Resources:
--------
Rapid 7 Nexpose/Insight VM - Free Trial - www.rapid7.com/
NESSUS Community Edition (FREE for 16 IPs) - www.tenable.co...
Qualys Community Edition (FREE for 16 IPs) - www.qualys.com...
OpenVAS - FREE (www.openvas.org/)
OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low level Internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.
Internet is omnipresent
Security is needed
Security is needed by law for various business domains
Security breach is costly - Monetary and reputation damage
Basic components of Infrastructure Security
Vulnerability Management
Penetration testing
Tools
Nessus, Qualys, Rapid7 InsightVM/Nexpose
Vulnerability Assessment
identify vulnerabilities in an infrastructure
Check against a vulnerability database (universal for all Orgs)
Policy Assessment (Configurations)
Check against organizational policy requirements (changes from Org to Org)
STIG / CIS
Vulnerability: Potential weakness (weak password, unencrypted traffic)
Can we do manual validation? Do we absolutely need a tool?
Risk Prevention: Periodic scans identify vulnerabilities within OS, middle-ware and applications. Issues are identified based on severity and risks can be assigned to all known issues.
Avoid Non-compliance: Regular periodic identification and remediation issues help organizations to meet various regulatory requirements.
Staying ahead of the game: Early identification will lead to early remediation. Thereby quick reduction of attack surface.
Avoid
Financial loss
Reputation loss
Data loss
CIA impact
Негізгі бет Vulnerability Management-101: Commercial and Free tools - Nessus, Rapid7 Nexpose, Qualys and OpenVAS
Пікірлер: 4