SlideShare a Scribd company logo

Greenbone vulnerability assessment - Networkshop44

Download as PPTX, PDF
Jisc
Jisc

Greenbone vulnerability assessment - Dirk Schrader, Greenbone

Education
1 of 15
Greenbone vulnerability assessment Dirk Schrader
what‘s bad on your network: tackling it with Vulnerability Management Dirk Schrader University of Manchester; March 24th, 2016 09:45 – 10:15, Theatre A
Introduction • Greenbone Networks • Develops Vulnerability Management Solutions since 2004 • Open Source and Transparency • Your data is your data: NO CLOUD • German • Dirk Schrader • CISSP (by ISC2) in good standing • CISM (by ISACA) in progress • 20+ years in IT Sec • German, too www.greenbone.net
What should be considered as ‚bad‘? www.greenbone.net Susceptibility Accessibility Capability Anything which is susceptible to misuse and accessible by an adversary with sufficient capabilities. That can be: • Software flaws • Defaults or misconfigurations • Unauthorized or unsuspected installations • Compliance deviation or Non-Compliance • Policy deviation or violation
Start with a different perspective, .. www.greenbone.net Processes, Policies & Awareness Physical Perimeter Network Host & OS Application Data Authentication NG Firewall N-IDPS H-IDPS AV-System SIEM / ISMS Vulnerability Management inside–outview outside–inview
.. then prepare, • Define secure configurations • Whitelist systems and applications • Map to security controls • Still, if none is there: start simple, enhance stepwise www.greenbone.net Policies Compliance Guidelines
.. identify, • Import and/or discover assets • Scan assets • Scan them authenticated • CPE information is vital www.greenbone.net
.. classify, • use CVSS, CVE, and CPE • enhance with add SecInfo • most important, tag with Asset Criticality info www.greenbone.net
.. prioritize, • based on Score, Quality of Detection, and available Solution Type • adding Asset Criticality Information • Attack status confirms www.greenbone.net
.. assign, • use Reports, Alerts, or a Ticket System • based on Knowlegde, Experience, and Role • track and trace assignment www.greenbone.net
.. mitigate and remediate, • patch and/or upgrade • block and/or isolate • work around • override is also a temporary option www.greenbone.net
.. store and repeat,.. • predict and trend assets • handle changes in infrastructure • time-stamped data supports Forensics • average of 40 high severity flaws published per week • 24h/48h ‚Window of Vulnerability‘ www.greenbone.net
.. and improve!• Eases implementation of Updates and Changes to Policies, Guidelines, and Compliance • Meaningful KPIs for the IT Security documented • The number of vulnerabilities over time is not meaningful • But the time needed to mediate/mitigate (reduced by..) • The time needed to identify (faster by x) • Fail/pass ratio of adherence to policy, compliance (increased by ..) www.greenbone.net
the process of Vulnerability Management www.greenbone.net prepare identify classify prioritize assign mitigate & remediate store & repeat improve
• Thank you, •ready for questions ?!

Recommended

Solving access for hybrid it Axians (introducing pulse secure) - Networkshop44
Solving access for hybrid it Axians (introducing pulse secure) - Networkshop44Solving access for hybrid it Axians (introducing pulse secure) - Networkshop44
Solving access for hybrid it Axians (introducing pulse secure) - Networkshop44Jisc
 
Exhibitor session: Cisco Meraki
Exhibitor session: Cisco MerakiExhibitor session: Cisco Meraki
Exhibitor session: Cisco MerakiJisc
 
eduTEAMS
eduTEAMSeduTEAMS
eduTEAMSJisc
 
Securing Your Network
Securing Your NetworkSecuring Your Network
Securing Your NetworkePlus
 
Xaas infotech (2)
Xaas infotech (2)Xaas infotech (2)
Xaas infotech (2)Prabod Abhinov Gunupudi
 
SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013Wolfgang Kandek
 
Découvrez comment mettre en place un programme de protection des données effi...
Découvrez comment mettre en place un programme de protection des données effi...Découvrez comment mettre en place un programme de protection des données effi...
Découvrez comment mettre en place un programme de protection des données effi...Benoît H. Dicaire
 
