Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, remediate, and minimize the window of opportunity for attackers.
Source: Critical Security Controls

I’m running vulnerability scans for a number of customers on a daily basis against many different platforms, operating systems, middleware and (web)applications:

  • Cloud: Azure and AWS
  • Network devices: Cisco, Juniper, BlueCoat, HP, F5s etc.
  • Virtualisation platforms: WMware and Hyper-V
  • Operating Systems: Apple Mac OS X, Linux and Windows
  • Databases: DB2, MySQL, MS SQL, Mongodb and Oracle.
  • Middleware: WebSphere and Tibco
  • Applications/Frameworks: IIS, Java, Apache, Tomcat, Lotus etc.

I offer this service with Tenable Nessus and custom scripts and reporting tools.

The scripts are used to:

  • Identify targets for vulnerability scanning.
    • Query CMDB, Active Directory or Vcenter, Discovery scans
  • Schedule and run scans
  • Parsing the scan result

I provide custom reports tailored to the customer needs to streamline the patch management proces and inform Asset Owners and Risk Management.


Critical Security Control #4: Continuous Vulnerability Assessment and Remediation
Whitepaper Patchmanagement – NCSC