1 Lifecycle Vulnerability Management and Continuous Monitoring with Rapid7 Nexpose SPONSORED BY WhatWorks is a user-to-user program in which security managers who have implemented effective Internet security technologies tell why they deployed it, how it works, how it improves security, what problems they faced and what lessons they learned. Got a story of your own? A product you d like to know about? Let us know.
2 Summary Continuously monitoring and mitigating vulnerabilities is widely accepted as basic security hygiene for any security program that will be successful in avoiding or reducing the impact of breaches. While the value is clear, the obstacles to assessing vulnerabilities more frequently and more accurately have slowed adoption. However, many security leaders have invested in improved processes, more advanced security products and threat-driven prioritization approaches to show immediate and measurable increases in both the effectiveness and the efficiency of their security programs. This case study details the steps a Global Director of IT Security took to do just that. About the User The user interviewed for this case study has requested anonymity to maintain confidentiality, but has allowed us to refer to him as a Global Director of IT Security for a manufacturing company. The program can help our security community at large make more informed decisions by encouraging seasoned professionals from major user organizations to share their stories without revealing the name of the organization.
3 Q Can you tell us a little bit about your background and your role at your Company? A I m the Global Director of IT Security and I report to the CIO. I have been in this role for about four years and have spent the majority of an 18 year career in both infrastructure and security. Today I m responsible for our risk and cyber security program, areas of compliance, and our disaster recovery program. The scope of all of the responsibilities is global. Q Give us an idea of the scope and what business your company is in. A We re a global mid-western-based industrial manufacturer. We have been around for 120 years. Q What sort of problems drove you to look at and evaluate solutions? A When I first moved into the role, we really looked at what was in the marketplace what was expected, how other security programs were being built, developed. Visibility was first and foremost, something that we were lacking in many areas of our security program. We had decided from a priority perspective to look at vulnerability management. We had been patching operating systems for many years, but we weren t sure what our success rate was, what that looked like globally, and beyond just operating system patches, what did that look like for applications, databases, both desktops and server systems. Q What was the baseline you were starting with as far as vulnerability assessment? A We had used some open-source tools and had been able to cobble together some reporting. But, by the time we had any actionable intelligence, it was months out of date. We were looking for something that was more real-time, so when scans run, we wanted reporting to get right to the people who were operationally responsible for those areas to give them some intelligence to be able to execute and act on vulnerabilities in our environment. Q Was there an incident, an audit event, or how did you convince management to fund the project and move forward? A No, no specific incident. We had brought in companies to perform vulnerability assessments and penetration tests, and we really felt like a vulnerability management program, being run internally, was going to provide a significant benefit in risk reduction for our overall company and environment. So, this was looked at by management as something that would not just be cost effective, but a key cornerstone to our security program. Q Did you have PCI exposure that required you to do quarterly compliance? Did you have any other compliance-type drivers related to this? A The company I work for is a publicly-traded company. We do have Sarbanes Oxley (SOX) compliance, and we do have a PCI environment, but it s very small, isolated and segregated. So, we were able to, when that was built, provide all the PCI requirements around that. But, no, this was a much larger task, not just regulations or compliance driving us to move forward and better the environment. Q Can you walk us through the process you followed to find and look for solutions that would work? A We ran a couple of proof of concepts. We had a good idea who the market leaders were in the space and were very impressed with what we d seen from Rapid7, not only from a product perspective, but the partnership that Rapid7, how they engage their customers. We really feel that we re not just getting a product, but when there s something that we need, something that s important to us, that the Rapid7 team listens and is able to assist us. Beyond that, their support has been phenomenal. Q When you set out to look at vulnerability assessment management products, what were some of the critical evaluation criteria you were looking for in the products? A We wanted something that was, first and foremost, low operational impact where it was not going to be cumbersome for the security team or infrastructure team to manage where it was up, and it runs. We can t spend a lot of time managing the application itself. We were also looking for something that the security team wouldn t necessarily own and operate all by itself, something that could be set up, deliver reports into different people s mailboxes; a portal that they could log into, run scans themselves once they were trained up on the application. We wanted different people, different areas of operational responsibility to be able to see what s important to them, whether it s country specific, network specific, regionally specific or even type-of-device specific. Our network team can see our network equipment as opposed to our Intel/Windows team who can see the servers and desktops.
