Our website is a unique platform where students can share their papers in a matter of giving an example of the work to be done. If you find papers
matching your topic, you may use them only as an example of work. This is 100% legal. You may not submit downloaded papers as your own, that is cheating. Also you
should remember, that this work was alredy submitted once by a student who originally wrote it.
The paper 'The Approval of the Purchase of Metasploit Testing Software' presents a company that is in great threat of jeopardizing its medical research as a result of cybercrime. Its success in research and development has rendered this company a major target of cybercriminals…
Download full paperFile format: .doc, available for editing
Extract of sample "The Approval of the Purchase of Metasploit Testing Software"
METASPLOIT SECURITY SOFTWARE Introduction Our company is in great threat of jeopardizing its medical research as a result of cybercrime. Its success in research and development has rendered this company a major target of cybercriminals. We have already fallen victim of the cyber-attacks which reduced our credibility by being accused of unethical research and development practices. Due to the tremendous growth of this company, it is imperative to put forward protective measures to prevent our valuable research from falling into wrong hands. This company’s network is vulnerable to all types of outside threats especially since it has not been tested for possible instruction. The fact that we have been attacked before shows that there is need to test the corporate information system to identify the vulnerabilities that might exist before the attackers find the loopholes. The solution to this problem is a testing software which can be used to detect the vulnerabilities in our networks so that we can put security measures in place (Andrey &Dmitry, 2013). There are several popular security testing tools that can offer the much needed solution to the cyber insecurity issue. I sampled several tools based on their performance for implementation in our network. This is why I propose the approval of the purchase of as Metasploit testing software in order to boost our network security.
Proposed Architecture
The proposed testing procedure will take place in three phase. The first phase is the information gathering phase where we will use a number of strategies which will help the user get information about the target application. Such techniques include; social engineering, web crawlers and automated scanning. The next stage is the attack generation phase where the information generated from the initial stage will be used to generate attacks. With the purchase of the Metasploit testing software, we will be able to use it to automate the generation of attacks. The last phase will be the response analysis which will be our feedback on the vulnerabilities that have been discovered and the corresponding attacks. This information will give us clear insights into our security status thereby helping us improve our preparedness to cyber threats and network security (Carlos, 2013).
Implementation Details of Metasploit
Metasploit is a testing software that comes in different versions and provides attack libraries with payloads that can be organized in a modular way. This software purposes to generate a command prompt on the computer it is testing. The reason for using this software is because it is also used by attackers to take over their victim’s computer and therefore, it is effective in gaining access to a computer and launching codes which allows the tester to access the computer and test for vulnerabilities by installing tools depending on the level of testing required. Furthermore, this software offers real financial benefits as it costs as less as $3,000 per month for scanning. This will be a very feasible investment in this company given that our financial situation has greatly improved. Moreover, we will be able to save millions of dollars if we keep away cyber intruders (Carlos, 2013).
This software has many impressive features such as evasion and automation. The latest version 3.0 allows event correlation and exploit automation. For the case of our company, this new version offers impressive features for enhanced security such as sessions that run simultaneously but multiple targets, allows concurrent exploits, multi-session support, and allows team-based penetration and multi-user support (William et al, 2014). I run this software on the lab in order to test for its compatibility with our organization and it was very interesting. Alerts were generated instantly at the beginning of the scan meaning that the ability of our network to detect and respond to attacks was very low. This tool was also very safe to use.
Metasploit is an excellent testing tool for our company given that t has a history of cyber-attack. This is because it offers unique capabilities to be applied on networks that have previously been compromised. These capabilities are already installed in the software and include a framework to intensify the privileges on a network that has been attacked and also launch point which is employed by a network to attack possible targets. Other unique attributes that make this software more compatible with our company is the multiple user friendly interfaces, flexibility, reusability, code simplicity and the advanced framework integration (Nuno, 2014).
Benefits of the Metasploit Software
The benefit of using this software is that it will help us identify threats before the attackers can successfully launch their attack on our content. Most of the attackers manage to attack and go undetected because they use automated tools to penetrate our system. By using this software, the tester is able to view the possible attack from the attacker’s point of view and therefore make it easy for the tester to find the holes that the attackers can used for malicious purposes.
Furthermore, this software has been recommended by many users, system owners and security pros who view is as perfect tool for testing and strengthening their security. For example, during the Java zero-day vulnerability in August, most of the people using the regular web browsers such as Firefox, Mozilla, Internet Explorer, Mac Os X system, Linux and Windows were compromised. At that point, Metasploit was very fats and prompt to respond to the attack by releasing a patch for the flaw through adding to its framework the publicly available exploit code to strengthen its defense.
