Security checks

Are your security mechanism works correctly?

Monitoring security mechanisms using scripts


Why do you need it?

Performance: All security appliances have their performance limits. When device is overloaded it can disable all its mechanisms to get back to stable work. During this time you are not protected.
Misconfiguration: Security turned off by accident
Software errors: Bug that disables security


What to monitor?

Use automatic scripts to test:
Antivirus (host and network/proxy av) - Download/upload eicar test file
Web categorization - try to view blocked page
WAF - keep some hidden file on web server and try to download it
IPS - create IPS signature for eicar test file and try to send this file
DLP - create rule for some fake file
SMTP proxy - send spam and eicar file
DB Firewall - run harmless sql injection, WAF exception needed