With the development and proliferation of computer parks large companies, searching for security vulnerabilities has become an almost tedious task.
Thousands of thousands of lines of code would have to be searched to find what might constitute an innate failure to establish the program itself. Faced with such a difficulty, the American giant Google, offers a service allowing, to meet the challenge of hunting security vulnerabilities. And this through open source software, which should be able to scan and check whether in a particular system there are vulnerabilities or not.
This article will also interest you: An umpteenth class action against Google
Such a computer program is welcome. According to the report provided by Skybox Security, the world leader in cybersecurity operations, analysis and reporting: "In 2018, the number of software vulnerabilities surpassed that of the previous year, with a 12% increase in the total number of vulnerabilities published in 2017." On the NTT side, a recently published study entitled "2020 Global Network Insights Report" highlights an increase in increased, timely security vulnerabilities in the equipment of corporate network infrastructure. One could infer from this, that companies did not yet have control of the management of security patches.
But this can be understood when you consider that vulnerability identification and deployment of security patches often come up very tedious. A true journey of the fighter in consideration of the very structure of computer networks that are becoming more and more complex and multiple
However, beyond consideration, organizations must respond as soon as possible when cybercriminals are already trying to take advantage of or are already taking advantage of certain vulnerabilities discovered without their knowledge. This goes from protecting potentially vulnerable assets.
Indeed, cyber criminals today fund greater investment in the automation of computer attacks. This means that the response time to a vulnerability, especially if it is critical enough, is measured in just a few hours. A few hours before everything was totally out of control. A real challenge for organizations that today see millions of systems at their expense to connect around the world.
At this level, the management of security vulnerabilities, from detection to support, must be largely automated, if possible completely. This presents itself as a very difficult challenge. At this level the idea of Google, through the vulnerability scanner, is just timely.
Already used internally by the American giant, it has been made available on GitHub since June. This program has been dubbed Tsunami. Here unlike several computer programs offered by Google, this one will be managed by the free software community, because actually Google offers it in open source
The peculiarity, not to be one of the peculiarities of this program developed by the American giant, and it has the possibility to conduct fairly precise analyses in very large systems, without requiring the operation of several devices.
On his blog the American giant explains how his program executes the process. It is usually done in two steps during the scan. The first step will be some kind of recognition. The solution scans the company's network to search for open ports or connections. It scrupulously analyzes each port. It seeks to identify protocols and services that are being implemented so as not to confuse them when labelling ports. It continues its process through vulnerability detection.
Then comes the second process. Thanks to the results of the first step, the solution will seek to verify whether this is indeed a security flaw. The program will then use many of the information it would have collected during the reconnaissance phase. And to confirm these analyses, Google's solution will try infiltrations to confirm or disprove the vulnerability of the systems.
Making the scanner as accurate as possible, the main objective of this project. That's why Google tries to provide the maximum results with the fewest false positives, in other words incorrect detections. Because as several experience shows, it only takes a small false positive, to cause the sending of incorrect patches several devices that in reality are not vulnerable. This could lead to breakdowns with significant effects.
Now access an unlimited number of passwords: