50
90
130
170
210
High Medium Low
Organizational Vulnerability Trends Analysis
![Page 23: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/23.jpg)
Vulnerabilities
200
150
100
50
0
1 2 3 4 5 6Week
Reducir vulnerabilidades(Monitorear para cambios)
Monitorear para Amenazas(En tiempo Real)
Lo que Queremos es Bajar el Riesgo
![Page 24: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/24.jpg)
Reducir el Riesgo para los Negocios
Manejar el riesgoManejar el riesgo
X
![Page 25: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/25.jpg)
¿Qué son las Vulnerabilidades?
• Defectos de Software
• Errores humanos y desconfiguración
• Servicios Activos/inactivos
• Susceptibilidad a caídas del sistema
…en servicios de red y arquitectura, sistemas operativos, aplicaciones
![Page 26: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/26.jpg)
¿Cuáles son las Amenazas?
• Amenazas internas:– contratistas, emoleados disgustados,
mal uso
• Amenazas externas:– competidores,hackers contratados por la
competencia, empresas de confianza que poseen acceso
• Amenazas estructuradas:– métodos automatizados para recoger
información y atacar
• Amenazas no estructuradas:– ataques sin propósito para recoger
información, mialuso
Personas y organizaciones que explotan las vulnerabilidades
![Page 27: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/27.jpg)
Seguridad = + Vulnerabilidades& Amenazas
Detección de
Responder
La clave para la administración es la seguridad adaptativa
![Page 28: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/28.jpg)
SecurityPolicy
![Page 29: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/29.jpg)
PRO-A
CTIV
OS
PRO-A
CTIV
OS
IN DEVELOPMENT
ACTIV
OS
ACTIV
OS
![Page 30: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/30.jpg)
Internet Scanner
![Page 31: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/31.jpg)
Internet Scanner
Escaneando la Red
![Page 32: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/32.jpg)
Network, Operating Systems, Applications
Deteccion de Vulnerabilidades en las Redes
![Page 33: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/33.jpg)
• Detecta todas las vulnerabilidades basadas en números IP, incluyendo Windows NT y UNIX
• Chequea vulnerabilidades en los servicios de la red, sistemas operativos y aplicaciones
• Prioriza vulnerabilidades y recomienda acciones correctivas
Escaneando la Red
![Page 34: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/34.jpg)
![Page 35: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/35.jpg)
![Page 36: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/36.jpg)
![Page 37: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/37.jpg)
![Page 38: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/38.jpg)
![Page 39: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/39.jpg)
![Page 40: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/40.jpg)
System Security Scanner
![Page 41: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/41.jpg)
Escaneando un Host
![Page 42: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/42.jpg)
Deteccion de Vulnerabilidades en Los Hosts
SystemSecurityScanner
Systems
![Page 43: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/43.jpg)
• Detecta vulnerabilidades de seguridad en la configuración de los sistemas operativos y permisos de servicios
• Análisis detallado de passwords• Detecta puertas traseras y
herramientas de los hackers• Detection remota, operación y reportes
centralizados• Prioriza, recomienda y
automaticamente toma acciones correctivas
Escaneando un Host
![Page 44: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/44.jpg)
![Page 45: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/45.jpg)
Real Secure
![Page 46: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/46.jpg)
Detección de intrusos en tiempo Real en la Red y en
los Hosts
![Page 47: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/47.jpg)
EXTERNALATTACK
ALERT!ATTACK
DETECTED
RECORD SESSION
TERMINATE SESSION
EMAIL/LOG/
REPORT
ALERT!ATTACK
DETECTED
RECONFIGUREFIREWALL/
ROUTER
INTERNALATTACK
ALERT
ALERT
RECORD SESSIONSEND EMAILLOG SESSION
EMAIL/LOG/
REPORT
![Page 48: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/48.jpg)
• Monitorea el tráfico de la red para detectar “ataques” y “mal uso”
• Monitorea el sistema operativo para detectar “ataques” y “mal uso”
• Priorización de ataques• Respuesta activa, aviso, y
guardado de opciones• Detección remota, administración
centralizada• Señuelos, capacidad de desviar el
ataque
Detección de intrusos en tiempo real en la red y en
los hosts
![Page 49: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/49.jpg)
![Page 50: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/50.jpg)
![Page 51: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/51.jpg)
![Page 52: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/52.jpg)
![Page 53: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/53.jpg)
Servicios Profesionales
![Page 54: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/54.jpg)
Professional Services - Services Links
Quick AssistPenetration
Testing
Triage
Enterprise Threat & VulnerabilityBattle Planning
Security ArchitectureDesign & Engineering
Security Best PracticesPlanning & Assessment
Network ManagementPlanning & Policy Development
Assessment & EngineeringConsulting Services
JumpstartPilot Programs
Enterprise Deployment& Transition
Customized Enablement& Integration
ImplementationServices
Operations & SpecialtyServices
Incident & Post-Attack
ANS OpsSupport
WebAlertService
ANS Program Management Service
Security Program Change Management Planning
![Page 55: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/55.jpg)
Principios de Seguridad
Computacional de ISS
Note: All process, metrics, and safeguards are inherited from the previous level
AssuranceLevel
GeneralDescription
ProcessManagement
Policies Technology Metrics
0
1
2
3
4
5
Chaos
Ad-Hoc Policy &Technology
Initial Structure &Risk Management
Initial NetworkMonitoring, Metrics,& Audit
Adaptive NetworkSecurity Program
Advanced Technologies
No organized or standard processes
No organized or standard processes
Security responsibilitiesand formal identificationof threats & vulnerabilities
Security configurationcontrol and personnel training processes
Continuous processimprovement analysis
No additional processes
Little or no policies
Some generalBest PracticePolicies
Threat & VulnerabilityIdentification-basedpolicies/safeguards
Initial threat andvulnerability monitoring policies
Integrated ANS andPrevention policies.Mandatory training.
Advanced technologypolicies and procedures
No technologyrequirements
General use of “out-of-box” securitysafeguards
Use of threat &vulnerability assessment technology
Use of threat &vulnerability monitoringtechnology
Integrated ANSenvironment & lowlevel encryption
Advanced encryption& authentication solutions
No metrics
No metrics
No metrics
Initial risk posture & threat/vulnerability metrics
Full security posture,response, and awareness metrics
No additional metrics
![Page 56: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/56.jpg)
Metas de la Seguridad
• Manejar el riesgo de la seguridad en la red minimizando vulnerabilidades y amenazas
• Usar una compañía confiable para apoyar el manejo del riesgo en la seguridad
• Automatizar las políticas de seguridad en la red
• Protegerte de tus 30 segs en T.V
![Page 57: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/57.jpg)
• La Seguridad es un viaje, no un destino
• Tu DEBES estar dispuesto a reaccionar rápidamente porque las amenazas y las vulnerabilidades están cambiando siempre
• NO hay una varita mágica
Resumen
![Page 58: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/58.jpg)
Para más información...
• Steve Gant, Director de Operaciones,
678-443-6194
• Comparaciones - Infoworld (ISS,Satan, Axent ESM, NetSonar) http:www.infoworld.com/cgi-bin/displayTCpl?/980316analysis.htm - Network World (ISS, Axent ESM, Stalker, Cops, Asmodeous) 971027 - Incluido en los folletos
![Page 59: Luis Quiñones Engineering Manager Latin America lquinones@iss.net.](https://reader036.fdocuments.us/reader036/viewer/2022062500/5665b43c1a28abb57c904539/html5/thumbnails/59.jpg)
www.iss.netwww.iss.net