7MS #417: Vulnerability Scanning Tips and Tricks
7 Minute Security · Brian Johnson
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Today's episode is all about getting the most value out of your vulnerability scans, including:
-
Why, IMHO you should only do credentialed scans
-
Policy tweaks that will keep servers from tipping over and printers from printing novels of gibberish ;-)
-
How to make your scan report more actionable and less unruly
-
Turning up logging to 11 (use with caution!)
-
A small tweak to an external scan policy that can result in the difference between a successful or failed scan
-
The nessusd.rules file is awesome for excluding specific hosts and services from your scans