Vulnerability Management and more

2021-01-06 17:22:38 #offtopic Hello everyone! Thanks to the long New Year holidays in Russia, I had time to work on my own projects that are not related to information security. I released them on github and recorded short demos (btw, Zoom is quite convenient for this ). Open / Comment

2021-01-01 01:34:32 HNY comrades! Open / Comment

2020-12-31 12:47:38 BTW, in recent updates #Tenable guys have added very good pre-installed HTML / PDF reports to #Nessus Professional:

8.12.0, 2020-10-08:
"* An Unsupported Software report to provide insight into unsupported software found in the customer's environment.
* An Exploitable Vulnerabilities report which details all detected vulnerabilities which have known exploits.
* An OS Detections report which gives lists all operating systems found on the scanned targets."

8.13.0, 2020-12-07:
"* A report summarizing a list of IPs with what vulnerabilities were found in the scan.
* A report summarizing all known/default accounts found on systems during the scan.
* A report for vulnerabilities older than one year, which gives insight on when the vulnerabilities were initially reported to be exploitable."

Of course, you can easily get it from the xml report (which is now .xml, not .nessus ), but it's still cool that now it can be done in a couple of clicks right in the scanner. Open / Comment

2020-12-20 19:00:35 Lol. It looks like SolarWinds guys removed their customers list from the site. I took this screenshot last week.
https://www.solarwinds.com/company/customers
https://www.theverge.com/2020/12/15/22176053/solarwinds-hack-client-list-russia-orion-it-compromised Open / Comment

2020-12-13 20:47:17 New #Vulristics vulnerability score based on "Exploited in the Wild" param from vulners.com Open / Comment

2020-12-10 19:11:15 Quite often people ask what is the best VM solution on the market.

> What's the best solution for managing vulnerabilities, patches, configurations, software inventory, software installation/removal, and with some WSUS integration?

All major VM vendors promise this. The only thing is that these solutions are very expensive and don't work well. I am for the custom automation on top of a basic detection tool (Nessus, Vulners API, etc.). This is for the case when you have someone to write scripts for automation. If there is no one, but you have a large budget and you are not afraid to send data to the VM vendor's cloud, then try Qualys. If you are afraid to send your data to the VM vendor's cloud, then try Tenable.sc. But that's for traditional IT assets. Kubernetes/docker/CICD is a special world with specific solutions. Open / Comment

2020-12-06 14:59:16 In this episode, I would like to share my thoughts about the new Vulnerability Management product by Positive Technologies - #MaxPatrol VM.
1. There can be no good Vulnerability Management without good IT Asset Management
2. Vulnerability management doesn't mean pushing IT to install every patch
3. There should be a separate process for the most critical and exploitable vulnerabilities
4. Unified Vulnerability Management dashboard

Youtube:


Blog: https://avleonov.com/2020/12/05/maxpatrol-vm-an-ambitious-vision-for-vulnerability-management-transformation/ Open / Comment