Metasploit is effective in identifying high risk weaknesses that are facing the company but they emanate from a combination of trivial vulnerabilities. Most companies feel that their systems are safe and installing large-scale security policies that ensure all loopholes are sealed from attacks. However, there are small leaks that can jeopardize the whole security system making it vulnerable to attacks. Metasploit helps to identify the leaks as most are code-related and can be traced to trivial issues such as negligence of the employees. As such, testing the system with Metasploit ensures that the whole system is swept for all major and minor threat (Nuno, 2014).
Challenges of Using Metasploit Software
This software needs to be implemented with a lot of care. The security professional doing the testing risks the loss of all the data in the network or causing server instability which can cause total loss in productivity. While there are cavalier cyber attackers who hack the network maliciously without worrying about the loss of the company data or loss of productivity, most of the attackers who use Metasploit are very professional and therefore very careful not to cause any loss of data with the aim of preventing detection. Furthermore, this software is very flexible in its application as it allows the attacker to move the code used in exploiting threats from the original target to a different one which makes it problematic for threats to be discovered on time. This has been noted as a great risk to users as it can also be used by attackers due to its ‘dual-use’ capability. However, the creator of Metasploit, HD Moore, has shed more light on the infrastructure and architecture of the system saying that the software provides options to the users and a way of measuring the risk they are engaged in so as to prevent them from falling into the same trap they are trying to prevent.
References
Andrey P., &Dmitry, K, (2013). “Detecting Security Vulnerabilities in Web Applications Using
Dynamic Analysis with Penetration Testing”, https://www.owasp.org/images/3/ 3e/OWASP-AppSecEU08-Petukhov.pdf
Carlos Joshua Marquez.(2013). “An Analysis of the IDS Penetration Tool: Metasploit”,
http://www.infosecwriters .com/text_resources/pdf/jmarquez_ Metasploit.pd
Nuno A., & Marco V., (2014). “Penetration Testing For Web Services”,
http://ieeexplore.ieee.org/stamp/stamp .jsp?tp=&arnumber=6681866
William G. J. Halfond1, Shauvik, R., Choudhary & Alessandro, O. (2014).“Improving
penetration testing through static and dynamic Analysis”. http://www-bcf.usc.edu/~halfond/papers/halfond11stvr.pdf
Read
More
Share:
CHECK THESE SAMPLES OF The Approval of the Purchase of Metasploit Testing Software
In the essay 'Secure software Testing' the author focuses on a system, which has been conceived and later developed to provide support medical readiness capability to military operations through the identification of medical personnel with the requisite skills.... The testing phase with the software has been completed in two phases.... This phase entails the test scenario that is similar to the real-time usage of the software.... The SIT is the first phase of testing i....
It also intends to recommend an improvement in the purchase, payable and payment system being adopted by our company.... his paper will also strive to help in improving the functions of internal controls in purchase, payable and payment first by describing the existing...
Additionally, during the whole software development life cycle, testing is greatly required to.... In addition, the software testing is an important activity that is carried out by a professional testing team in which a software unit, a number of integrated Moreover, all the applicable tests are performed according to approved test procedures on approved test cases.... However, the software testing process can be assisted with software tools that can be used in order to make the software testing process automated (Mustafa, Al-Qutaish, & Muhairat, 2009; Pressman, 2001)....
In the essay 'the purchase of Significant Software at My Work Setting' the author discusses the issue that it is imperative for the clinic to purchase new software that would ease the strain on the department.... ostsThe budget cost of software that has been bought to be used in an academic setting is normally lower than the budget set for the purchase of software in clinical health organizations.... ifference Between the Selection and purchase of Software in Clinical Health Organizations and in an Academic Setting....
The message in the report will either to quit the software and design a new one if several faults are noted, its modification or approval of the software for usage (Burnstein et al.... Software testing software Testing Introduction Software testing involves an investigation carried out to provide the users with information about the products quality.... Therefore, experimental design is the best method of testing software (Basili and Selby, 1987).
...
Hackers carry out organized attacks on web-enabled systems using advanced software programs and techniques.... The World Wide Web has emerged as a significant tool for businesses in gaining a competitive advantage.... The paper "Information Security Practice In The Company Activity" discusses guarding electronic resources against the intrusion threats as an issue related to the business imperative....
This essay will investigate security testing software that, if adopted, will benefit the organization's corporate information systems.... The security testing software presented in this proposal is referred to developed by Rapid7- a security management company.... Acting on my mandate as an IT manager tasked with security of physical and operational aspects, I present a security testing software that if adopted will benefit the organizations corporate information systems....
The assignment "software Testing Tools" focuses on the critical, thorough, and multifaceted analysis of the functioning of the main software testing tools, such as JUnit and TestNG.... JUnit and TestNG are software tools that offer platforms for java developed programs.... The software can be tested effectively and efficiently in a fast way.... These test tools offer a platform for the identification of bugs in software....
5 Pages(1250 words)Assignment
sponsored ads
Save Your Time for More Important Things
Let us write or edit the case study on your topic
"The Approval of the Purchase of Metasploit Testing Software"
with a personal 20% discount.