My Account Log in

3 options

The vulnerability researcher's handbook : the comprehensive guide for discovering, reporting, and publishing security vulnerabilities / Benjamin Strout.

EBSCOhost Academic eBook Collection (North America) Available online

View online

Ebook Central College Complete Available online

View online

O'Reilly Online Learning: Academic/Public Library Edition Available online

View online
Format:
Book
Author/Creator:
Strout, Benjamin, author.
Language:
English
Subjects (All):
Business enterprises--Computer networks--Security measures.
Business enterprises.
Management information systems--Security measures.
Management information systems.
Physical Description:
1 online resource (260 pages)
Edition:
1st ed.
Place of Publication:
Birmingham ; Mumbai : Packt Publishing, [2023]
Biography/History:
Strout Benjamin: Benjamin Strout is a veteran of the technology industry and a passionate technology communicator. His experience in healthcare, biotech, pharmaceutical, and fintech industries has led him into a role as a lead penetration tester at one of the largest healthcare conglomerates in the United States. Founder and point of contact of Maine's local DEF CON group (DC207), he has been featured as a guest speaker at various conferences. He has contributed to works as a technical reviewer and published 30+ CVEs for technologies in use worldwide. When not teaching others or tinkering with some technological curiosity, he's busy learning bluegrass licks on his banjo and playing with his cats, Dionysius and Louis Thanksgiving.
Summary:
Learn the right way to discover, report, and publish security vulnerabilities to prevent exploitation of user systems and reap the rewards of receiving credit for your work Key Features Build successful strategies for planning and executing zero-day vulnerability research Find the best ways to disclose vulnerabilities while avoiding vendor conflict Learn to navigate the complicated CVE publishing process to receive credit for your research Book Description Vulnerability researchers are in increasingly high demand as the number of security incidents related to crime continues to rise with the adoption and use of technology. To begin your journey of becoming a security researcher, you need more than just the technical skills to find vulnerabilities; you'll need to learn how to adopt research strategies and navigate the complex and frustrating process of sharing your findings. This book provides an easy-to-follow approach that will help you understand the process of discovering, disclosing, and publishing your first zero-day vulnerability through a collection of examples and an in-depth review of the process. You'll begin by learning the fundamentals of vulnerabilities, exploits, and what makes something a zero-day vulnerability. Then, you'll take a deep dive into the details of planning winning research strategies, navigating the complexities of vulnerability disclosure, and publishing your research with sometimes-less-than-receptive vendors. By the end of the book, you'll be well versed in how researchers discover, disclose, and publish vulnerabilities, navigate complex vendor relationships, receive credit for their work, and ultimately protect users from exploitation. With this knowledge, you'll be prepared to conduct your own research and publish vulnerabilities. What you will learn Find out what zero-day vulnerabilities are and why it's so important to disclose and publish them Learn how vulnerabilities get discovered and published to vulnerability scanning tools Explore successful strategies for starting and executing vulnerability research Discover ways to disclose zero-day vulnerabilities responsibly Populate zero-day security findings into the CVE databases Navigate and resolve conflicts with hostile vendors Publish findings and receive professional credit for your work Who this book is for This book is for security analysts, researchers, penetration testers, software developers, IT engineers, and anyone who wants to learn how vulnerabilities are found and then disclosed to the public. You'll need intermediate knowledge of operating systems, software, and interconnected systems before you get started. No prior experience with zero-day vulnerabilities is needed, but some exposure to vulnerability scanners and penetration testing tools will help accelerate your journey to publishing your first vulnerability.
Contents:
Cover
Title Page
Copyright and Credits
Dedication
Contributors
Disclaimer
Table of Contents
Preface
Part 1- Vulnerability Research Fundamentals
Chapter 1: An Introduction to Vulnerabilities
Introducing software vulnerabilities
The CIA Triad
Organizing impacts
Getting familiar with software vulnerability scanners
