I published the following diary on isc.sans.org: “How are Your Vulnerabilities?“: Scanning assets for known vulnerabilities is a mandatory process in many organisations. This topic comes in the third position of the CIS Top-20. The major issue with a vulnerability scanning process is not on the technical side but more