2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINALRick Kingsley
 

Recommended

Solving access for hybrid it Axians (introducing pulse secure) - Networkshop44
Solving access for hybrid it Axians (introducing pulse secure) - Networkshop44Solving access for hybrid it Axians (introducing pulse secure) - Networkshop44
Solving access for hybrid it Axians (introducing pulse secure) - Networkshop44Jisc
 
Exhibitor session: Cisco Meraki
Exhibitor session: Cisco MerakiExhibitor session: Cisco Meraki
Exhibitor session: Cisco MerakiJisc
 
eduTEAMS
eduTEAMSeduTEAMS
eduTEAMSJisc
 
Securing Your Network
Securing Your NetworkSecuring Your Network
Securing Your NetworkePlus
 
Xaas infotech (2)
Xaas infotech (2)Xaas infotech (2)
Xaas infotech (2)Prabod Abhinov Gunupudi
 
SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013Wolfgang Kandek
 
Découvrez comment mettre en place un programme de protection des données effi...
Découvrez comment mettre en place un programme de protection des données effi...Découvrez comment mettre en place un programme de protection des données effi...
Découvrez comment mettre en place un programme de protection des données effi...Benoît H. Dicaire
 
2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINALRick Kingsley
 
Cloud Services & the Development of ISO/IEC 27018
Cloud Services & the Development of ISO/IEC 27018Cloud Services & the Development of ISO/IEC 27018
Cloud Services & the Development of ISO/IEC 27018Corporacion Colombia Digital
 
[Cisco Connect 2018 - Vietnam] 1. lam doan introducing cisco dna assurance-...
[Cisco Connect 2018 - Vietnam] 1. lam doan introducing cisco dna assurance-...[Cisco Connect 2018 - Vietnam] 1. lam doan introducing cisco dna assurance-...
[Cisco Connect 2018 - Vietnam] 1. lam doan introducing cisco dna assurance-...Nur Shiqim Chok
 
Integration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS EnergyIntegration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS Energystacybre
 
Kyle Taylor – increasing your security posture using mc afee epo
Kyle Taylor – increasing your security posture using mc afee epoKyle Taylor – increasing your security posture using mc afee epo
Kyle Taylor – increasing your security posture using mc afee epoKyle Taylor
 
APrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of ThingsAPrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of ThingsAPNIC
 
Security Risks: The Threat is Real
Security Risks: The Threat is RealSecurity Risks: The Threat is Real
Security Risks: The Threat is RealePlus
 
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At OddsJervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Oddscentralohioissa
 
Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...
Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...
Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...APNIC
 
Webinar: Adaptive Security
Webinar: Adaptive SecurityWebinar: Adaptive Security
Webinar: Adaptive SecurityBlueliv
 
End Your Security Nightmares with ePlus and Cisco
End Your Security Nightmares with ePlus and CiscoEnd Your Security Nightmares with ePlus and Cisco
End Your Security Nightmares with ePlus and CiscoePlus
 
Wasn't expecting that! Now what?
Wasn't expecting that! Now what?Wasn't expecting that! Now what?
Wasn't expecting that! Now what?Jisc
 
The Future of Technology Operations
The Future of Technology OperationsThe Future of Technology Operations
The Future of Technology OperationsIvanti
 
Technologies for Security and Compliance by Ken McIntyre, Ercot
Technologies for Security and Compliance by Ken McIntyre, ErcotTechnologies for Security and Compliance by Ken McIntyre, Ercot
Technologies for Security and Compliance by Ken McIntyre, ErcotTheAnfieldGroup
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbersAPNIC
 
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...TheAnfieldGroup
 
Secure Mobility with Analytics for the Private Cloud
Secure Mobility with Analytics for the Private CloudSecure Mobility with Analytics for the Private Cloud
Secure Mobility with Analytics for the Private CloudExtreme Networks
 
Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!centralohioissa
 
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...TheAnfieldGroup
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metricscentralohioissa
 
UTM Technology & Leaders of UTMs in Gartner Magic report 2014
UTM Technology & Leaders of UTMs in Gartner Magic report 2014UTM Technology & Leaders of UTMs in Gartner Magic report 2014
UTM Technology & Leaders of UTMs in Gartner Magic report 2014Tarek Nader
 
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...Jisc
 
Professional development processes - Networkshop44
Professional development processes - Networkshop44Professional development processes - Networkshop44
Professional development processes - Networkshop44Jisc
 

More Related Content

What's hot

[Cisco Connect 2018 - Vietnam] 1. lam doan introducing cisco dna assurance-...
[Cisco Connect 2018 - Vietnam] 1. lam doan introducing cisco dna assurance-...[Cisco Connect 2018 - Vietnam] 1. lam doan introducing cisco dna assurance-...
[Cisco Connect 2018 - Vietnam] 1. lam doan introducing cisco dna assurance-...Nur Shiqim Chok
 
Integration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS EnergyIntegration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS Energystacybre
 
Kyle Taylor – increasing your security posture using mc afee epo
Kyle Taylor – increasing your security posture using mc afee epoKyle Taylor – increasing your security posture using mc afee epo
Kyle Taylor – increasing your security posture using mc afee epoKyle Taylor
 
APrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of ThingsAPrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of ThingsAPNIC
 
Security Risks: The Threat is Real
Security Risks: The Threat is RealSecurity Risks: The Threat is Real
Security Risks: The Threat is RealePlus
 
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At OddsJervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Oddscentralohioissa
 
Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...
Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...
Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...APNIC
 
Webinar: Adaptive Security
Webinar: Adaptive SecurityWebinar: Adaptive Security
Webinar: Adaptive SecurityBlueliv
 
End Your Security Nightmares with ePlus and Cisco
End Your Security Nightmares with ePlus and CiscoEnd Your Security Nightmares with ePlus and Cisco
End Your Security Nightmares with ePlus and CiscoePlus
 
Wasn't expecting that! Now what?
Wasn't expecting that! Now what?Wasn't expecting that! Now what?
Wasn't expecting that! Now what?Jisc
 
The Future of Technology Operations
The Future of Technology OperationsThe Future of Technology Operations
The Future of Technology OperationsIvanti
 
Technologies for Security and Compliance by Ken McIntyre, Ercot
Technologies for Security and Compliance by Ken McIntyre, ErcotTechnologies for Security and Compliance by Ken McIntyre, Ercot
Technologies for Security and Compliance by Ken McIntyre, ErcotTheAnfieldGroup
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbersAPNIC
 
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...TheAnfieldGroup
 
Secure Mobility with Analytics for the Private Cloud
Secure Mobility with Analytics for the Private CloudSecure Mobility with Analytics for the Private Cloud
Secure Mobility with Analytics for the Private CloudExtreme Networks
 
Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!centralohioissa
 
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...TheAnfieldGroup
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metricscentralohioissa
 
UTM Technology & Leaders of UTMs in Gartner Magic report 2014
UTM Technology & Leaders of UTMs in Gartner Magic report 2014UTM Technology & Leaders of UTMs in Gartner Magic report 2014
UTM Technology & Leaders of UTMs in Gartner Magic report 2014Tarek Nader
 

What's hot (20)

Cloud Services & the Development of ISO/IEC 27018
Cloud Services & the Development of ISO/IEC 27018Cloud Services & the Development of ISO/IEC 27018
Cloud Services & the Development of ISO/IEC 27018
 
[Cisco Connect 2018 - Vietnam] 1. lam doan introducing cisco dna assurance-...
[Cisco Connect 2018 - Vietnam] 1. lam doan introducing cisco dna assurance-...[Cisco Connect 2018 - Vietnam] 1. lam doan introducing cisco dna assurance-...
[Cisco Connect 2018 - Vietnam] 1. lam doan introducing cisco dna assurance-...
 
Integration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS EnergyIntegration of Technology & Compliance Presented by John Heintz, CPS Energy
Integration of Technology & Compliance Presented by John Heintz, CPS Energy
 
Kyle Taylor – increasing your security posture using mc afee epo
Kyle Taylor – increasing your security posture using mc afee epoKyle Taylor – increasing your security posture using mc afee epo
Kyle Taylor – increasing your security posture using mc afee epo
 
APrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of ThingsAPrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of Things
 
Security Risks: The Threat is Real
Security Risks: The Threat is RealSecurity Risks: The Threat is Real
Security Risks: The Threat is Real
 
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At OddsJervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
 
Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...
Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...
Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...
 
Webinar: Adaptive Security
Webinar: Adaptive SecurityWebinar: Adaptive Security
Webinar: Adaptive Security
 
End Your Security Nightmares with ePlus and Cisco
End Your Security Nightmares with ePlus and CiscoEnd Your Security Nightmares with ePlus and Cisco
End Your Security Nightmares with ePlus and Cisco
 
Wasn't expecting that! Now what?
Wasn't expecting that! Now what?Wasn't expecting that! Now what?
Wasn't expecting that! Now what?
 
The Future of Technology Operations
The Future of Technology OperationsThe Future of Technology Operations
The Future of Technology Operations
 
Technologies for Security and Compliance by Ken McIntyre, Ercot
Technologies for Security and Compliance by Ken McIntyre, ErcotTechnologies for Security and Compliance by Ken McIntyre, Ercot
Technologies for Security and Compliance by Ken McIntyre, Ercot
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbers
 
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
Collaborative Threat Mitigation or (Collective Self Defense) by Scott Pinkert...
 
Secure Mobility with Analytics for the Private Cloud
Secure Mobility with Analytics for the Private CloudSecure Mobility with Analytics for the Private Cloud
Secure Mobility with Analytics for the Private Cloud
 
Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!
 
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metrics
 
UTM Technology & Leaders of UTMs in Gartner Magic report 2014
UTM Technology & Leaders of UTMs in Gartner Magic report 2014UTM Technology & Leaders of UTMs in Gartner Magic report 2014
UTM Technology & Leaders of UTMs in Gartner Magic report 2014
 

Viewers also liked

EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...Jisc
 
Professional development processes - Networkshop44
Professional development processes - Networkshop44Professional development processes - Networkshop44
Professional development processes - Networkshop44Jisc
 
Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44Jisc
 
How to view a project, as a junior engineer - Networkshop44
How to view a project, as a junior engineer - Networkshop44How to view a project, as a junior engineer - Networkshop44
How to view a project, as a junior engineer - Networkshop44Jisc
 
Application of Assent in the safe - Networkshop44
Application of Assent in the safe - Networkshop44Application of Assent in the safe - Networkshop44
Application of Assent in the safe - Networkshop44Jisc
 
Internet in space - Networkshop44
Internet in space - Networkshop44Internet in space - Networkshop44
Internet in space - Networkshop44Jisc
 
Abuse helper app - Networkshop44
Abuse helper app - Networkshop44Abuse helper app - Networkshop44
Abuse helper app - Networkshop44Jisc
 
Attracting, recruiting and retaining staff - Networkshop44
Attracting, recruiting and retaining staff - Networkshop44Attracting, recruiting and retaining staff - Networkshop44
Attracting, recruiting and retaining staff - Networkshop44Jisc
 
Data centre networking at the University of Bristol - Networkshop44
Data centre networking at the University of Bristol - Networkshop44Data centre networking at the University of Bristol - Networkshop44
Data centre networking at the University of Bristol - Networkshop44Jisc
 
Trust and identity services and architecture - Networkshop44
Trust and identity services and architecture - Networkshop44Trust and identity services and architecture - Networkshop44
Trust and identity services and architecture - Networkshop44Jisc
 
Ipv6 deployment at the university of warwick - networkshop44
Ipv6 deployment at the university of warwick - networkshop44Ipv6 deployment at the university of warwick - networkshop44
Ipv6 deployment at the university of warwick - networkshop44Jisc
 
