Three Benefits to an Offensive Security Approach - Whiteboard Wednesday

June 19, 2014

Offensive security is a proactive approach to protecting your network from outside attackers. Many times people throw up a firewall or install anti-virus and think that these security tools are going to protect you from data loss when in reality; these tools are not always working as advertised. Offensive security allows you to validate that the security measures you have in place in your environment are doing their jobs and protecting your data.

Offensive security tools take a different approach when looking at security when compared to defensive security tools. Offensive security tools are unique because they use the attacker's perspective and essentially try to (safely) hack into your environment and unveil the vulnerable holes in your environment. By proactively revealing these vulnerabilities, you can quickly update, patch or configure the defensive tools to remediate vulnerabilities.

Get started today with offensive security! Download Metasploit to see which vulnerabilities are actually exploitable in your environment. Metasploit thinks like an attacker by safely simulating attacks on your vulnerabilities and reports back if they are exploitable or not.

Try Metasploit today for free!

Video Transcript

Hi. I'm Rene Aguero. I'm a Senior Security Sales Engineer here at Rapid7. This week's Whiteboard Wednesday is on why would anybody use offensive security. Offensive security is really the other side of traditional security. So many times we're going out and we're trying to protect what is valuable to us. So we'll put it inside of a safe, or we'll put it maybe inside of a bank. The bank has walls around it and security guards. We want to be able to validate that some of those defensive security solutions are working as advertised. 

Show more Show less

A perfect example is I went out and I made a change on my firewall. I hit Save. I've saved my configuration, whatever that might be. How can I really make sure that this change has actually taken effect? Let's say I shut down Telnet. I can use things like nmap to validate that that port is no longer open on my firewall.

When we're looking at servers and we start to get into the realm of vulnerability scanning, I want to make sure that I only have the services available that are needed to perform my essential business functions. Sometimes you run a vulnerability scan, and you find that Adobe Reader is installed on this server. Is there a legitimate business reason for this application to be running on this server? If there isn't, let's go ahead and remove it, and then we start to really minimize the overall attack surface and make what we have to defend less and make us really ultimately more secure.

The other part of it is getting an attacker's perspective. If somebody was to come after me, what would they be able to see? What vulnerabilities do I have in my environment? Is the front door wide open? Is there some type of crack in the wall that I did not know about? These are things we want to be proactive about and get ahead of, so that we know what's happening in our environment before an attacker scans us, finds out that something is exploitable in our environment, and then gets in through that particular hole.

The last part is that, nowadays, it doesn't matter if you're at a coffee shop across the street or you're across the world in another continent, an IP address is an IP address. Everything is interconnected. Your attack surface from somebody who is using your software or your systems legitimately from their home or an attacker in someone's basement across the world, wherever that might be, is the really the same attack surface.

So we want to make sure that we're using proactive security tools to make sure that our defensive security tools are working as advertised, making sure that we're putting on an attacker's hat and saying, "What would an attacker really be able to see in the environment?" We're all interconnected. Everything in the Internet is connected, and we're using it both for legitimate and for illegitimate business.

If you have any questions around this, the folks here at Rapid7 are more than willing to help you out. We also have a couple of free security solutions available on with Nexpose community and Metasploit Community.

Thanks for tuning in for this week's Whiteboard Wednesday. We hope to see you next week.