AU2018213164A1 - Setting up penetration testing campaigns - Google Patents

Setting up penetration testing campaigns Download PDF

Info

Publication number
AU2018213164A1
AU2018213164A1 AU2018213164A AU2018213164A AU2018213164A1 AU 2018213164 A1 AU2018213164 A1 AU 2018213164A1 AU 2018213164 A AU2018213164 A AU 2018213164A AU 2018213164 A AU2018213164 A AU 2018213164A AU 2018213164 A1 AU2018213164 A1 AU 2018213164A1
Authority
AU
Australia
Prior art keywords
penetration testing
campaign
attacker
penetration
manually
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
AU2018213164A
Other languages
English (en)
Other versions
AU2018213164A2 (en
Inventor
Adi ASHKENAZI
Boaz GORODISSKY
Menahem Lasser
Ronen Segal
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
XM Cyber Ltd
Original Assignee
XM Cyber Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US15/681,692 external-priority patent/US10122750B2/en
Priority claimed from US15/837,975 external-priority patent/US10068095B1/en
Priority claimed from PCT/IB2018/050328 external-priority patent/WO2018138608A2/en
Application filed by XM Cyber Ltd filed Critical XM Cyber Ltd
Priority claimed from PCT/IB2018/050417 external-priority patent/WO2018138640A1/en
Publication of AU2018213164A1 publication Critical patent/AU2018213164A1/en
Publication of AU2018213164A2 publication Critical patent/AU2018213164A2/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Debugging And Monitoring (AREA)
  • Computer And Data Communications (AREA)
AU2018213164A 2017-01-30 2018-01-24 Setting up penetration testing campaigns Pending AU2018213164A1 (en)

Applications Claiming Priority (15)

Application Number Priority Date Filing Date Title
US201762451850P 2017-01-30 2017-01-30
US62/451,850 2017-01-30
US201762453056P 2017-02-01 2017-02-01
US62/453,056 2017-02-01
US201762506161P 2017-05-15 2017-05-15
US62/506,161 2017-05-15
US15/681,692 US10122750B2 (en) 2017-01-30 2017-08-21 Setting-up penetration testing campaigns
US15/681,782 2017-08-21
US15/681,692 2017-08-21
US15/681,782 US10999308B2 (en) 2017-01-30 2017-08-21 Setting-up penetration testing campaigns
US15/837,975 US10068095B1 (en) 2017-05-15 2017-12-11 Systems and methods for selecting a termination rule for a penetration testing campaign
US15/837,975 2017-12-11
AUPCT/IB2018/050328 2018-01-18
PCT/IB2018/050328 WO2018138608A2 (en) 2017-01-30 2018-01-18 Penetration testing of a networked system
PCT/IB2018/050417 WO2018138640A1 (en) 2017-01-30 2018-01-24 Setting up penetration testing campaigns

Publications (2)

Publication Number Publication Date
AU2018213164A1 true AU2018213164A1 (en) 2019-08-08
AU2018213164A2 AU2018213164A2 (en) 2020-10-01

Family

ID=67473442

Family Applications (2)

Application Number Title Priority Date Filing Date
AU2018102184A Ceased AU2018102184A4 (en) 2017-01-30 2018-01-24 Setting up penetration testing campaigns
AU2018213164A Pending AU2018213164A1 (en) 2017-01-30 2018-01-24 Setting up penetration testing campaigns

Family Applications Before (1)

Application Number Title Priority Date Filing Date
AU2018102184A Ceased AU2018102184A4 (en) 2017-01-30 2018-01-24 Setting up penetration testing campaigns

Country Status (3)

Country Link
EP (1) EP3559852A1 (de)
AU (2) AU2018102184A4 (de)
IL (3) IL268204B (de)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111447468A (zh) * 2019-09-25 2020-07-24 来享享网络科技股份有限公司 一种信息共享系统、方法及非暂时性机器可读媒体

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111881452B (zh) * 2020-07-17 2022-06-24 哈尔滨工业大学(威海) 一种面向工控设备的安全测试系统及其工作方法
CN117806226B (zh) * 2024-03-01 2024-04-30 北京中关村实验室 针对plc设备协议栈的深层次漏洞挖掘方法和系统

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111447468A (zh) * 2019-09-25 2020-07-24 来享享网络科技股份有限公司 一种信息共享系统、方法及非暂时性机器可读媒体
CN111447468B (zh) * 2019-09-25 2023-04-25 来享享网络科技股份有限公司 一种信息共享系统、方法及非暂时性机器可读媒体

Also Published As

Publication number Publication date
AU2018102184A4 (en) 2020-10-22
IL272836A (en) 2020-04-30
IL268204A (en) 2019-09-26
AU2018213164A2 (en) 2020-10-01
IL272836B (en) 2020-06-30
EP3559852A1 (de) 2019-10-30
IL274823A (en) 2020-07-30
IL268204B (en) 2020-04-30

Similar Documents

Publication Publication Date Title
US10505969B2 (en) Setting-up penetration testing campaigns
US10068095B1 (en) Systems and methods for selecting a termination rule for a penetration testing campaign
US10534917B2 (en) Testing for risk of macro vulnerability
US10257220B2 (en) Verifying success of compromising a network node during penetration testing of a networked system
US10581895B2 (en) Time-tagged pre-defined scenarios for penetration testing
US10447721B2 (en) Systems and methods for using multiple lateral movement strategies in penetration testing
US11206282B2 (en) Selectively choosing between actual-attack and simulation/evaluation for validating a vulnerability of a network node during execution of a penetration testing campaign
US10686822B2 (en) Systems and methods for selecting a lateral movement strategy for a penetration testing campaign
US10038711B1 (en) Penetration testing of a networked system
US20200153852A1 (en) Locally Detecting Phishing Weakness
US20190245883A1 (en) Penetration testing of a networked system
US10574687B1 (en) Systems and methods for dynamic removal of agents from nodes of penetration testing systems
US11283827B2 (en) Lateral movement strategy during penetration testing of a networked system
AU2018102184A4 (en) Setting up penetration testing campaigns
AU2018273171B2 (en) Verifying success of compromising a network node during penetration testing of a networked system
WO2018138640A1 (en) Setting up penetration testing campaigns

Legal Events

Date Code Title Description
DA3 Amendments made section 104

Free format text: THE NATURE OF THE AMENDMENT IS AS SHOWN IN THE STATEMENT FILED 28 AUG 2020

Free format text: THE NATURE OF THE AMENDMENT IS: APPLICATION IS TO PROCEED UNDER THE NUMBER 2018102184