Common vulnerability scanning tools
Exploring common types of software vulnerabilities
Web applications
Client-server applications
Inspecting the software vulnerability life cycle
Inception
Discovery
Exploitation and remediation
Deprecation
Summary
Further reading
Chapter 2: Exploring Real-World Impacts of Zero-Days
Zero-days - what are they?
Zero-day vulnerability
Zero-day attack
An analogy of zero-day terminology
Exploring zero-day case studies
Pulse - CVE-2019-11510
Confluence - CVE-2021-26084
Microsoft .NET CVE-2017-8759
Citrix - CVE-2019-19781
Considering zero-day ethics
Researcher responsibility
Vendor responsibility
Chapter 3: Vulnerability Research - Getting Started with Successful Strategies
Technical requirements
What is vulnerability research?
Conducting research
Selecting research targets
Finding targets that interest you
Likely vulnerable and downloadable software
Exploring vulnerabilities with test cases
Test cases - a primer
Building effective test suites
Writing your own test cases
Introducing common research tools
Note-taking, screenshot, and screen recording tools
Hypervisors and virtual machines
Web application proxies
Debuggers and decompilers
Part 2 - Vulnerability Disclosure, Publishing, and Reporting
Chapter 4: Vulnerability Disclosure - Communicating Security Findings.
Vulnerability disclosure - what and why
What is vulnerability disclosure?
Why is vulnerability disclosure important?
Different types of disclosures
Bug bounties and coordinated disclosure
Initiating disclosure
What happens after disclosure?
Sample disclosure template
Approaching common challenges
Duplication of efforts
Unresponsive vendors
Uncooperative vendors
Failed vendors
Hostile vendors
Chapter 5: Vulnerability Publishing -Getting Your Work Published in Databases
Demystifying vulnerability publishing
Why publish vulnerabilities?
What are some of the risks involved in vulnerability publishing?
Selecting the right vulnerability publishing method
CVE
CVE CNA intermediates
Ineligible application publication options
Exploitation databases
Practical vulnerability publishing examples
A CNA-sponsored CVE
A CNA-LR-sponsored CVE
CNA intermediate sponsored CVE
Chapter 6: Vulnerability Mediation - When Things Go Wrong and Who Can Help
The basics of vulnerability mediation
What is vulnerability mediation?
Types of mediators
When to consider mediation services
Benefits of vulnerability mediation
Resolving disputes through vulnerability mediation
The vulnerability mediation process
Mediator resources
The CERT/CC
The US-CERT
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)
Other CERT organizations
Bug bounty programs
Legal support
Other mediation options
Chapter 7: Independent Vulnerability Publishing
Independent disclosures and their place in a vulnerability life cycle
The benefits of independent publishing
Risks of independent publishing
How to independently publish while avoiding risks.
Avoiding the common risks in publishing
How to independently publish a vulnerability
A before-you-publish checklist
Additional reading
Part 3 - Case Studies, Researcher Resources, and Vendor Resources
Chapter 8: Real-World Case Studies - Digging into Successful (and Unsuccessful) Research Reporting
Case study 1 - are we there yet?
Lessons learned
Possible improvements
Case study 2 - contract clause
Case study 3 - tough customers
Case study 4 - large corporations and you
Case study 5 - I'd like to speak to your manager
Chapter 9: Working with Security Researchers - A Vendor's Guide
What is a security researcher?
The characteristics of a researcher
The skillset of a researcher
The motivations of a researcher
Harnessing researcher resources
Building trust and collaboration with researchers
Avoiding common relationship missteps
Building positive vendor-researcher relations
Crafting a responsible disclosure policy
An example policy - Acme Logistics' responsible disclosure policy
Chapter 10: Templates, Resources, and Final Guidance
Research test case templates
Vendor communication email templates
An introduction email for a company with no security disclosure policy
Sample disclosure template with security policy
Attempting to reinitialize communication
Notification of pending publication with an unresponsive vendor
CVE templates
CVE reservation template
CVE disclosure template
Organizational templates
Workspace
Research to disclosure
Summary and final words
Index
About Packt
Other Books You May Enjoy.
Notes:
Includes index.
Description based on print version record.
ISBN:
9781803243566
1803243562
OCLC:
1369645747

The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.

Find

Home Release notes

My Account

Shelf Request an item Bookmarks Fines and fees Settings

Guides

Using the Find catalog Using Articles+ Using your account