Vulnerability Management and more

2021-05-17 11:57:21 Information Security Automation pinned «My slides for #PHDays10 presentation are ready (Yay! ). To demonstrate the Vulristics capabilities, I've prepared the following reports: - Microsoft Patch Tuesday May 2021 (also without vendor's comments) - Top vulnerabilities that were used in attacks on…» Open / Comment

2021-05-17 11:57:14 My slides for #PHDays10 presentation are ready (Yay! ). To demonstrate the Vulristics capabilities, I've prepared the following reports:

- Microsoft Patch Tuesday May 2021 (also without vendor's comments)
- Top vulnerabilities that were used in attacks on US infrastructure according to NCSC / NSA joint report
- I compared the knowledge bases of Nessus and OpenVAS (GCF) for CVE-2021-* using VulnKBdiff and then made Vulristics reports on vulnerabilities that OpenVAS can't detect and Nessus can't detect

All reports were generated on Sunday, 16.05.2021. I purposely left some detection errors 'as is' to show the limitations. Open / Comment

2021-05-15 14:51:53 What a news! "That is why we are pleased to announce our intent to acquire Kenna Security, Inc., a recognized leader in risk-based vulnerability prioritization with over 14 million assets protected and over 12.7 billion managed vulnerabilities." https://blogs.cisco.com/news/364250

Upd. BTW, my review of Kenna from 2018. Also the blog post about Kenna API. Open / Comment

2021-05-07 12:55:58 I am proud to participate in #PHDays10
Eng, Rus, Vulristics Open / Comment

2021-04-22 17:16:05 Well, finally it is possible to find my videos simply by "phdays" query on YouTube. This may seem like a big success, but it's only because YouTube blocked the Positive Technologies channel and all the phdays videos, now there are only reuploads and unofficial videos available. Damn sanctions. Well, thanks God not all of the Internet is controlled from the USA yet. So everything is available at https://vk.com/phdays. BTW, my public vk channel as well. Open / Comment

2021-04-19 15:05:09 AM Live released an interview with me. We talked about choosing a Vulnerability Management solution. This video is in Russian. But it's pretty short, so I'm going to translate and re-dub it later. Open / Comment

2021-04-19 02:47:14 I have fixed the MS connector in Vulristics and updated some of the software classifications. You can see the full April 2021 Patch Tuesday report. Unfortunately, there is no more readable vulnerability descriptions on the MS website, and the description on NVD are awful, just look at this profanity:

"Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28329, CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434." Open / Comment

2021-04-17 23:34:58 from Anton Shipulin fb page Open / Comment

2021-04-15 15:44:41 Oh, shi... Treasury Sanctions Russia with Sweeping New Sanctions Authority Positive Technologies. Open / Comment

2021-04-15 12:27:48 Nessus 8.14.0 now supports VPR (Tenable Predictive Prioritization). Well, sort of...

"You can now view a new tab for scan results, Top Threats by VPR, which displays the 10 most severe vulnerabilities as determined by their VPR score."
"Although you may have more than 10 vulnerabilities found by a scan, VPR top threats display the 10 most severe vulnerabilities as determined by their VPR score."
"VPR is a dynamic score that changes over time to reflect the current threat landscape. However, VPR Top Threats reflect the VPR score for the vulnerability at the time the scan was run. To get updated VPR scores for vulnerabilities in a scan, re-run the scan."

So, it's more like a demo feature for promoting Tenable.sc and Tenable.io

PS: No, they don't store VPR in NASL plugins, I checked Open / Comment