Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2016-06-23 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

An Approach to Vulnerability Management

Published: 2016-06-23
Last Updated: 2016-06-23 23:44:25 UTC
by Russell Eubanks (Version: 1)
12 comment(s)

No need to do anything to make your auditor happy than to purchase the most popular scanning tool
 
No need to worry, when the scan is over and the report has been produced - you are all done
 
No need to ever leave your cube and speak directly with your system administrators
 
No need to ever test the scanner on a non-production network in advance
 
No need to worry, a clean scan means you are both compliant and secure
 
No need to ever leave your cube and speak directly with your application developers
 
No need to ever let anyone know when your scan starts, after all an attacker is not going to do that so why should you
 
No need to worry, if something becomes unavailable during a scan it is totally not your problem
 
 
No need to show good stewardship after the purchase by producing metrics such as the percentage of findings that have been fixed as a percentage of all the findings
 
No need to seek data that demonstrates your scanner could serve as a platform to improve your security posture
 
No need to keep your boss informed of your progress, s/he would not understand 
 
No need to divert any of your time from finding things to fixing things
 
No need to ever think that your scanning tool is every anything but spot on accurate
 
No need to hold back, it would be great if you shared your Vulnerability Management “best practices" in our comments section below
 
 
Russell Eubanks
12 comment(s)
ISC Stormcast For Thursday, June 23rd 2016 http://isc.sans.edu/podcastdetail.html?id=5053
Diary Archives