NOScan Vulnerability Detection
The first step towards addressing software security vulnerabilities knows that they are present. In this talk I will present one of the modern approaches to detect system/application vulnerabilities without performing any active scans. I will present the fundamental difference between vulnerability detection using an active scan vs NOScan approach. How can a cost-effective vulnerability detection mechanism be setup using Free and Open-Source tools like GLPI and IVA (available in Github). The session will include practical demonstration on how to use the tools mentioned above.
Objective of the session:
To inject the idea that the traditional vulnerability detection techniques have reached a plateau and the evolution of technology is demanding a modern way of vulnerability detection.
Who can attend this session?
Developers, System Engineers who are managing patching activities for their customer or office assets, cyber security professionals, penetration testers, chief information security officer(CISO)
What all will be covered in the session?
- Current Industry Trend on Cyber Security (Vulnerability Management/Penetration Testing/Breaches)
- Key components of the vulnerability scanning process & GAPS in active scanning process
- Bridging the GAP with NOScan (Modern vulnerability detection process)
- Tool Demo
Benefits/Take away for the attendees:
Learn how the cyber security landscape is changing rapidly. How the changing landscape is making the service providers & vendors to keep coming with new age technologies that can provide the CIOs and Board the assurance that their enterprise is secure as on date.
Pre-requisites to attend the session:
Basic understanding of what is a software and its associated attributes like who is the manufacturer, version of the software etc…
Cyber Security Consultant, TCS
A seasoned cyber security professional, Somen has more than 13 years of experience in cyber security, application development and design acquired from various organizational roles and research jobs in the industry. He is experienced in managing vulnerability programs for large enterprises having over hundreds of web applications & more than thousand infrastructures IT assets.
Though he started his career as a .NET developer but ever since his transition to Cyber Security, he has successfully graduated from one role to the other and is managing multiple projects and research work in Cyber Security space. Somen is currently working as a Cyber Security Consultant at Tata Consultancy Services. He also kick started the OWASP Bhubaneswar Chapter in 2010 and is the chapter leader.