Added the scenarios page, and finished the Security Report page
|
@ -4,6 +4,10 @@ date: 2020-06-24T21:17:18+03:00
|
|||
draft: false
|
||||
---
|
||||
|
||||
{{% notice info %}}
|
||||
Check out [the documentation for the other reports as well](../).
|
||||
{{% /notice %}}
|
||||
|
||||
The Monkey maps its actions to the [MITRE ATT&CK](https://attack.mitre.org/) knowledge base: It provides a new report with the utilized techniques and recommended mitigations, to help you simulate an APT attack on your network and mitigate real attack paths intelligently.
|
||||
|
||||
Watch an overview video:
|
||||
|
|
|
@ -4,22 +4,94 @@ date: 2020-06-24T21:16:10+03:00
|
|||
draft: false
|
||||
---
|
||||
|
||||
The report is split into 3 categories:
|
||||
{{% notice info %}}
|
||||
Check out [the documentation for the other reports as well](../).
|
||||
{{% /notice %}}
|
||||
|
||||
The Monkey's Security Report is built to provide you with actionable recommendations and insight to the Attacker's view of your network. You can download a PDF of this example report:
|
||||
|
||||
{{%attachments title="Download the PDF" pattern=".*(pdf)"/%}}
|
||||
|
||||
The report is split into 3 main categories: "Overview", "Recommendations" and "The network from the Monkey's eyes".
|
||||
|
||||
- [Overview](#overview)
|
||||
- [High level information](#high-level-information)
|
||||
- [Used Credentials](#used-credentials)
|
||||
- [Exploits and targets](#exploits-and-targets)
|
||||
- [Security Findings](#security-findings)
|
||||
- [Recommendations](#recommendations)
|
||||
- [Machine related recommendations relating to specific CVEs](#machine-related-recommendations-relating-to-specific-cves)
|
||||
- [Machine related recommendations relating to network security and segmentation](#machine-related-recommendations-relating-to-network-security-and-segmentation)
|
||||
- [The network from the Monkey's eyes](#the-network-from-the-monkeys-eyes)
|
||||
- [Network infection map](#network-infection-map)
|
||||
- [Scanned servers](#scanned-servers)
|
||||
- [Exploits and post-breach actions](#exploits-and-post-breach-actions)
|
||||
- [Stolen Credentials](#stolen-credentials)
|
||||
|
||||
## Overview
|
||||
|
||||
The overview section of the report provides high-level information about the Monkey execution and the main security findings that the Monkey has found.
|
||||
|
||||
- [ ] TODO add screenshot
|
||||
### High level information
|
||||
|
||||
The report starts with information about the execution, including how long the simulation took and from which machine the infection started from.
|
||||
|
||||
![Overview](/images/usage/reports/sec_report_1_overview.png "Overview")
|
||||
|
||||
### Used Credentials
|
||||
|
||||
The report will show which credentials were used for brute-forcing.
|
||||
|
||||
![Used Credentials](/images/usage/reports/sec_report_2_users_passwords.png "Used Credentials")
|
||||
|
||||
### Exploits and targets
|
||||
|
||||
The report shows which exploits were attempted in this simulation and which targets the Monkey scanned and tried to exploit.
|
||||
|
||||
![Exploits and Targets](/images/usage/reports/sec_report_3_exploits_ips.png "Exploits and Targets")
|
||||
|
||||
### Security Findings
|
||||
|
||||
The report highlights the most important security threats and issues the Monkey discovered during the attack.
|
||||
|
||||
![Threats and issues](/images/usage/reports/sec_report_4_threats_and_issues.png "Threats and issues")
|
||||
|
||||
## Recommendations
|
||||
|
||||
This section contains the Monkey's recommendations for improving your security - what mitigations you need to implement.
