Security Analyst – Jeff Soehner CISSP, GXPN,GPYC,GMOB,GCIH

Recently we completed construction of the first of our devices that are being designed to help analyse network devices for vulnerabilities. Picture a small computer about the size of a smart phone that will sit quietly on your network and learn about all of the computer devices that are connected.

During its initial phase this device will analyse all of your traffic and identify what some of us don’t even know we have on our wired and wireless networks.

Phase two involves logging into a website to review the devices we have found and identified for you. Once categorized into OS type, function and IP address you can prioritize how to launch any passive scanning. We will monitor activity patterns and check for connections to known malicious sites or dangerous behaviour like scanning, etc.

Phase three involves active scanning which can include vulnerability assessment, break and fix testing and hardware/software analysis. We will assess your security posture as we verify passwords, configuration settings and information leakage. There are also a number of vulnerabilities associated with device firmware on items such as your routers. If you have a very strong control regimen when it comes to all your network devices (this includes routers, printers, wireless devices, smart phones, cameras, IP phones, VOIP providers, etc. then we probably won’t find anything…today. Lets run the test next week, next month when you add the new Cell phone or by the new computer or laptop.

If you are like most of us, keeping up with security is a full time job and most of us already have full time jobs. This is why it is about time that we had a computer that can do it for us.

Something to keep tabs on all of our ‘Internet of Things’ and keep us safe from the hackers on the Internet or next door to us in the coffee shop or the free Hotel/Restaurant WiFi. It’s about time we can be sure of just who gets to see our information by probing our electronics…are you?