What is AFD?
Active Filter Detection is one step, according to the Open Source Security Testing Methodology Manual, that security auditors should perform to identify the presence of Intrusion Prevention Systems and other technologies that would directly impact the quality of a security assessment.
What is the purpose of AFD?
Security assessment works to add value to the security organisation. While testing security controls is fundamental to that value, the deployment of over-arching security controls such as IPS can damage the timeliness and quality of the security assessment process. This is due to the IPS technologies performing their proper function - preventing unwanted traffic from being delivered to production infrastructure.
AFD allows the security assessor to evaluate a target for potential interferrence prior to engaging the assessment process proper; this minimises time wasted by the assessor and the risk of false positives or negatives in the assessment results.
Why did Pure Hacking publish AFD?
AFD is only valuable as a professional security assessment tool, and primarily in its function as a step within the OSSTMM methodology. As an OSSTMM auditor Pure Hacking wanted to contribute to the OSSTMM community, and tools such as this one seem to be a good way to make that contribution.
How do Pure Hacking's clients benefit from projects like this one?
Pure Hacking believes in skills transfer or transfer of knowledge. The tools used to perform penetration testing engagements are divulged to our clients. Working on AFD is in line with Pure Hacking's values of assisting clients to assist themselves. By sharing information throughout and after engagements, Pure Hacking's clients not only understand their risks, but they can begin to manage and mitigate them.
Pure Hacking's risk mitigation advice is about return on investment with your current spend. AFD embodies this fundamental philosophy.
If you operate within the finance, communications technology, insurance, business services, educational, or legal sectors, then see how Pure Hacking can help you manage the risk for your organisation.