Network Attack Surface Simplification for Red and Blue Teams

Everson, Douglas; Cheng, Long

doi:10.1109/secdev45635.2020.00027

Cited by 6 publications

(2 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Penetration testing is a vulnerability hunt from a threat's perspective [23]. A major advantage of pen testing is that a tester can create a proof of concept that proves a vulnerability exists.…”

Section: B Determining Susceptibility With Penetration Testingmentioning

confidence: 99%

See 1 more Smart Citation

Log4shell: Redefining the Web Attack Surface

Everson¹,

Cheng²,

Zhang³

2022

Proceedings 2022 Workshop on Measurements, Attacks, and Defenses for the Web

View full text Add to dashboard Cite

The log4shell vulnerability has been called one of the most significant cybersecurity vulnerabilities in recent history. For weeks after initial disclosure, companies around the globe scrambled to respond by patching their systems or by applying mitigating security measures to protect systems that could not be readily patched. There are many possible ways to detect if and where an organization is vulnerable to log4shell, each with advantages and disadvantages. Penetration testing in particular is one possible solution, though its results can be misleading if not interpreted in the proper context. Mitigation measures have varying degrees of success: Web Application Firewalls (WAFs) could be bypassed, whereas our analysis revealed that outbound network restrictions would have provided an effective protection given the rapidly evolving patch cycle. Ultimately, log4shell should change the way we look at web attack surfaces; doing so will ensure we can be better prepared for the next critical zero-day Remote Code Execution (RCE) vulnerability.

show abstract

Section: B Determining Susceptibility With Penetration Testingmentioning

confidence: 99%

“…V. CONCLUSION Traditionally, a web attack surface has been the listening ports exposed to a threat [23]. A vulnerability like log4shell expands the attack surface for knowledgeable threat actors.…”

Section: Proof Of Conceptmentioning

confidence: 99%