It is common to see patches deployed but remain ineffective as they require to be implemented. This will expose much more information and additional vulnerabilities that cannot otherwise be enumerated, including out-of-date patches for operating systems and installed software, and configuration issues that can creep in over time. To get the most out of any vulnerability assessment, build review or compliance audit, it is best to run authenticated scans against servers and workstations. Unauthenticated scanning only gets you so far, and whilst it will help to identify common problems, often it is the tip of the iceberg in terms of finding vulnerabilities. This two-part article covers some common configuration tips that can help to get the best results from a standalone Nessus installation. Tenable also provide some excellent FAQs on their website, and support is available, so it is always recommended to use these as required. It comes in standalone or cloud-based versions and is a great way to identify issues in an easy-to-use graphical interface. One of the more common scanning tools we use within organisations is Tenable’s Nessus, which is a well-known industry standard vulnerability scanner and management solution. If the authentication is not set correctly, or there are other configuration issues, then you will not get a good scan and potentially miss important findings. These configuration challenges can often occur when doing authenticated scans for compliance checks and build reviews. This is often the case when administrators don’t have time to do more than just scratch the surface, or there are different teams coming up against configuration issues which prevent them getting the results they need. In combination with a good patching policy and change control, it is possible to maintain a minimal attack surface both internally and externally. Quite often we come across companies that have security tools available to them which could prove useful for internal security auditing, but often the tools are under-utilised or misconfigured meaning they don’t get the best out of them. Running regular penetration tests and vulnerability scans will help keep organisations aware of risks and make them more effective at managing them.
0 Comments
Leave a Reply. |