4 Q So, ease of use and operationalizing was important. On the technical constraints side, did you have to look at how much traffic would be put on the network or how many scanners would be required and where they could go? A We did look at architecture of the vulnerability management configuration. What Rapid7 offers are remote scanners that report back to a console, reducing bandwith requirements and business impact. That was something that we invested in as part of our primary investment. So, we had chosen to install some vulnerability scanners around the globe and have a single console on our corporate data center. Q Did you do bake-off of multiple products, or did you do more of an RFP paper evaluation process? A More of a bake-off. We had reviewed what was available in the marketplace: Tenable Nessus, Tenable SecurityCenter, Qualys and Outpost24. We picked a couple of products that we felt would fit our environment and that were considered market leaders. We d brought them in for proof of concepts for a short period of time. We had also sought advice from some security advisors that we use. Q So, obviously, you chose Rapid7. You mentioned the support and the operationalization. Any other factors that they stood on that led you to choose Rapid7? A Yes. The community forum area. It s probably a heavily underutilized offering where people can exchange information about Nexpose or other products from Rapid7. In that forum area, we found a report that someone had built and essentially opened up to the community that provided letter grades. We were trying to see how we can provide meaningful metrics not only to our staff, but to our senior management, our Board of Directors, trying to provide information to them on how well are we doing, and letter grades seemed to be the easiest way. But, most products out there will only provide counts of vulnerabilities and some risk levels, which seemingly are arbitrary numbers. It s hard to get a feeling when you see a score of 100 million or 100,000. We were looking for something that was a little more basic, and this report really provided that. And while the grade itself may be arbitrary, this was really the line in the sand that helped drive engagement in our company. When we had seen one region who was graded as a C or a D and other regions were graded as A s and B s, there seemed to be a lot more engagement and focus on the I would say within 12 months of deployment of the product, we had seen between 65 and 75 percent reduction in vulnerabilities. areas that we re not patching as well who had high counts of vulnerabilities. This was an easy discussion to have with our Board of Directors, with our senior management and our CIO; something that could easily be grasped, questions could be asked: what isn t getting done and why not, and it resulted in a lot of action. We had seen a great reduction in vulnerabilities in the first six months, over 50 percent. I would say within 12 months of deployment of the product, we had seen between 65 and 75 percent reduction in vulnerabilities. Q Can you give us an idea of the scope a rough number of scanners, a rough number of endpoints being scanned? A About 12,000 endpoints around the globe. We have 15 scanners globally to accommodate our scanning schedule. Q are you doing any scanning of cloud-side services or virtual environments, or is it all physical devices? A No, virtual environments. Physical environments, really anything that is IPV4 addressable on our network gets scanned. That includes any devices that remotely access our environment. We aren t doing anything today with any third-party-based cloud services. We are using it in our PCI environment, our hosted environments internally. We are reviewing the cloud scanning service, as we would prefer to use this on our public IP space. Q you said you re at roughly 12,000 endpoints. So, when you made the decision to get Rapid7 product in, how long did it take you to get up to the full capability you re at now? A I think this is very interesting and something that should be a great story about Rapid7 and the Nexpose product. When we looked at this, we talked to other companies about deployment time. We were hearing, From purchase to full deployment, full global deployment for our Company, we had done it under three months. realistically, for a full global deployment, of six to nine months. From purchase to full deployment, full global deployment for our Company, we had done it under three months. We were very surprised and very excited to be able to get it up so fast, and a lot of that had to do with the virtual scanner offering. So, we were able to send scanners to other sites via file transfer, stand them up pretty quickly, and connect them into the console. We had worked with Rapid7 to help configure the environment, and that s not to say that additional tuning and updates haven t happened since, but we were able to get full visibility inside of three months.