Network engineering surgery - Networkshop44
Network engineering surgery - Networkshop44Network engineering surgery - Networkshop44
Network engineering surgery - Networkshop44Jisc
 
Ipv6 deployment at the university of reading - Networkshop44
Ipv6 deployment at the university of reading - Networkshop44Ipv6 deployment at the university of reading - Networkshop44
Ipv6 deployment at the university of reading - Networkshop44Jisc
 
Data networking at UCL - Networkshop44
Data networking at UCL - Networkshop44Data networking at UCL - Networkshop44
Data networking at UCL - Networkshop44Jisc
 
Telephony developments at pirbright - Networkshop44
Telephony developments at pirbright - Networkshop44Telephony developments at pirbright - Networkshop44
Telephony developments at pirbright - Networkshop44Jisc
 
IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44Jisc
 
Finding vulnerabilities - networkshop44
Finding vulnerabilities - networkshop44Finding vulnerabilities - networkshop44
Finding vulnerabilities - networkshop44Jisc
 
Session initiation protocol (sip) the force awakens in the Janet network comm...
Session initiation protocol (sip) the force awakens in the Janet network comm...Session initiation protocol (sip) the force awakens in the Janet network comm...
Session initiation protocol (sip) the force awakens in the Janet network comm...Jisc
 
The simplification of the campus network Juniper - Networkshop44
The simplification of the campus network Juniper - Networkshop44The simplification of the campus network Juniper - Networkshop44
The simplification of the campus network Juniper - Networkshop44Jisc
 
SafeShare - Networkshop44
SafeShare - Networkshop44SafeShare - Networkshop44
SafeShare - Networkshop44Jisc
 

Viewers also liked (20)

EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
 
Professional development processes - Networkshop44
Professional development processes - Networkshop44Professional development processes - Networkshop44
Professional development processes - Networkshop44
 
Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44
 
How to view a project, as a junior engineer - Networkshop44
How to view a project, as a junior engineer - Networkshop44How to view a project, as a junior engineer - Networkshop44
How to view a project, as a junior engineer - Networkshop44
 
Application of Assent in the safe - Networkshop44
Application of Assent in the safe - Networkshop44Application of Assent in the safe - Networkshop44
Application of Assent in the safe - Networkshop44
 
Internet in space - Networkshop44
Internet in space - Networkshop44Internet in space - Networkshop44
Internet in space - Networkshop44
 
Abuse helper app - Networkshop44
Abuse helper app - Networkshop44Abuse helper app - Networkshop44
Abuse helper app - Networkshop44
 
Attracting, recruiting and retaining staff - Networkshop44
Attracting, recruiting and retaining staff - Networkshop44Attracting, recruiting and retaining staff - Networkshop44
Attracting, recruiting and retaining staff - Networkshop44
 
Data centre networking at the University of Bristol - Networkshop44
Data centre networking at the University of Bristol - Networkshop44Data centre networking at the University of Bristol - Networkshop44
Data centre networking at the University of Bristol - Networkshop44
 
Trust and identity services and architecture - Networkshop44
Trust and identity services and architecture - Networkshop44Trust and identity services and architecture - Networkshop44
Trust and identity services and architecture - Networkshop44
 
Ipv6 deployment at the university of warwick - networkshop44
Ipv6 deployment at the university of warwick - networkshop44Ipv6 deployment at the university of warwick - networkshop44
Ipv6 deployment at the university of warwick - networkshop44
 
Network engineering surgery - Networkshop44
Network engineering surgery - Networkshop44Network engineering surgery - Networkshop44
Network engineering surgery - Networkshop44
 
Ipv6 deployment at the university of reading - Networkshop44
Ipv6 deployment at the university of reading - Networkshop44Ipv6 deployment at the university of reading - Networkshop44
Ipv6 deployment at the university of reading - Networkshop44
 
Data networking at UCL - Networkshop44
Data networking at UCL - Networkshop44Data networking at UCL - Networkshop44
Data networking at UCL - Networkshop44
 
