Automation of software vulnerability monitoring for third party products in large IT companies
| dc.contributor.author | Kolev, Stiliyan | |
| dc.contributor.department | fi=Tulevaisuuden teknologioiden laitos|en=Department of Future Technologies| | |
| dc.contributor.faculty | fi=Luonnontieteiden ja tekniikan tiedekunta|en=Faculty of Science and Engineering| | |
| dc.contributor.studysubject | fi=Tietotekniikka|en=Information and Communication Technology| | |
| dc.date.accessioned | 2019-09-18T21:00:45Z | |
| dc.date.available | 2019-09-18T21:00:45Z | |
| dc.date.issued | 2019-08-07 | |
| dc.description.abstract | This thesis was done for the Product Security Incident Response Team (PSIRT) of a large IT company. The team provides a centralized vulnerability management service internally for all of the company’s products. Many software vulnerabilities are disclosed every day and their timely and accurate evaluation and processing is of great importance for mitigating cyber threats. To deal with that, the company has identified the benefits of automation in following various vulnerability sources and subsequently vulnerability alert creation. When the study began, the PSIRT was already using scripts written in Python to automate some of the repetitive tasks. However, the scripts were with limited scope and still required significant manual interaction. There are two main goals of the thesis. First, opportunities for further automation in the generation of vulnerability alerts were identified and analysed. Suitability of commercial vulnerability feeds was also evaluated as part of the study. Second, new scripts were written, tested and deployed for some of the tasks that were subject to automation. Various challenges such as trustworthiness of sources of vulnerability information, naming inconsistencies of third party products (3PP) and considerations regarding programmatically parsing security advisories are discussed in detail. The target audience of this thesis are PSIRTs but other organizational units tasked with product security may benefit as well. | |
| dc.format.extent | 113 | |
| dc.identifier.olddbid | 165118 | |
| dc.identifier.oldhandle | 10024/148271 | |
| dc.identifier.uri | https://www.utupub.fi/handle/11111/21394 | |
| dc.identifier.urn | URN:NBN:fi-fe2019091628421 | |
| dc.language.iso | eng | |
| dc.rights | fi=Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.|en=This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.| | |
| dc.rights.accessrights | suljettu | |
| dc.source.identifier | https://www.utupub.fi/handle/10024/148271 | |
| dc.subject | vulnerability, automation, CPE, VMS, PSIRT, 3PP | |
| dc.title | Automation of software vulnerability monitoring for third party products in large IT companies | |
| dc.type.ontasot | fi=Diplomityö|en=Master's thesis| |
Tiedostot
1 - 1 / 1