5 Q You mentioned using fifteen scanners. Are those all virtual scanners, or is it some mix? A All virtual. Q you started regular vulnerability scanning. Do you scan everything, how frequently do you scan, and how does that work? A We do scan everything. A lot of the focus in the maturing of the program has to do with visibility. So, some focus has been spent on when we can not log into a device, why we cannot. Is this something that we should have credentials for? So, trying to identify those and remediate the things that we cannot identify. So, it really provides the visibility into what the vulnerabilities are on systems that we can t see today. So, there are a lot of improvements along the way and maturing that aspect of the program. Q For production systems, do you have scan windows where you can scan them or no scan times where you can t how do you handle that? A We had initially been scanning everything around the globe about once every two weeks. We have since moved those up to weekly, and in some areas, we re even doing daily scans. Those are sites that are changing drastically, maybe acquisitions or whatever the case, where we re trying to improve the security posture day in and day out and trying to improve those sites. But, we really settled on once a week for about 98 percent of our installed addressable network spaces. We do not differentiate if it s a shop floor type network or a printer or a workstation space. We are always trying to get full visibility. That s how we sold this program. We don t want to turn a blind eye toward any part of our network. This is a real true vulnerability view of how our network is at a given point in time. So, we want as much information as we can get about every single asset that we have the ability to scan. Q Once you start doing the scanning, how do you find the quality of the results from a false negative/false positive kind of rating? A Very good. We ve had a very small number of false positives along the way. Many of those had to do with systems that could not be logged in to. But, once we had the correct credentials installed on those remote systems, we were able to fully see things. So, it may amount to this system looks We were looking to put good actionable intelligence in the hands of our operations teams where they could get these reports and say, this is a list of things for me to do in order to make an impact. like a Windows XP machine with no vulnerabilities in it, but when we really look into it, it might be an industrial control system. We ve probably had also a handful of false positives on the patches themselves or the vulnerabilities themselves. So, Nexpose might say that there is a vulnerability on a certain system when it was a patch that was superseded by another patch. But, again, those have been few and far between. We ve been very happy with the results. Q how about the quality of the information that comes along with the vulnerability as far as aiding in remediation or aiding the operations side into saying, I understand what the problem is and we can figure out how to fix it? How s the quality of the information that comes along? A Very good. There are two key reports that we look at that are delivered to the bulk of our infrastructure and operational teams. Those reports are the top 25 remediation report, which show if you were able to patch these top 25 vulnerabilities it would have this much impact on this many assets in your network. So, it really takes prioritization and provides that to the teams that are responsible in these areas. And then, the other result is in the other assets, and that is the top 10 most vulnerable systems or assets. And again, that can be done by site. So, it can be done by region, by country, by network. We may have a person who s responsible for a specific network or location or region, and this gives them or their teams the prioritization that they need to make a significant impact in vulnerabilities. Q how do you get the information from Nexpose over to the infrastructure and operations team? Are you integrating with a trouble ticket system? Are you providing them reports, and how does that work? A We do two things. Nexpose itself has the ability to generate reports. We do these post scan. So, once the scan is completed or weekly scan has been completed, weekly reports go out to these teams: Here s your new priorities for the week, and they can go and execute. It may be a Top 25 report saying Chrome and Adobe Flash need to be updated. This gives them some prioritization. Once a week, we provide a scoring that goes up to our management that shows how well the teams are executing on their patch management process, how they re able to execute and reduce risk with our vulnerability management program.
