Vulnerability management tools include discovery processes that help organizations identify the systems and devices on their network that should be scanned. In this video, learn how policy, legal, regulatory, and security requirements drive the identification of scanning targets.
- [Instructor] When you're getting … a vulnerability management program under way, … one of your very first steps is to develop … the requirements for that program. … You've thought through whether the program … was based on a general desire to improve security, … a response to regulatory requirements, … or a reaction to the corporate policy. … Once you've done that, … you're next step is to turn those general requirements … into a list of specific systems and networks … that you want to scan. … In order to create this list, … you need to have an asset inventory that you can trust. … If your organization practices … good asset management already, … you may find that you already have this inventory ready … to draw into your vulnerability management program. … You might find … that your organization's configuration management tools … already have a complete inventory … of systems and devices on your network. … And, in the best case, … that the inventory is kept up to date … with information from regular network scans. …
Author
Mike Chapple
Updated
10/3/2019Released
3/8/2019- Setting up Nessus on Linux and Windows
- Identifying scan targets and frequency
- Configuring vulnerability scans
- Reporting scan results
- Overcoming barriers to vulnerability remediation
Skill Level Intermediate
Duration
Views
-
Introduction
-
1. Setting Up Nessus
-
Nessus editions1m 32s
-
-
2. Creating a Vulnerability Management Program
-
Identify scan targets5m 50s
-
Scan frequency5m 7s
-
3. Configuring and Executing Vulnerability Scans
-
Scan configuration6m 16s
-
Scan perspective5m 3s
-
Scanner maintenance3m 19s
-
Vulnerability Scanning Tools1m 37s
-
-
4. Remediating Vulnerabilities
-
Report scan results4m 43s
-
Prioritize remediation3m 46s
-
-
5. Analyzing Scan Results
-
SCAP2m 34s
-
CVSS2m 48s
-
Interpreting CVSS scores3m 22s
-
Analyzing scan reports3m 59s
-
Correlating scan results2m 33s
-
-
6. Common Vulnerabilities
-
Server vulnerabilities5m 18s
-
Endpoint vulnerabilities1m 44s
-
Network vulnerabilities4m 29s
-
Industrial control systems4m 36s
-
Preventing SQL injection5m 29s
-
-
Conclusion
-
Next steps30s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Identify scan targets