Re: Vulnerability Scanning - Prioritising Remediation

[J Teddy <jteddylists () gmail com>]

This is an extract from Qualys in regards to cloud scanning for PCI compliance.

Per the PCI Council's Program Guide, it is your responsibility to
confirm that the PCI network scan of your entire in-scope
infrastructure can be performed without interference from intrusion
detection systems (IDSs) and intrusion prevention systems (IPSs).

On Wed, Sep 21, 2011 at 6:20 PM, John Morrison
<john.morrison101 () gmail com> wrote:
> If you have an IPS as part of your security system should you not scan
> with it switched on? It is one of your controls. If you run a VA scan
> without the IPS won't you get incorrect results?
>
> What do other subscribers to this list do?
>
> Regards
>
>
>
>
> John
>
> On 20 September 2011 06:37, J Teddy <jteddylists () gmail com> wrote:
> > I'm currently documenting how to prioritise remediation efforts from
> > my last vulnerability scan.  As my assets have all had information
> > risk assessments conducted, I can easily calculate my CVSS score using
> > the CVSS2 calculator.
> >
> > I then started thinking about compensating controls in my network
> > where I could possibly lower the priority of the remediation.  For
> > example the SSH vulnerability priority may be lowered as there is a
> > signature for prevention on my IPS.
> >
> > The question I can not answer is if my IPS has prevention for such a
> > signature, and I’m running a vulnerability scan through that IPS, will
> > my IPS block those packets, with the end result being my VA scan does
> > not detect the vulnerability?
> >
> > Thanks.
> >
> > ------------------------------------------------------------------------
> > Securing Apache Web Server with thawte Digital Certificate
> > In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> > how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> > purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> > set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> > certificates.
> >
> > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> > ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------