I published the following diary on isc.sans.org: “How are Your Vulnerabilities?“:
Scanning assets for known vulnerabilities is a mandatory process in many organisations. This topic comes in the third position of the CIS Top-20. The major issue with a vulnerability scanning process is not on the technical side but more on the process side. Indeed, the selection of the tool and its deployment is not very complicated (well, in not too complex environments, to be honest): Buy a solution or build a solution based on free tools, define the scope, schedule the scan and it’s done… [Read more]
One comment