|
||||
|
||||
- [ ] TODO add screenshot
|
||||
### Machine related recommendations relating to specific CVEs
|
||||
|
||||
![Machine related recommendations](/images/usage/reports/sec_report_5_machine_related.png "Machine related recommendations")
|
||||
|
||||
### Machine related recommendations relating to network security and segmentation
|
||||
|
||||
![Machine related recommendations](/images/usage/reports/sec_report_6_machine_related_network.png "Machine related recommendations")
|
||||
|
||||
## The network from the Monkey's eyes
|
||||
|
||||
This section contains the Infection Map and some summary tables on servers the Monkey has found.
|
||||
|
||||
- [ ] TODO add screenshot
|
||||
### Network infection map
|
||||
|
||||
This part shows the network map and a breakdown of how many machines were breached.
|
||||
|
||||
![Network map](/images/usage/reports/sec_report_7_network_map.png "Network map")
|
||||
|
||||
### Scanned servers
|
||||
|
||||
This part shows the attack surface the Monkey has found.
|
||||
|
||||
![Scanned servers](/images/usage/reports/sec_report_8_network_services.png "Scanned servers")
|
||||
|
||||
### Exploits and post-breach actions
|
||||
|
||||
This part shows which exploits and Post Breach Actions the Monkey has performed in this simulation.
|
||||
|
||||
![Exploits and PBAs](/images/usage/reports/sec_report_9_exploits_pbas.png "Exploits and PBAs")
|
||||
|
||||
### Stolen Credentials
|
||||
|
||||
This part shows which credentials the Monkey was able to steal from breached machines in this simulation.
|
||||
|
||||
![Stolen creds](/images/usage/reports/sec_report_10_stolen_credentials.png "Stolen creds")
|
||||
|
|
|
@ -4,6 +4,10 @@ date: 2020-06-24T21:16:18+03:00
|
|||
draft: false
|
||||
---
|
||||
|
||||
{{% notice info %}}
|
||||
Check out [the documentation for the other reports as well](../).
|
||||
{{% /notice %}}
|
||||
|
||||
The Guardicore Infection Monkey runs different tests to evaluate your network adherence to key components of the Zero Trust framework as established by Forrester, such as whether you have applied segmentation, user identity, encryption and more. Then, the Monkey generates a status report with detailed explanations of security gaps and prescriptive instructions on how to rectify them.
|
||||
|
||||
## Summary
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
---
|
||||
title: "Scenarios"
|
||||
date: 2020-05-26T21:01:19+03:00
|
||||
draft: true
|
||||
draft: false
|
||||
weight: 2
|
||||
tags: ["usage"]
|
||||
pre: "<i class='fas fa-map-marked-alt'></i> "
|
||||
---
|
||||
|
||||
In this page we show how you can use the Infection Monkey to simulate breach and attack scenarios as well as to share some cool tips and tricks you can use to up your Infection Monkey game. This page is aimed at both novice and experienced Monkey users. You can also refer to [our FAQ](../../faq) for more specific questions and answers.
|
||||
|
@ -52,6 +53,8 @@ To simulate the damage from a successful phishing attack using the Infection Mon
|
|||
- You can configure these credentials for the Monkey as follows:
|
||||
From the **“Basic - Credentials”** tab of the Island’s configuration, under the **“Exploit password list”** press the ‘+’ button and add the passwords you would like the Monkey to use. Do the same with usernames in the **“Exploit user list”**.
|
||||
|
||||
![Exploit password and user lists](/images/usage/scenarios/user-password-lists.png "Exploit password and user lists")
|
||||
|
||||
After supplying the Monkey with the passwords and usernames, execute the Monkey from the simulated “victim” machines. To do this, click “**2. Run Monkey**” from the left sidebar menu and choose “**Run on machine of your choice**”.
|
||||
|
||||
## You want to test your network segmentation
|
||||
|
|
After Width: | Height: | Size: 135 KiB |
After Width: | Height: | Size: 114 KiB |
After Width: | Height: | Size: 122 KiB |
After Width: | Height: | Size: 99 KiB |
After Width: | Height: | Size: 73 KiB |
After Width: | Height: | Size: 147 KiB |
After Width: | Height: | Size: 138 KiB |
After Width: | Height: | Size: 115 KiB |
After Width: | Height: | Size: 144 KiB |
After Width: | Height: | Size: 137 KiB |