Telephony developments at pirbright - Networkshop44
Telephony developments at pirbright - Networkshop44Telephony developments at pirbright - Networkshop44
Telephony developments at pirbright - Networkshop44
 
IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44
 
Finding vulnerabilities - networkshop44
Finding vulnerabilities - networkshop44Finding vulnerabilities - networkshop44
Finding vulnerabilities - networkshop44
 
Session initiation protocol (sip) the force awakens in the Janet network comm...
Session initiation protocol (sip) the force awakens in the Janet network comm...Session initiation protocol (sip) the force awakens in the Janet network comm...
Session initiation protocol (sip) the force awakens in the Janet network comm...
 
The simplification of the campus network Juniper - Networkshop44
The simplification of the campus network Juniper - Networkshop44The simplification of the campus network Juniper - Networkshop44
The simplification of the campus network Juniper - Networkshop44
 
SafeShare - Networkshop44
SafeShare - Networkshop44SafeShare - Networkshop44
SafeShare - Networkshop44
 

Similar to Greenbone vulnerability assessment - Networkshop44

Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchMcKonly & Asbury, LLP
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management ProgramTripwire
 
Assessing System Risk the Smart Way
Assessing System Risk the Smart WayAssessing System Risk the Smart Way
Assessing System Risk the Smart WaySecurity Innovation
 
Decrease Cyber Risk at your Community Bank
Decrease Cyber Risk at your Community BankDecrease Cyber Risk at your Community Bank
Decrease Cyber Risk at your Community BankGreat Bay Software
 
RMS Security Breakfast
RMS Security BreakfastRMS Security Breakfast
RMS Security BreakfastRackspace
 
Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayChris Gates
 
Cybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comCybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comAravind R
 
Protecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and IntersetProtecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and IntersetPerforce
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA Information Security
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
CNIT 121: 2 IR Management Handbook
CNIT 121: 2 IR Management HandbookCNIT 121: 2 IR Management Handbook
CNIT 121: 2 IR Management HandbookSam Bowne
 
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraWorkshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraIGN MANTRA
 
Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Scott Carlson
 
Cyber security series vulnerability assessments
Cyber security series vulnerability assessmentsCyber security series vulnerability assessments
Cyber security series vulnerability assessmentsJim Kaplan CIA CFE
 
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas IndonesiaIGN MANTRA
 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile WorldDavid Lindner
 
Myths of validation
Myths of validationMyths of validation
Myths of validationJeff Thomas
 
Today's Cyber Challenges: Methodology to Secure Your Business
Today's Cyber Challenges: Methodology to Secure Your BusinessToday's Cyber Challenges: Methodology to Secure Your Business
Today's Cyber Challenges: Methodology to Secure Your BusinessJoAnna Cheshire
 

Similar to Greenbone vulnerability assessment - Networkshop44 (20)

Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect Match
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program
 
Assessing System Risk the Smart Way
Assessing System Risk the Smart WayAssessing System Risk the Smart Way
Assessing System Risk the Smart Way
 
Decrease Cyber Risk at your Community Bank
Decrease Cyber Risk at your Community BankDecrease Cyber Risk at your Community Bank
Decrease Cyber Risk at your Community Bank
 
RMS Security Breakfast
RMS Security BreakfastRMS Security Breakfast
RMS Security Breakfast
 
Vapt life cycle
Vapt life cycleVapt life cycle
Vapt life cycle
 
Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions Today
 
Cybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comCybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.com
 
Protecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and IntersetProtecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and Interset
 
Ccna sec 01
Ccna sec 01Ccna sec 01
Ccna sec 01
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshop
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
 
CNIT 121: 2 IR Management Handbook
CNIT 121: 2 IR Management HandbookCNIT 121: 2 IR Management Handbook
CNIT 121: 2 IR Management Handbook
 
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantraWorkshop incident response n handling-bssn 12 nop 2019-ignmantra
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
 
Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?
 