6 Q those people who actually do the patching, they re getting those reports, or is the scan output feeding into their trouble ticket system? A They re actually getting the reports via . We have not integrated with any ticketing system, so they get these reports directly. They understand what they re doing with them, easy to read, easy to execute. And again, we were looking to put good actionable intelligence in the hands of our operations teams where they could get these reports and say, this is a list of things for me to do in order to make an impact. Q Last operational question, especially since you said you do it on the shop floor one fear everybody has when they start to do any vulnerability scanning is are they going to knock over any servers, i.e. self-inflicted wounds. Did you run into any problems there? A None directly. I would say that we, like any operationally sensitive team, are going to tread lightly. This isn t something that you re going to turn the key on and just let it run its course. You re going to want to initially schedule these things for, perhaps, late at night or off-production hours to limit the health and safety issues that go along with shop floor networks. There are very few systems that are fragile enough we have chosen not to scan, but that is the rare exception. Q how long have you been operational now? A A little over two years. Q Knowing what you know now after running for two years, are there some things you would have done differently in the beginning or lessons learned you can pass on to people? A This is one of the few programs that we designed, built, implemented, and executed very well. I would say a very small number of things we would do differently. I believe this is a key cornerstone of our security program. I think getting the operations teams involved, setting expectations that this is something that they need to do, providing them with actionable intelligence, being able to get high-level meaningful metrics, not only to the operational teams but management. This product really fit for everything that we were trying to do. Q For the fifteen scanners you re using and the scale you re doing, do you have any idea what sort of staffing it takes to do that? Is it an FTE, a part of an FTE, how does that work? This has really been a hands-off product for us, which is a win/win. We ve seen great advances in both functionality and performance in the feature set because of the partnership that Rapid7 has with its customers. A For us, it s been part of an FTE, and minimal dedicated staffing was definitely one of our requirements. I mentioned we didn t want to spend a lot of time managing this. There are other security products we have that other companies have where it takes a DBA to administer a database. It takes some infrastructure folks or server folks time to manage the operating system or the systems themselves. This has really been a hands-off product for us, which is a win/win. We may spend two to four hours a week doing management of the Nexpose platform and all the underlying architecture, but it s largely been hands off, which is very important for my team, which is very busy doing other things. We would rather be trying to investigate security incidents or trying to improve the overall security and not trying to spend time keeping our scanners and vulnerability management console up and available. Q any future requests or requirements you ve asked Rapid7 you d like to see added to the product? A Yes. I would say there ve been several down the road, and this is where that great partnership that we really feel we have with Rapid7. We feel that we re tied very closely into the product management team, that when we have either ideas or problems or things that we would like to see that may be specific to our environment or may be something that would be beneficial to other customers, as well, they re always willing to listen and put that on the to-do list. Other companies that I ve worked with would allow you to submit feature requests, but Rapid7 does a fantastic job of really taking these, looking at them and rolling them into their product. We ve seen great advances in both functionality and performance in the feature set because of the partnership that Rapid7 has with its customers. Q Since you are in the manufacturing side, were there SCADA devices and industrial control systems/ process control-type of endpoints that you needed them to add or that you found in there that you were surprised that they actually covered? A Yes. There were things in there that we have seen in our asset listing that we were surprised that they had a fingerprint for. Additionally, there were other things that came up that we knew what they were that weren t in there that we ve been able to contact the team and get them added.
7 BOTTOM LINE A Global security manager used Rapid7 s Nexpose product to move to weekly and daily vulnerability scanning which enabled more rapid mitigation, reducing overall risk. The use of virtual scanners eased deployment and the user interface enabled direct use by operations groups, reducing the security staffing time required.
Increasing Vulnerability Management Effectiveness While Reducing Cost WITH WhatWorks is a user-to-user program in which security managers who have implemented effective Internet security technologies tell
Framework for building a vulnerability management lifecycle program http://searchsecurity.techtarget.com/magazinecontent/framework-for-building-avulnerability-management-lifecycle-program August 2011 By
WhatWorks: Blocking Complex Malware Threats at Boston Financial with WhatWorks is a user-to-user program in which security managers who have implemented effective internet security technologies tell why
PCI-DSS Penetration Testing Adam Goslin, Co-Founder High Bit Security May 10, 2011 About High Bit Security High Bit helps companies obtain or maintain their PCI compliance (Level 1 through Level 4 compliance)
Document K23 RESEARCH NOTE CYBER-ARK FOR PRIVILEGED ACCOUNT MANAGEMENT THE BOTTOM LINE Managing privileged accounts requires balancing accessibility and control while ensuring audit capabilities. Cyber-Ark
2BWhite Paper How to Justify Your Security Assessment Budget Building a Business Case For Penetration Testing WHITE PAPER Introduction Penetration testing has been established as a standard security practice
WhatWorks in Log Management EventTracker at San Bernardino County Superior Court WhatWorks is a user-to-user program in which security managers who have implemented effective internet security technologies
What Works in Supply Chain and Partner Security: Using BitSight to Assess and Monitor Third-Party Cybersecurity SPONSORED BY WhatWorks is a user-to-user program in which security managers who have implemented
Information Security and Continuity Management Information Sharing Portal Category: Risk Management Initiatives Contact: Chip Moore, CISO State of North Carolina Office of Information Technology Services
MANAGED SERVICES About Us Iron Cove Solutions is a cloud-computing deployment provider offering industry-leading cloud services to SMB sized businesses. We are cloud consultants assisting in the assessment,
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
Industrial Cyber Security Risk Manager Proactively Monitor, Measure and Manage Cyber Security Risk With Today s Cyber Threats, How Secure is Your Control System? Today, industrial organizations are faced
CASE STUDY NEXON ASIA PACIFIC PAGE 1 Nexon Asia Pacific is a Managed Security Service Provider (MSSP) that delivers infrastructure and software to provide secure connectivity and productivity applications,
Data In The Cloud: Who Owns It, and How Do You Get it Back? Presented by Dave Millier, Soban Bhatti, and Oleg Sotnikov 2013 Sentry Metrics Inc. Agenda Reasons for Cloud Adoption How Did My Data Get There?
Using SQL Monitor at Robbie Baxter 93% of Fortune 100 companies use Red Gate's software Using SQL Monitor at Robbie Baxter Database Administrator Summary Business communications software company has used
Field Audit Report Asigra Hybrid Cloud Backup and Recovery Solutions By Brian Garrett with Tony Palmer May, 2009 Field Audit: Asigra Hybrid Cloud Backup and Recovery Solutions 2 Contents Introduction...
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
Five Tips to Ensure Data Loss Prevention Success A DLP Experts White Paper January, 2013 Author s Note The content of this white paper was developed independently of any vendor sponsors and is the sole
Response to Questions CML 15-018 Managed Information Security 1. What are the most critical aspects that need to be provided for this RFP, in light of the comment that multiple awards might be provided?
White Paper What is Penetration Testing? An Introduction for IT Managers What Is Penetration Testing? Penetration testing is the process of identifying security gaps in your IT infrastructure by mimicking
How to build a security assessment program Dan Boucaut Agenda 1 Problem statement 2 Business case 3 How to avoid creating more problems Problem statement Security assessments are hard, costly and may take
It s Time to Outsource the Dirty Work Top 5 reasons to choose Agio Remote Monitoring & Management over an internal solution Superior Managed IT & Security Services Agio Remote Monitoring & Management 1.
Careers Audio Transcription Carolyn Roberts with Sally Harrison I m talking to Sally Harrison now. Sally graduated from this College, as it was then, in 1984 with a Degree in Geography and Geology, but
The Software Developers Guide to Making Your Program Work With Microsoft App-V Tim Mangan TMurgent Technologies, LLP January, 2016 Introduction When you sell your software into a company, especially the
DATA SHEET Extreme Networks Security Analytics G2 Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution HIGHLIGHTS Help prevent security breaches by discovering
Whitepaper Security Best Practices for Evaluating Google Apps Marketplace Applications At a Glance Intended Audience: Security Officers CIOs of large enterprises evaluating Google Apps Marketplace applications
It s not a matter of if but when Actionable Threat Intelligence, Accelerated Response Rapid Advanced Detection and Response (RADAR), is a managed information security service, offering comprehensive security
Security Controls What Works Southside Virginia Community College: Security Awareness Session Overview Identification of Information Security Drivers Identification of Regulations and Acts Introduction
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
s Ask a Broadband Expert Series: The Advantages of Network Virtualization An Interview with Peter Olivia, Director of Systems Engineering ZCorum 1.800.909.9441 4501 North Point Parkway, Suite 125 Alpharetta,
IT Best Practices Series Cloud Computing Safe Harbor or Wild West? With IT expenditures coming under increasing scrutiny, the cloud is being sold as an oasis of practical solutions. It s true that many
Prevent cyber attacks. SEE what you are missing. See Your Network MAPS. Prevent cyber attacks. [RedSeal] is meeting our expectations and is playing an integral role as it feeds right into our overall risk
An AppDynamics Business White Paper HOW MUCH REVENUE DOES IT GENERATE? Why Alerts Suck and Monitoring Solutions need to become Smarter I have yet to meet anyone in Dev or Ops who likes alerts. I ve also
DECEMBER 2013 Desktop Support Technology Written by Michael Hanson Data analysis by Jenny Rains Looking back on how desktop support has evolved, it s interesting to see how tools have changed. Many years
