Skip to content

Zero-Day Vulnerability Management

by on September 5, 2011

This is a webinar presented by Ari Takanen of Codenomicon. He basically takes the approach of fuzzing to find vulnerabilities yourself. I thought this was interesting, I don’t know how financially feasible it is to integrate fuzzing of all communication interfaces, and file formats in your enterprise – I do however think it has some merit in certain environments.

I put this video here because I know that people are always concerned about Zero-Day exploits being used by APT attackers. The concern that I have is that not all exploitation requires the presence of a vulnerability. If I email someone a trojaned PDF, then via that trojaned PDF I drop a key logger on the box and move around the network with stolen credentials – I don’t know how this addresses that.

About these ads
One Comment

Trackbacks & Pingbacks

  1. Surviving the Week – 09/23/2011 | Man Vs WebApp

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 10,170 other followers

%d bloggers like this: