Introducing McAfee penetration testing
Posted by: Ovidiu
on Apr 28, 2011 
Managing WCMS vulnerabilties
The first step in securing a WCMS system involves knowing what threats your system is exposed to at all time:
- What kind of internet attacks?
- What kind of security vulnerabilities
- What kind of software vulnerabilities
- What effect would some actions have on the system
- and so on...
Once you are aware of what you are facing, you must come up with a security system that helps you block or avoid these problems.
Ongoing effort
This is an ongoing job, after each change to your environments you must re-evaluate the security plan to include the new changes. The hardest thing is keeping up with all the new vulnerabilities/exploits that are found each day on the software packages you run your applications on (Apache, Mysql, Php, your operating system) and involves using a lot of time and resources testing your system for each of the new security leak and in solving them.
Also to do this involves having a great knowledge base about security and having time to remain updated about security exploits which is very difficult to impossible for individuals. it also involves spending a lot of money on a 3rd party company dedicated to this. If you're application isn't ubiquitous enough to support this type of cost you will end up in missing some security vulnerabilities and thus compromise your system.
Let's say you have the time and resources for keeping up with the latest security bulletins, how would you let others know that your system is secure and it's trust worthy for them to process sensible data on it?
A nice way to solve these issues it's by making periodical system audits from a software solution provider specializing in penetration testing and one who can give you a security certification to show your clients. One service is provided by McAfee and it's called: McAfee SECURE for website services. This service from McAfee gives you good, current, wel formatted and actionable reports of what kind of vulnerabilities your system has. It provides documentation about the vulnerablitiies and some help in fixing them. This is a middle of the road solution that doesn't involve you keeping yourself up to date with the latest security bulletins, but doesn't fully solve your problem. It gives you some key starters in solving the issues. McAfee is a commercial service that does cost some money but the advantages it provides makes the money well spent.
OWASP is an open source penetration testing software that offers some of the services of McAfee, but has some significant downsides compared to McAfee. The penetration testing script for Joomla sites offered by OWASP is joomlascan.pl, this is used to start the scans on the wanted environment.
Choosing our Penetration testing provider
Some of the reasons that we chose McAfee over OWASP are:
Ease of use
- McAfee scans are started from an user friendly web interface
- OWASP scans are done from a perl script that needs to be installed on a host computer, this needs some perl libraries to work(more difficult to start a scan than from McAfee)
Automation and reporting
- McAfee's web interface allows you to automate the process of testing a site through the web interface in a matter of seconds and also offers the possibility of receiving a report of the test once it's done
- using OWASP you would have to create this process from scratch with some scripting and dedicate a machine from which the scans can be done
No hardware/software required
- Using McAfee SECURE doesn't require assigning of extra hardware to do the job and also doesn't involve installation of new software
Vulnerability coverage
- McAfee covers a very large range of vulnerabilities, covering many types of environments
- OWASP is more oriented to a particular environment and only the vulnerabilities associated to that environment
Support
- One of the best things that you get from using McAfee SECURE is the support: documentation on the found exploits/vulnerabilities and also tips on how to solve them. This saves you a lot of time in finding a solution to your problem.
The trustmark
- From a marketing point of view the trustmark offered by McAfee means a lot, giving your clients more confidence in your web service
Conclusion
As you can see using McAfee has it's benefits, giving you some confidence in the security system you end up building. You can use one of the open source software to do this job if you are up to the job of building a scanning system that could give you reliable data to work with and if you have the possibility of dedicating hardware resources for this. OWASP is a beautiful piece of software but sadly it doesn't cover all our needs and it's fairly difficult to set up initialy.
We chose McAfee for the reasons above and that's why the next blog post will cover the usage of the McAfee SECURE service to check and secure a joomla installation.
Set as favorite
Bookmark
Email this
Comments (66)
Subscribe to this comment's feed
Show/hide comments
written by winter hats, February 22, 2012 at 6:01 PM
I am afraid to lose, I fear this time, http://www.amandahats.com/buy/winter-hats/ and I love it but memories. I could not forget the sweat on the pitch with the sway of the brothers, http://www.amandahats.com/buy/warm-winter-hats/ forget accompany me cry close friend,
-
- +0
-
-
written by Cheap Coach Outlet, February 22, 2012 at 5:17 PM
Piles Coach Outlet of dark clouds, like the blue Women Coach Shoes flame, burning in the bottomless sea. The Coach Shoes sea to seize the lightning arrow of light, and Coach Factory Outlet extinguish them in their own abyss. The shadow of these Coach Purses lightning, rather like a fiery Coach Poppy Bag serpent, winding swimming in the sea, the Coach Madison Bag flash disappears.
- A storm! The Coach Kristin Bag storm is coming!
This Coach Audrey Bag is a brave Swallow in the roar of the Coach Outlet Store sea, in the middle of lightning, arrogant fly; This Coach Alexandra Bag is the victory of the prophet shouting:
- Let Coach Outlet Online to more severe storms.
http://www.outlet-store-factory.net/ and http://www.coach-bags-outlet.us/
- A storm! The Coach Kristin Bag storm is coming!
This Coach Audrey Bag is a brave Swallow in the roar of the Coach Outlet Store sea, in the middle of lightning, arrogant fly; This Coach Alexandra Bag is the victory of the prophet shouting:
- Let Coach Outlet Online to more severe storms.
http://www.outlet-store-factory.net/ and http://www.coach-bags-outlet.us/
-
- +0
-
-
written by discount oakley sunglasses, February 22, 2012 at 11:10 AM
thank you for your share i think it's useful to the need one i like it
-
- +0
-
-
written by New Era Hats, February 21, 2012 at 7:30 PM
Two years ago, a certain day, I filled with the ruins of a sense. At that time, the uncle told me the story of a New Era Hats. It is said that a cold winter, a wall standing in front of Walker, blocking his way. Climb walls or without success, he chose the former, but has been climbing unsuccessful. Lost in the cold weather keeping warm Snapback Caps, the human ear is very easy to frostbite, and even life-threatening. The last monk decisively NFL Hats thrown on the other side of the wall, and then exhausted body strength jumped over not MLB Hats to retrieve the NHL Hats move. So far I still clearly remember the NBA Hats story. A lot of time is a drastic lack of courage!
-
- +0
-
-
written by Supra shoes online, February 21, 2012 at 1:46 PM
Why It Must be Panama for Dental Surgery? The factors for obtaining your dental surgical procedure accomplished in Panama are numerous, like: Most of your training dental surgeons in Panama speak English Panama has exceptional arrangements for diagnosing, screening and providers. There is no shortage of USA-trained doctors It costs far less to have your surgery carried out in Panama than in US or any other Western nation US dollar can be utilized And above all, your postoperative care is complimented by a visit on the pure beaches and pure forests of Panama.
These tips are so true
These tips are so true
-
- +0
-
-
written by saint jerseys, February 21, 2012 at 10:34 AM
Morten Andersen Jersey Patrick Robinson Jersey Pierre Thomas Jersey Reggie Bush Jersey Rickey Jackson Jersey Robert Meachem Jersey Roman Harper Jersey Saints Customized Jersey Scott Fujita Jersey Sedrick Ellis Jersey Tracy Porter Jersey
-
- +0
-
-
written by True Religion Outlet, February 17, 2012 at 1:01 PM
" A thing of beauty http://www.newjuicycouturehandbags.com/ is a joy for ever:
Its lovliness increases; it will never
Pass into nothingness; but still will keep
A bower http://www.north-face-outlet-factory.com/ quiet for us, and a sleep
Full of sweet dreams, and health, and quiet breathing."
Its lovliness increases; it will never
Pass into nothingness; but still will keep
A bower http://www.north-face-outlet-factory.com/ quiet for us, and a sleep
Full of sweet dreams, and health, and quiet breathing."
-
- +0
-
-
written by The North Face, February 17, 2012 at 1:01 PM
Beauty is in the ideal http://www.cheapairjordanconcord.com/ of perfect harmony
which is in the universal being;
truth the perfect comprehension of http://www.truereligionoutlet11.com/ the universal mind.
which is in the universal being;
truth the perfect comprehension of http://www.truereligionoutlet11.com/ the universal mind.
-
- +0
-
-
written by world travel guide, February 15, 2012 at 4:21 PM
around the world
world travel guide
around the world travelling
world travel guide
around the world travelling
-
- +0
-
-
written by Moncler Jackets For Kids, February 14, 2012 at 1:55 PM
Got Moncler Jackets For Kids, you will don’t worry about your children in cold days any more. New Moncler Kids Jackets with high quality at discount. Compare Moncler Outlet Online stores, Our Moncler Outlet is the best place who prepare Moncler Jackets For Kids, take action now!
-
- +0
-
-
written by coach outlet, February 13, 2012 at 1:07 PM
http://www.coach-cc-bags.net/ is a growing way to advertise all kinds of businesses. The recent development in the http://www.coach1941bags.com/ business has enabled most t shirt printers to offer a variety of prints and colors.
-
- +0
-
-
written by cheap replica louis vuitton handbags, February 09, 2012 at 8:05 PM
This is a good release, thank you for your post.You will discover all sorts of replica custom made handbags from a range of famous manufacturers.Recommend a good website, click here, you can see the http://www.greatest-replicas.c...c-5_6.html and http://www.greatest-replicas.c...5_84.html.
-
- +0
-
-
written by iwc schaffhausen replica , February 09, 2012 at 12:20 AM
http://www.imitation-watches4u...42_50.html say that time is a most important thing in our life, and we have to take care about it well. If you don't consider it you can never get success in your life. We cannot manage our life without these practical http://www.imitation-watches4u...2_52.html.
-
- +0
-
-
written by breitling bentley gmt replica, February 01, 2012 at 12:21 PM
good sentence http://www.hellobreitling.com/...y-gmt.html
-
- +0
-
-
written by ddr ram, January 30, 2012 at 6:50 PM
I am very likely to this Introducing McAfee penetration testing .as it is very important info for testing .
-
- +0
-
-
written by Camera store, January 22, 2012 at 9:16 PM
A lot of the time there will be a surplus of the cheap north face jackets because other people don’t want to pay that much for a jacket! This WCMS is why you can generally wait a bit longer and wait for the retailer to mark the price down before buying, because there will be plenty left to choose from. This is a good way to get cheap north face jackets online now.
Camera store
Camera store
-
- +0
-
-
written by Air Jordan 1 Retro, January 16, 2012 at 5:12 PM
I love it,Excellent article.I am decide to put http://www.retrojordans11.org/ into use one of these days.Thank you for sharing http://www.retrojordans13.org/ To Your Success!
-
- +0
-
-
written by Dallas Cowboys Jerseys, January 16, 2012 at 5:12 PM
Amazing stuff,Thanks so much for http://www.newjuicycouturehandbags.com/ is very useful post for me http://www.truereligionoutlet11.com/ will absolutely going to help me in my projects.
-
- +0
-
-
written by china wholesale, January 10, 2012 at 6:11 PM
Hi, the article is so wonderful, I am interested in it. I will pay attention to your articles.
-
- +0
-
-
written by Pittsburgh Pirates Hats, January 07, 2012 at 12:42 PM
Don’t neglect the factors you as quickly when you owned. Treasure the factors you cannot get. Don't quit the factors that belong for you and retain people lost factors in memory. gss3w43s%6
http://www.newmlbhats.com/
http://www.newmlbhats.com/
http://www.newmlbhats.com/
http://www.newmlbhats.com/
-
- +0
-
-
written by Snapbacks Hats, January 06, 2012 at 12:32 PM
This is really interesting, You are a very skilled blogger.i like to read http://www.nflsnapbacksale.org/ informative blogs and this blog is also so good and helpful.thanks for taking time to http://www.nflsnapbacksale.org/ discus this topic
-
- +0
-
-
written by Allure wedding dress, January 04, 2012 at 4:53 PM
I obtained whatever you indicate , appreciate it for placing up.Woh I am pleased to locate this webpage via google.Now have lots of selection for the http://www.bestbridalprice.co....-7950.html wedding dress,How to obtain one of the most most suitable http://www.bestbridalprice.co....-8831.html bridal gown ??
-
- +0
-
-
written by Allure wedding dress, January 04, 2012 at 4:51 PM
Any support can be seriously appreciated!choose the colored
http://www.bestbridalprice.co.uk/ wedding dress for the necessary moment. really surprise, think that you just will grow to be a fabulous girl.I possess a suggestion, why not attempt to red-colored http://www.bestbridalprice.co.uk/? really gorgeous!
http://www.bestbridalprice.co.uk/ wedding dress for the necessary moment. really surprise, think that you just will grow to be a fabulous girl.I possess a suggestion, why not attempt to red-colored http://www.bestbridalprice.co.uk/? really gorgeous!
-
- +0
-
-
written by mori lee gown, January 04, 2012 at 4:48 PM
Your blog site looks excellent. Possess a good day!Concerning the selection of http://www.manndybridal.com/ bridal gown ,The girls are often very confused,More and more the http://www.manndybridal.com/ wedding dress styles,They don't know how to choose.
-
- +0
-
-
written by mori lee gown, January 04, 2012 at 4:47 PM
Hey, I simply hopped over in your site by means of StumbleUpon. Not something I would most often learn, however I appreciated your feelings none the less. Thank you for making one thing price reading.When you decide to buy a costly http://www.manndybridal.com/al...p-452.html ,You need a good collocation,For adornments,don't need for costly ,
The important thing is suitable for your http://www.manndybridal.com/ .
The important thing is suitable for your http://www.manndybridal.com/ .
-
- +0
-
-
written by Replica Oakley Sunglasses, January 04, 2012 at 4:44 PM
In a customer's perspective, it's very important to know both the advantages and disadvantages of a product. There is no ideal product and there will always be a down side to it regardless how nice it is. Right now, I will be providing honest reviews concerning Oakley sunglasses. Discover its advantages and disadvantages according to its buyers.
-
- +0
-
-
written by Vibrating Dildo, January 04, 2012 at 4:44 PM
The world of sex toys is full of vibrators They are made especially for women. There are also those that are made for a mans enjoyment. Couples are not left out of this mix because they can find a sex toy for their amusement. The many styles of Rabbits and dildos help people to increase their sexual satisfaction. It is all with the intent of bringing fun to peoples lives.
-
- +0
-
-
written by the vampire diaries dvd box set, January 03, 2012 at 7:08 PM
The vampire brothers Damon and Stefan Salvatore, eternal adolescents, having been leading 'normal' lives, hiding their bloodthirsty condition, for centuries, moving on before their non-aging is noticed. They are back in the Virginia town where they became vampires, as high school students. Stefan is noble, denying himself blood to avoid killing, and tries to control his evil brother Damon. Stefan falls in love with schoolgirl Elena, whose best friend is a witch, like her grandma.
-
- +0
-
-
written by Emmitt Smith Jersey, January 03, 2012 at 1:15 PM
I love it,Excellent article.I am decide to put http://www.cowboysjerseysnfl.net/ into use one of these days.Thank you for sharing http://www.newjuicycouturehandbags.com/ To Your Success!
-
- +0
-
-
written by Burn Notice dvd collection, December 31, 2011 at 7:15 PM
Amy is desperate to get out of her basement data-entry job and fulfill her destiny adding to cosmic harmony: she looks for a job at a non-profit agency and lands an interview at a homeless shelter. A cold virus makes its way through the Level H team, challenging Dougie's administrative abilities. Amy is intent on lunch with Krista, who wants to avoid her. Spilled coffee, a woman's hug, a call from the shelter, a letter from the Hawaiian treatment center, and an offer from Tyler give texture to Amy's enlightenment.
-
- +0
-
-
written by Emmitt Smith Jersey, December 30, 2011 at 6:18 PM
I love it,Excellent article.I am decide to put http://www.cowboysjerseysnfl.net/ into use one of these days.Thank you for sharing http://www.newjuicycouturehandbags.com/ To Your Success!
-
- +0
-
-
written by alain silberstein replica watches, December 30, 2011 at 3:37 PM
Thank you for this great read!! We offer all kinds of watch,and they are made in superior material. http://www.hello-rolex.com/ala...-c-43.html
-
- +0
-
-
written by replica iwc pilot watches, December 28, 2011 at 12:53 AM
Thank you for sharing contents of the article very well.Often times there are differences amongst the watches, most people is not able to know the main difference. Click it to move your mouse, you will see http://www.ok-swisswatches.com...25_31.html and http://www.ok-swisswatches.com...-1_2.html.
-
- +0
-
-
written by wholesale jewelry, December 27, 2011 at 5:26 PM
The final choice of one's http://www.jewelora.com/wholes...11_24.html is considered as wanted as the selection of your http://www.jewelora.com/wholes...c-55.html.
-
- +0
-
-
written by Coach Outlet, December 27, 2011 at 11:54 AM
If you wish to succeed, you should use http://www.cc-factory-outlet.com/ persistence as your good friend, experience as your http://www.cc-
factory-outlet.com/ reference, prudence as your brother and hope as your sentry.
factory-outlet.com/ reference, prudence as your brother and hope as your sentry.
-
- +0
-
-
written by 50 fathoms replica, December 20, 2011 at 3:12 PM
I like this website, and I can benefit a lot from it
-
- +0
-
-
written by Home Security Houston, December 18, 2011 at 9:37 PM
Among those posts I've seen, this is the most particular one, and I think the blogger must have spent lots of time on it, thank you so much!
-
- +0
-
-
written by beats by dre, December 14, 2011 at 1:32 PM
Nice post.Thank you for taking the time to publish this information very useful!I’m still waiting for some interesting thoughts from your side in your next post thanks.
-
- +0
-
-
written by wholesale jewelry, December 13, 2011 at 11:25 PM
When you attire exceptional http://www.jewelora.com/wholesale-ring-c-10.html you will not only standout amongst the guests, however you will also appearance superb even though http://www.jewelora.com/wholes...55_54.html so.
-
- +0
-
-
written by replica omega seamaster, December 10, 2011 at 4:28 PM
Every one of us wish to keep up while using the most current vogue movements. Even so, i am definitely not prepared expend considerably dollars, mainly because your dollars is limited. http://www.misswatches2u.com/oris-c-34.html, can be ones beneficial decision. Some sort of content these trendy http://www.misswatches2u.com/p...4_125.html intended for they exactly who will not would like to display the style in addition to preference desires.
-
- +0
-
-
written by Best Christmas DVD Gifts For All, December 10, 2011 at 12:39 PM
Are you still considering what gifts send to your friends,panrents,children or partner?I'd like to recommend you to select your gifts on collectcheaps.There are for parts of Christmas classifications for men,women,children and parents.Such as:Boardwalk Empire Season 1 DVD Boxset for men,Desperate Housewives DVD for women,Peppa Pig Season 1 DVD for children,All in the Family Seasons 1-9 DVD Boxset for parents.More surprise there,please visit for more details.
-
- +0
-
-
written by viagra generic, December 04, 2011 at 9:43 PM
I was a manager in a software company and we couldn't understand the importance about all those elements, so we fail all the operations
-
- +0
-
-
written by cheap supra shoes, December 02, 2011 at 11:44 AM
http://www.true-religion-jeans.ca/ True Religion Outlet
http://www.supraskytops3.com/Supra Skytop
http://www.supraskytops3.com/Supra Skytop
-
- +0
-
-
written by tisa hats, December 01, 2011 at 12:35 PM
I am happy to find this post very useful for me,baseball hats as it contains lot of information Nice,59fifty hats and thanks for sharing this info with us.Good Luck!
-
- +0
-
-
written by Houston Alarm Monitoring, November 30, 2011 at 7:11 PM
I found your blog when I was looking for a different sort of information but I was very happy and glad to read through your blog. The information available here is great.
-
- +0
-
-
written by Monogram Ldylle, November 27, 2011 at 12:36 AM
Quiting the luxurious and also hard to get at original artist clutches, discriminating women today focus on to the top quality http://www.womenhandbags2u.com...-1_27.html in the modern promote.However to get maximum the best and chic http://www.womenhandbags2u.com...-1_17.html handbags on the internet is not an very easy circumstance with regard to they are too gorgeous to decide on.
-
- +0
-
-
written by cheap brand viagra, November 24, 2011 at 7:59 PM
I know, it's weird... but it is true. We had traveled around the world and looked the same information for free in this blog
-
- +0
-
-
written by Alarm Monitoring Houston, November 20, 2011 at 5:09 PM
Excellent stuff from you, man I’ve read your things before and you are just too awesome.Alarm Monitoring Houstonhttp://www.smithmonitoring.com/houston-security/
-
- +0
-
-
written by Buy Ladies Watches, November 18, 2011 at 11:59 AM
Designer watches are worn around the world, including by finest stars in every single area.
-
- +0
-
-
written by coach outlet, November 16, 2011 at 4:11 PM
http://www.true-religion-jeans.ca/ True Religion Outlet
http://www.supraskytops3.com/supra-cuban-c-13.html Supra Cuban
http://www.supraskytops3.com/supra-cuban-c-13.html Supra Cuban
-
- +0
-
-
written by uggs, November 15, 2011 at 4:07 PM
In four out of five adjudications where the complaints for Groupon were upheld the ugg boots sale
discovered that the advertisements had been discount ugg boots
misleading.
-
- +0
-
-
written by Nike Air Max, November 10, 2011 at 7:17 PM
http://www.doairmax.info/
http://www.doairmax.info/
That is exactly what I am lookng for!You have done a brilliant job. Your article is truly relevant to my study at this moment, and I am really happy to read it.Thanks for great
http://www.doairmax.info/
That is exactly what I am lookng for!You have done a brilliant job. Your article is truly relevant to my study at this moment, and I am really happy to read it.Thanks for great
-
- +0
-
-
written by Burberry Bags Outlet, November 05, 2011 at 1:08 PM
I was actually looking for http://www.cheap-supras-sale.com/ a few weeks back. Thanks for sharing http://www.burberryforsales.com/ with us your wisdom.This will absolutely going to help me in my projects!
-
- +0
-
-
written by online pharmacy, November 04, 2011 at 7:07 AM
Excellent thanks a lot for the tutorial, i have never be attacked when I'm on internet but seems that everyday this becomes more usual than you can believe, but well thank god there are blogs like yours, thanks.
-
- +0
-
-
written by Buy Viagra, November 03, 2011 at 4:18 AM
It's all about security softwares, I was a manager in a software company and we couldn't understand the importance about all those elements, so we fail all the operations, it was the worst moment in the company, then we do an analysis about it and we are fine again, I know, it's weird... but it is true. We had traveled around the world and looked the same information for free in this blog. What a shame!
-
- +0
-
-
written by viagra online, November 02, 2011 at 3:06 AM
this the main problem with this type of antivirus, all the defects you can find in then, are almost numberless, and you are one of those few that have the guts to publish a post like this, in other words you have the courage to say "this suck man!!!".
-
- +0
-
-
written by Quality Replica Watches, November 01, 2011 at 8:09 PM
A friend is someone who understands your past, believes in your future, and accepts you just the way you are.❤http://www.ok-replicak.com/swiss-iwc-ingenieur-c-217_254.html
-
- +0
-
-
written by viagra online, October 27, 2011 at 5:02 AM
I enjoyed following the whole entry, I always thought one of the main things to count when you write a blog is learning how to complement the ideas with images, that's exploiting at the maximum the possibilities of a ciber-space! Good work on this entry!
-
- +0
-
-
written by dakuro, October 22, 2011 at 4:26 AM
thanks a lot for the post, when i was working in http://www.xlpharmacy-reviews.com labs one day around mid day we receive an attack from a hacker that wanted to stole information was pretty fast and the hacker also break pretty easy the security.
-
- +0
-
-
written by pharmacy reviews, October 21, 2011 at 6:49 AM
Wonderful post! This is very useful to many readers like me. Being a student, I am requiring myself to read articles more often and your writing just caught my interest. Thank you so much!
-
- +0
-
-
written by buy cheap dvds, October 13, 2011 at 8:53 PM
Great help from this blog! Thanks alot for the information I needed..
-
- +0
-
-
written by UGGs Outlet, September 27, 2011 at 8:17 PM
Oh,I have fun in reading your this article. I totally agree with your point in "Great post". Meanwhile, I found out one professional winter UGGs Outlet which will also be starting up a new UGG Outlet shopping world for our winter life. In short, it will be a very interesting UGGs Outlet Online experience. & thanks so much for your share, look forwards to your next wonderful post.
-
- +0
-
-
Write comment
