Objective
Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, remediate, and minimize the window of opportunity for attackers.
Source: Critical Security Controls
I’m running vulnerability scans for a number of customers on a daily basis against many different platforms, operating systems, middleware and (web)applications:
- Cloud: Azure and AWS
- Network devices: Cisco, Juniper, BlueCoat, HP, F5s etc.
- Virtualisation platforms: WMware and Hyper-V
- Operating Systems: Apple Mac OS X, Linux and Windows
- Databases: DB2, MySQL, MS SQL, Mongodb and Oracle.
- Middleware: WebSphere and Tibco
- Applications/Frameworks: IIS, Java, Apache, Tomcat, Lotus etc.
I offer this service with Tenable Nessus and custom scripts and reporting tools.
The scripts are used to:
- Identify targets for vulnerability scanning.
- Query CMDB, Active Directory or Vcenter, Discovery scans
- Schedule and run scans
- Parsing the scan result
I provide custom reports tailored to the customer needs to streamline the patch management proces and inform Asset Owners and Risk Management.
References:
Critical Security Control #4: Continuous Vulnerability Assessment and Remediation
Whitepaper Patchmanagement – NCSC
