security Archives

Home » security » Page 17

What is Shadow IT?

Dave Farquhar security April 11, 2018February 27, 2021

What is Shadow IT? It’s something every IT professional comes into contact with at some point and wishes they hadn’t. Here’s what Shadow IT is, why it’s bad, and how to avoid it.

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.

dfarq.homeip.net

Do Chromebooks need antivirus protection?

Dave Farquhar security April 10, 2018January 25, 2019

Chromebooks are a popular solution for people who primarily use computers to go online, for students, and for security professionals. They are inexpensive, reliable, and secure. But since security is a big motivator behind Chromebooks, that raises a question: Do Chromebooks need antivirus protection?

Dave Farquhar

dfarq.homeip.net

Why do hackers hack?

Dave Farquhar security March 21, 2018January 15, 2022

A frequent question people ask me, as a security professional, is why do hackers hack? The answer used to vary, but today they typically hack for the same reason I do. To make money. The difference is who pays them. Well, and that little detail called permission, of course.

Dave Farquhar

dfarq.homeip.net

How a vulnerability scanner works

Dave Farquhar security March 14, 2018March 10, 2018

Vulnerability scanning is an essential part of any information security program. Unfortunately it’s also pretty widely misunderstood. In that light, let’s take a look at what a vulnerability scanner is, and how a vulnerability scanner works.

Dave Farquhar

dfarq.homeip.net

What is a vulnerability management program?

Dave Farquhar security March 9, 2018March 18, 2020

What is a vulnerability management program? Well, it’s not a computer program, although you will need some software to run a successful vulnerability management program. But vulnerability management is a discipline. A vulnerability management program is an ongoing continuous operation to ensure the discipline is working in your organization.

That may raise as many questions as it answers, so let’s dig in.

Dave Farquhar

dfarq.homeip.net

Qualys asset tracking: All you need to know

Dave Farquhar security March 6, 2018January 23, 2019

I probably get more questions about Qualys asset tracking than I get about anything else in regards to Qualys. Many people misunderstand Qualys asset tracking. It’s really easy to mess it up, and things can go horribly wrong if you do.

By default, Qualys tracks assets by IP address. It can also track by NetBIOS name or DNS name. If your authentication is really solid and you enable Agentless Tracking, the Dissolvable Agent, and Unified View, you can also in effect force Qualys to track by a system-generated UUID as well.

Dave Farquhar

dfarq.homeip.net

Authenticated scan vs unauthenticated

Dave Farquhar security February 13, 2018March 23, 2025

In vulnerability scanning, there’s a big difference in an authenticated scan vs unauthenticated. Here’s why it matters, and why you should almost always go for an authenticated scan. Using authenticated scans is a vulnerability management best practice.

Lots of people misunderstand this. To quote myself circa 2005: “Let me get this straight. I give you an admin account, and then you tell me you were able to log in?” It’s about logging in and assessing what’s wrong, not telling you we got in. Regardless of the tool you use, authenticated scans let the vulnerability scanner do its job better.

Dave Farquhar

dfarq.homeip.net

Vulnerability management best practices

Dave Farquhar security February 6, 2018September 5, 2019

As a vulnerability management professional, I talk about vulnerability management best practices a lot. It comes up in sales presentations. I talk about it when my phone rings and a former colleague just needs to talk. But based on my experience, not many companies do vulnerability management well. If you’re not happy with your vulnerability management program, here are some best practices to help you get the results you want.

Dave Farquhar

dfarq.homeip.net

Tenable competitors for vulnerability management

Dave Farquhar security January 30, 2018September 4, 2018

Tenable is one of the biggest names in vulnerability management, partly due to its sponsorship of several popular security podcasts. But due diligence requires taking a look at multiple solutions. So here’s an overview of Tenable competitors and my notes on them, having used each of them in the field.

Dave Farquhar

dfarq.homeip.net

Qualys vs Nessus: Vulnerability scanning titans

Dave Farquhar security January 23, 2018October 23, 2022

As a vulnerability analyst by trade, I spend a lot of time using vulnerability scanners. Qualys and Tenable are the two market leaders in this space. I’ve used both in the field. Let’s take a look at Qualys vs Nessus so you can decide which of the two is right for you.

A vulnerability scanner is an essential part of an enterprise vulnerability management program. Having the right scanner is essential because a vulnerability management program lives or dies by having data that is accurate and actionable.

Dave Farquhar

dfarq.homeip.net

The Silicon Underground

security

What is Shadow IT?

Do Chromebooks need antivirus protection?

Why do hackers hack?

How a vulnerability scanner works

What is a vulnerability management program?

Qualys asset tracking: All you need to know

Authenticated scan vs unauthenticated

Vulnerability management best practices

Read more

Tenable competitors for vulnerability management

Qualys vs Nessus: Vulnerability scanning titans