Vulnerability Scan Engine Congfiguration and Maintenance?

Networking/Security Forums -> General Security Discussion

Author: KingoftheAges PostPosted: Wed Nov 08, 2006 6:53 pm    Post subject: Vulnerability Scan Engine Congfiguration and Maintenance?
    ----
Recently I've intherited scanning responsbilities for a large multinational corporation. These scans will be used in conjunction with the risk assessment team so this isn't really about risk managment moreso about configuration and care of the scan engine.

I've been tasked with developing a overall strategy for scanning and am seeking advice from other security professionals about general concepts and ideas. For example:

1.Scan in one large swath or break each business unit down?

2.Whats your process for identifying if new vulnerabilites should be included in your scan?

3.Credentialed scans versus noncredentialed scans? Not all of our workstations and servers have the same admin credentials resulting in inaccurate results.

4.Process for developing and testing new scan signatures?

Any input would be greatly appreciated or even a point in the direction of guidance. Thanks in advance!

Author: SifuMikeLocation: Vancouver (not BC) WA (not DC) PostPosted: Tue Nov 09, 2010 7:09 pm    Post subject:
    ----
Sounds like we're being asked to do someone's homework here.



Networking/Security Forums -> General Security Discussion


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group