Cyber security series vulnerability assessments
Cyber security series vulnerability assessmentsCyber security series vulnerability assessments
Cyber security series vulnerability assessments
 
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile World
 
Myths of validation
Myths of validationMyths of validation
Myths of validation
 
Today's Cyber Challenges: Methodology to Secure Your Business
Today's Cyber Challenges: Methodology to Secure Your BusinessToday's Cyber Challenges: Methodology to Secure Your Business
Today's Cyber Challenges: Methodology to Secure Your Business
 

More from Jisc

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...Jisc
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxJisc
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxJisc
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Jisc
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...Jisc
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptxJisc
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxJisc
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxJisc
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxJisc
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJisc
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxJisc
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptxJisc
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptxJisc
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxJisc
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptxJisc
 

More from Jisc (20)

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptx
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptx
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptx
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptx
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptx
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptx
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptx
 

Recently uploaded

4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptxmary850239
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Celine George
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONHumphrey A Beña
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfSpandanaRallapalli
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxiammrhaywood
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...Nguyen Thanh Tu Collection
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 

Recently uploaded (20)

4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdf
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 

Greenbone vulnerability assessment - Networkshop44

  • 2. what‘s bad on your network: tackling it with Vulnerability Management Dirk Schrader University of Manchester; March 24th, 2016 09:45 – 10:15, Theatre A
  • 3. Introduction • Greenbone Networks • Develops Vulnerability Management Solutions since 2004 • Open Source and Transparency • Your data is your data: NO CLOUD • German • Dirk Schrader • CISSP (by ISC2) in good standing • CISM (by ISACA) in progress • 20+ years in IT Sec • German, too www.greenbone.net
  • 4. What should be considered as ‚bad‘? www.greenbone.net Susceptibility Accessibility Capability Anything which is susceptible to misuse and accessible by an adversary with sufficient capabilities. That can be: • Software flaws • Defaults or misconfigurations • Unauthorized or unsuspected installations • Compliance deviation or Non-Compliance • Policy deviation or violation
  • 5. Start with a different perspective, .. www.greenbone.net Processes, Policies & Awareness Physical Perimeter Network Host & OS Application Data Authentication NG Firewall N-IDPS H-IDPS AV-System SIEM / ISMS Vulnerability Management inside–outview outside–inview
  • 6. .. then prepare, • Define secure configurations • Whitelist systems and applications • Map to security controls • Still, if none is there: start simple, enhance stepwise www.greenbone.net Policies Compliance Guidelines
  • 7. .. identify, • Import and/or discover assets • Scan assets • Scan them authenticated • CPE information is vital www.greenbone.net
  • 8. .. classify, • use CVSS, CVE, and CPE • enhance with add SecInfo • most important, tag with Asset Criticality info www.greenbone.net
  • 9. .. prioritize, • based on Score, Quality of Detection, and available Solution Type • adding Asset Criticality Information • Attack status confirms www.greenbone.net
  • 10. .. assign, • use Reports, Alerts, or a Ticket System • based on Knowlegde, Experience, and Role • track and trace assignment www.greenbone.net
  • 11. .. mitigate and remediate, • patch and/or upgrade • block and/or isolate • work around • override is also a temporary option www.greenbone.net
  • 12. .. store and repeat,.. • predict and trend assets • handle changes in infrastructure • time-stamped data supports Forensics • average of 40 high severity flaws published per week • 24h/48h ‚Window of Vulnerability‘ www.greenbone.net
  • 13. .. and improve!• Eases implementation of Updates and Changes to Policies, Guidelines, and Compliance • Meaningful KPIs for the IT Security documented • The number of vulnerabilities over time is not meaningful • But the time needed to mediate/mitigate (reduced by..) • The time needed to identify (faster by x) • Fail/pass ratio of adherence to policy, compliance (increased by ..) www.greenbone.net
  • 14. the process of Vulnerability Management www.greenbone.net prepare identify classify prioritize assign mitigate & remediate store & repeat improve