OSSAMS Meeting Minutes – 7Dec 2011

Cody has been working on setting up the SVN environment using SourceForge and Google Code

Darryl has been deep in the data analysis and data modeling

Adrien has modified the python scripts and is improving the performance of the scripts.

OSSAMS Meeting Minutes 16 Nov

Cody and Adrien discussed the content for the Wiki, and discussed the plans to move to SourceForge.

Cody submitted the rough draft for the GVWN Gold paper.

Adrien is teaching the SANS Sec560 next week in Toronto.

OSSAMS Meeting Minutes 9 Nov 2011

Cody has completed the alpha code for the PowerShell AD ACL Parser for his GWCN Gold paper.  He plans on putting the final touches on the script and completing the paper over the next week.

Darryl has:

  • Analyzed output (test data) for the following tools in order to create tool-specific normalized data models for each tool (Acunetix, Burp, Nessus, Netsparker, Nikto, NMap, SSLScan, W3AF, Watcher, Xprobe2 and ZAP)
  • Acunetix model completed to determine the acceptability of using MySQL workbench for ER (logical) and draft physical data structure including table names, attributes, primary and foreign keys and data types.
  • Next steps: complete data model; load MySQL OSSAMS instance with test data for final analysis of commonalities through team working session.

Adrien has been working on fine tuning his python scripts.

 

OSSAMS Meeting Minutes 26 Oct 2011

Cody has made great headway with the powershell script framework and can now can control the XML data formatting.

Darryl has continued to make headway at data modeling from the initial data set Adrien has supplied.

Adrien has recently presented SecTor on the project.

SecTor 2011 – Canada’s Premier IT Security Conference!

OSSAMS founding member Adrien de Beaupré will be presenting on his work with OSSAMS project at SecTor 2011 today at 11:30 AM in Track 4 (104D).  In celebration of SecTor OSSAMS is releasing Alpha code developed by Adrien.  The code download can be found on the new Alpha Code page.  Adrien’s presentation can also be downloaded from the Presentations page.

OSSAMS, Security Testing Automation and Reporting Adrien de Beaupré

This presentation will discuss the options available to automate the conduct of vulnerability assessment and penetration testing engagements, and the reporting processes. The most important parts of running a security test are following a consistent methodology, utilizing the appropriate tools and their configuration, data management, getting accurate results, manual validation, and standardized reporting. The goal being to streamline and automate the parts of the process, where possible, and improved efficiency.

OSSAMS Meeting Minutes

Aug 24 – Cody, Adrien, & Darryl

Updates

  • Cody – Progress made on GCWN GOLD PowerShell scripts
  • Cody – Reviewed the PowerShell export XML format and discussed long term to create a custom format for OSSAMS collected data
  • Cody – target scripts for Gold Paper is File Systems, AD, and IIS
  • Adrien – reviewed a SANS white paper he is starting for around the scripts he is creating for OSSAMS.  The scripts are used to parse the out from various assessment tools into a supportable XML and the import data into a database.
  • Adrien – The SANS document outlines in detail the data mapping content.
  • Darryl – Working on data normalization and data structure
  • Darryl – updated Wiki with task list and will begin uploading data files on wiki.

What is OSSAMS?

As information security professionals, we conduct security assessments for companies.  One of the biggest problems we have is after all the data is collected, how can we correlate the data accurately.  So we decided to start a project to solve this problem, and we are calling it Open Source Security Assessment Management System (OSSAMS).  OSSAMS is a framework for putting configuration files, security scan data files (like Nessus), and other data collected, during a security assessment or penetration test, into a RDBMS.

The framework is going to be designed in a fashion similar to Metasploit, SNORT, or other systems that allow the security community to create plugins for new tasks as needed.  The primary goal of OSSAMS is to normalize the data, there by allowing the security professional to better assess the current state of security for an organization.

The founding OSSAMS team is comprise of Cody Dumont, Adrien de Beaupre, and Darryl Williams.  Cody is a Sr. Security Consultant for the NWN STAR team (www.nwnstar.com), Adrien is a Security Tester in Canada with Intru-Shun.Ca Inc., and Darryl Williams is an expert in database design and SDLC architecture.