White Paper Healthcare Security: Improving Network Defenses While Serving Patients What You Will Learn Safeguarding the privacy of patient information is critical for healthcare providers. However, Cisco
Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture
Nessus Exploit Integration v2 Tenable Network Security has committed to providing context around vulnerabilities, and correlating them to other sources, such as available exploits. We currently pull information
OCCS Procedure Title: Vulnerability Scanning and Management Procedure Reference Number: 9.4.2 Last updated: September 6, 2011 Purpose The purpose of this procedure is to define the management and controls
Presenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod and Ashraf Abu Sharekh January 2013 Outline Genesis - why we built it, where and when did the idea begin Issues
Accelerating Software Security With HP Rob Roy Federal CTO HP Software If we were in a cyberwar today, the United States would lose. Mike McConnell Former DNI, NSA. Head of Booz Allen Hamilton National
Nine Considerations When Choosing a Managed Hosting Provider Selecting the right managed hosting provider for your business is a critical part of your success. This white paper provides a roadmap for companies
Data- Centric Enterprise Approach to Risk Management Gregory G. Jackson, Sr. Cyber Analyst Cyber Engineering Division Dynetics Inc. May 2012 (Updated) About the Author Gregory G. Jackson is a senior cyber
IT INFRASTRUCTURE MANAGEMENT SERVICE ADDING POWER TO YOUR NETWORKS IT INFRASTRUCTURE MANAGEMENT SERVICES Nortech Remote management IT security Services provide around clock remote Management, real time
Sample Internal Procedures and Policy Guidelines February 2015 Document Control Title: Document Control Number: 1.0.0 Initial Release: Last Updated: February 2015, Manager IT Security February 2015, Director
Develop an intelligent disaster recovery solution with cloud technologies IBM experts share their insight on how cloud technologies can help restore IT operations more quickly, reliably and cost-effectively
DOWNTIME BREACHES DATA LOSS. SYMANTEC TECHNICAL SERVICES HELP YOU AVOID THEM. Symantec Technical Services 2015 Symantec Corporation. All rights reserved. Go ahead, you ve got There s More to Protect By
Prevent cyber attacks. SEE what you are missing. See Your Network MAP. Prevent Cyber Attacks. Driven by the need to support evolving business objectives, enterprise IT infrastructures have grown increasingly
Sorting out SIEM strategy Five step guide to full security information visibility and controlled threat management This guide will show you how a properly implemented and managed SIEM solution can solve
1 2 This slide shows the areas where TCG is developing standards. Each image corresponds to a TCG work group. In order to understand Trusted Network Connect, it s best to look at it in context with the
FY 2007 E GOVERNMENT ACT REPORT FINAL SEPTEMBER 2007 1. AGENCY SPECIFIC E GOVERNMENT INITIATIVE: USAID S VULNERABILITY MANAGEMENT PROGRAM CISO SECURITY OBJECTIVE AND VISION The U.S. Agency for International
Non-intrusive, authenticated scanning for OT & IT environments The situation: convenience vs. security Interconnectivity between organizations and corporate networks, the internet and the cloud and thus
Accountability for a data breach /operational-risk-and-regulation/feature/2275384/accountability-for-a-data-breach 17 Jun 2013, Jessica Meek, Operational Risk & Regulation In March 2013 the US Senate Select
Leveraging Your Tools for Better Compliance Using People, Process, and Technology to Measure Compliance Agenda Why are we doing it? Current Sources of Information (People, Process, Technology) Limitation
Outcome Based Security Monitoring in a Continuous Monitoring World December 2012 Ron Gula Chief Executive Officer / Chief Technology Officer White Paper Copyright 2002-2012 Tenable Network Security, Inc.
