In vulnerability scanning, there’s a big difference in an authenticated scan vs unauthenticated. Here’s why it matters, and why you should almost always go for an authenticated scan. Using authenticated scans is a vulnerability management best practice.
Lots of people misunderstand this. To quote myself about fifteen years ago: “Let me get this straight. I give you an admin account, and then you tell me you were able to log in?” It’s about logging in and assessing what’s wrong, not telling you we got in. Regardless of the tool you use, authenticated scans let the vulnerability scanner do its job better.
As a vulnerability management professional, I talk about vulnerability management best practices a lot. It comes up in sales presentations. I talk about it when my phone rings and a former colleague just needs to talk. But based on my experience, not many companies do vulnerability management well. If you’re not happy with your vulnerability management program, here are some best practices to help you get the results you want.
Tenable is one of the biggest names in vulnerability management, partly due to its sponsorship of several popular security podcasts. But due diligence requires taking a look at multiple solutions. So here’s an overview of Tenable competitors and my notes on them, having used each of them in the field.
As a vulnerability analyst by trade, I spend a lot of time using vulnerability scanners. Qualys and Tenable are the two market leaders in this space. I’ve used both in the field. Let’s take a look at Qualys vs Nessus so you can decide which of the two is right for you.
So, if you haven’t heard about Spectre and Meltdown, you can read my analysis over at my employer’s blog. I won’t compete with them. Let’s talk about the heat Intel is taking over this, and why I think it’s at least slightly unfair.
Tenable plugin 63155 and Qualys QID 105484 reference a medium-severity vulnerability regarding unquoted search paths. Unfortunately the fix action tends to be a bit vague. If you’re looking for a Windows unquoted search path fix, you’ve come to the right place. Here’s how to fix unquoted paths in Windows and clear Tenable plugin 63155 and Qualys QID 105484.
People frequently ask me how long to study for CISSP. Unfortunately it’s hard to give a set answer for that, but I can tell you how to figure out how long you need to study for it. That’s almost as good.
Don’t believe anyone who tells you they can get you ready in x number of days or weeks or even months. No one can know where you are relative to what you need to know to pass that test.
A CISSP is a professional certification. To attain CISSP, a professional must pass a six-hour, 250-question test and must have five years of professional experience doing work related to computer security. But after attaining the certification, what does a CISSP do?
An easy question on the test would involve what you have to be concerned about when running network cable through an HVAC duct. A medium-difficulty question might ask whether the CDMA or GSM standard for cell phones is more secure, and why. A hard question or series of questions would involve reading several pages of executive summary about a data breach and making recommendations to prevent it from happening again.
I got involved in a pair of conversations in the last week. One person complained that there’s a job shortage in information security but she can’t get one. Another complained there’s a job shortage in information security and he can’t find qualified candidates to fill them. In that spirit, here’s my advice on how to get a job in information security.