Basic Details of the Team and Problem Statement

​

PSID: KVH-018

�Problem Statement Title: Plug & play system security audit tool

�Team Name: Aegis

�Team Leader Name: K S Shailesh

�Institute Code (AISHE): U-0725

�Institute Name: REVA University

​

Idea/Approach Details

​

• Plug and Play System Security Audit Tool Agent-based with a centralized dashboard which displays the organizations vulnerability/attack surface along with detailed reports of individual systems.
• We essentially flash a USB stick with different system auditing tools which is able to scan for system and network vulnerabilities, which then is either plugged in or deployed on all systems to run an audit, whose report is uploaded to a cloud DB (mongodb)
• The dashboard displays the aggregate results and uses different visualization tools (like pie charts etc) to provide insights into the vulnerabilities and attack surface.
• We are installing the required tools on the host system and then uninstall them after the audit is completed. So elevated privileges are required to run the audit.
• The different things it scans for are
• Network Topology & port analysis (using nmap)
• File integrity of specific system & organization files by comparing with provided hashes.
• Web App scanning for enterprises management software using ZAP
• System and LAN vulnerability scanning using Metasploit.
• Find our prototype here plug-and-play-security-audit (github.com)

2

Technology stack

• Shell Scripting (Bash & Powershell)
• Next.js, MongoDB
• Nmap
• ZAP
• Metasploit
• Clam AV
• Lynis
• OSSEC

Idea/Approach Details

• Companies can audit their system in mass, and monitor the vulnerabilities in their systems.
• Calculating Risk Scores for systems and decisions accordingly.
• Checking compliance with different security standards (PCI DSS, etc)
• Evaluate the effectiveness and performance of existing security controls and measures, such as firewalls, antivirus software, authentication, or backup systems.
• Identify and assess security risks and vulnerabilities in a network or system, such as misconfigurations, outdated software or exposed ports.
• Institutes can perform incident analysis by aggregating data from different devices.

Describe your Use Cases here

3

Describe your Dependencies / Show stopper here

• Powershell (windows) or BASH (linux): for Shell Script
• Nmap - Network Mapper for host machine to identify port, OS detection,perform a TCP SYN scan,etc
• ZAP- System audit tool for web applications security vulnerabilities.
• Metasploit - for vulnerability scanning and complaince testing
• Perl version 5+
• JRE 8
• OSSEC integrating log analysis, file integrity monitoring, Windows registry monitoring, centralized policy enforcement, rootkit detection.
• ClamAV is open source cross platform antivirus toolkit designed to detect the malware, viruses, worms,etc.
• MetaCpan’s Html Doc Convert and Excel Convertor.

Team Member Details

Team Mentor/s Details