NIST CYBERSECURITY FRAMEWORK COMPLIANCE WITH OBSERVEIT OVERVIEW The National Institute of Standards of Technology Framework for Improving Critical Infrastructure Cybersecurity (The NIST Framework) is a
Tenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments Introduction Server virtualization and private cloud services offer compelling benefits, including hardware consolidation,
Executive Summary The case for cloud computing is becoming more clear. Cloud computing has been a hot topic lately, and for good reason. With it, companies can gain potential competitive advantages that
WhatWorks in Detecting and Blocking Advanced Threats: A Real Case Study at a Large Research Organization with WhatWorks is a user-to-user program in which security managers who have implemented effective
: Designing a Continuous Response Architecture 5 Steps For Windows Server 2003 End of Life Success FAST FACTS Over 10 Million Windows Server 2003 Devices Still In Use Less Than 250 Days To Windows Server
Dr. William Haver Lakeside Medical Clinic Busy, high-volume clinic streamlines care delivery with the EMR Saskatoon, Saskatchewan WWW.STUARTKASDORF.COM A family physician in Saskatoon, Dr. William Haver
Stories From the Front Lines: Deploying an Enterprise Code Scanning Program Adam Bixby Manager Gotham Digital Science 10/28/2010 YOUR LOGO HERE Introduction Adam Bixby, CISSP, MS o Manager at Gotham Digital
UP L04 Introduction to 3 rd Party Patching Using the 4A Model Hands-On Lab Description The objective of this course is to introduce students to the various concepts of 3rd party patching. Students will
ISO 27002 Compliance Guide September 2015 Contents Compliance Guide 01 02 03 Introduction 1 Detailed Controls Mapping 2 About Rapid7 7 01 INTRODUCTION If you re looking for a comprehensive, global framework
Nessus Perimeter Service User Guide (HTML5 Interface) March 18, 2014 (Revision 9) Table of Contents Introduction... 3 Nessus Perimeter Service... 3 Subscription and Activation... 3 Multi Scanner Support...
7 Myths of Direct Mailing Think all your mail is delivered equally? Think again. Direct mail has the highest response rate and some of the best return on investment numbers of any marketing channel available
Course 20696B: Managing Enterprise Devices and Apps using System Center Configuration Manager Course Details Course Outline Module 1: Managing Desktops and Devices in the Enterprise This module explains
Intro to QualysGuard IT Risk & Asset Management Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe A Unified and Continuous View of ICT Security, Risks and Compliance
See all, manage all is the new mantra at the corporate workplace today. 1) Do you want to schedule backups, software updates using just one consistent automation platform? 2) Do you want a product that
SORTING OUT YOUR SIEM STRATEGY: FIVE-STEP GUIDE TO TO FULL SECURITY INFORMATION VISIBILITY AND CONTROLLED THREAT MANAGEMENT INTRODUCTION It s your business to know what is happening on your network. Visibility
The Beginner s Guide to CRM Customer relationship management can sound intimidating to small- and mid-sized businesses. After all, if your company only has a handful of customers, why do you need a dedicated
McAfee Database Security Dan Sarel, VP Database Security Products Agenda Databases why are they so frail and why most customers Do very little about it? Databases more about the security problem Introducing
1 Penetration Testing NTS330 Unit 1 Penetration V1.0 February 20, 2011 Juan Ortega Juan Ortega, firstname.lastname@example.org 1 Juan Ortega, email@example.com 2 Document Properties Title Version V1.0 Author Pen-testers
Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure Introduction Tenable Network Security is the first and only solution to offer security visibility, Azure cloud environment auditing, system
Statement of Danny Harris, Ph.D. Chief Information Officer U.S. Department of Education Before the U.S. House Oversight and Government Reform Committee Hearing on Agency Compliance with the Federal Information
The Seven Deadly Myths of Software Security Busting the Myths With the reality of software security vulnerabilities coming into sharp focus over the past few years, businesses are wrestling with the additional
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
White Paper The Dynamic Nature of Virtualization Security The need for real-time vulnerability management and risk assessment Introduction Virtualization is radically shifting how enterprises deploy, deliver,