Security Basics mailing list archives
Re: Vulnerability Scanning - Prioritising Remediation
From: J Teddy <jteddylists () gmail com>
Date: Thu, 22 Sep 2011 15:37:58 +1000
For those interested, I have uploaded the draft I am currently working on google docs. https://docs.google.com/document/d/1RN6H3FcW48vgp_JJXkvE4lc635s9SQRsEzJh-V3GZS8/edit?hl=en_US There are a few documents feeding into this, so I hope process comes across clear. My goal is to create a process to prioritise remediation effort, so on our next VA scan if we only have the time and budget to do X amount, we have a repeateable process on what to remediate that any one can use. On Tue, Sep 20, 2011 at 3:37 PM, J Teddy <jteddylists () gmail com> wrote:
I'm currently documenting how to prioritise remediation efforts from my last vulnerability scan. As my assets have all had information risk assessments conducted, I can easily calculate my CVSS score using the CVSS2 calculator. I then started thinking about compensating controls in my network where I could possibly lower the priority of the remediation. For example the SSH vulnerability priority may be lowered as there is a signature for prevention on my IPS. The question I can not answer is if my IPS has prevention for such a signature, and I’m running a vulnerability scan through that IPS, will my IPS block those packets, with the end result being my VA scan does not detect the vulnerability? Thanks.
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Vulnerability Scanning - Prioritising Remediation J Teddy (Sep 20)
- RE: Vulnerability Scanning - Prioritising Remediation Mikhail A. Utin (Sep 20)
- Re: Vulnerability Scanning - Prioritising Remediation Todd Haverkos (Sep 21)
- Re: Vulnerability Scanning - Prioritising Remediation John Morrison (Sep 21)
- Re: Vulnerability Scanning - Prioritising Remediation ted fred (Sep 21)
- RE: Vulnerability Scanning - Prioritising Remediation Dominick Birolin (Sep 22)
- RE: Vulnerability Scanning - Prioritising Remediation Mikhail A. Utin (Sep 21)
- RE: Vulnerability Scanning - Prioritising Remediation Dominick Birolin (Sep 23)
- Re: Vulnerability Scanning - Prioritising Remediation J Teddy (Sep 23)
- Re: Vulnerability Scanning - Prioritising Remediation ted fred (Sep 21)
- Re: Vulnerability Scanning - Prioritising Remediation J Teddy (Sep 23)
- <Possible follow-ups>
- Re: Vulnerability Scanning - Prioritising Remediation krymson (Sep 22)