Analisis Kerentanan Menggunakan Alienvault Dan Qualys Pada Vulnerability Operating System Berdasarkan Framework Cyber Kill

Bobby Abdullah, Avon Budiyono, Adityas Widjajarto

Abstract

Abstrak Penerapan tools open source software Security Information and Event Management (SIEM) adalah salah satu komponen dalam pengimplementasian teknologi pada Security Operations Center (SOC). Penelitian ini membandingkan hasil dari vulnerability scan antara dua tools open source software (AlienVault dan Qualys) dengan parameter uji identifikasi vulnerabilities dan waktu yang dibutuhkan untuk melakukan vulnerability scan. Langkah-langkah penelitian menggunakan framework CYBER KILL. Simulasi dilakukan dengan menerapkan vulnerability operating system (VulnOS2, Vulnix, dan DC-1) pada VirtualBox sebagai objek penelitian untuk scanning dan AlienVault serta Qualys sebagai manager scan. Skenario pengujian yang dijalankan adalah dengan melakukan vulnerability scan ketiga vulnerability operating system menggunakan AlienVault dan Qualys. Laporan yang dihasilkan dari vulnerability scan AlienVault dan Qualys berisi jumlah vulnerabilities. Potential vulnerability, Information Gathering, serta informasi dan deskripsi mengenai vulnerabilities. Dari hasil penghitungan keakuratan didapatkan hasil bahwa vulnerability memiliki risk score yang sama. Kata kunci : SIEM, SOC, AlienVault, Qualys, Vulnerability, Open Source, Tools, Framework, Cyber Kill, Cyber Abstract The application of open source software Security Information and Event Management (SIEM) is one of the components in implementing technology in the Security Operations Center (SOC). This study compares the results of a vulnerability scan between two open-source software tools (AlienVault and Qualys) with the vulnerability identification test parameters and the time required to conduct a vulnerability scan. Research steps using the CYBER KILL framework. Simulations are carried out by applying the operating system vulnerabilities (VulnOS2, Vulnix, and DC-1) to VirtualBox as research objects for scanning and AlienVault and Qualys as scan managers. The testing scenario that is run is to do a vulnerability scan of the three operating system vulnerabilities using AlienVault and Qualys. Reports generated from AlienVault and Qualys vulnerability scans contain the number of vulnerabilities. Potential vulnerabilities, Information Gathering, as well as information and descriptions of vulnerabilities. From the results of the calculation of accuracy obtained results has the same risk score. Keywords: SIEM, SOC, AlienVault, Qualys, Vulnerability, Open Source, Tools, Framework, Cyber Kill, Cyber.

Full Text:

PDF

Refbacks

  • There are currently no refbacks.
max_upload :0