Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
System Compliance on a Budget
Search
paulh
June 04, 2012
Technology
0
54
System Compliance on a Budget
AUCTC, Saint Mary's University. 2012
paulh
June 04, 2012
Tweet
Share
More Decks by paulh
See All by paulh
Beginners Guide to OSINT
paulh
1
420
squert – an open source UI for NSM data
paulh
0
65
squert - an open source UI for NSM data
paulh
0
340
Internet Safety
paulh
0
120
Situational Awareness with Open Source Tools
paulh
0
100
Network Security Monitoring with Open Source Tools
paulh
0
190
Other Decks in Technology
See All in Technology
Phase09_自動化_仕組み化
overflowinc
0
1.9k
ThetaOS - A Mythical Machine comes Alive
aslander
0
210
サイボウズ 開発本部採用ピッチ / Cybozu Engineer Recruit
cybozuinsideout
PRO
10
76k
やさしいとこから始めるGitHubリポジトリのセキュリティ
tsubakimoto_s
3
1.9k
Physical AI on AWS リファレンスアーキテクチャ / Physical AI on AWS Reference Architecture
aws_shota
1
170
DDD×仕様駆動で回す高品質開発のプロセス設計
littlehands
6
2.6k
モジュラモノリス導入から4年間の総括:アーキテクチャと組織の相互作用について / Architecture and Organizational Interaction
nazonohito51
8
4.3k
Phase10_組織浸透_データ活用
overflowinc
0
1.8k
AgentCoreとLINEを使った飲食店おすすめアプリを作ってみた
yakumo
2
260
AWS Systems Managerのハイブリッドアクティベーションを使用したガバメントクラウド環境の統合管理
toru_kubota
1
180
SaaSに宿る21g
kanyamaguc
2
180
The essence of decision-making lies in primary data
kaminashi
0
120
Featured
See All Featured
GitHub's CSS Performance
jonrohan
1032
470k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
38
2.8k
Reality Check: Gamification 10 Years Later
codingconduct
0
2.1k
Ethics towards AI in product and experience design
skipperchong
2
240
BBQ
matthewcrist
89
10k
Agile that works and the tools we love
rasmusluckow
331
21k
Product Roadmaps are Hard
iamctodd
PRO
55
12k
Navigating Weather and Climate Data
rabernat
0
150
Lightning Talk: Beautiful Slides for Beginners
inesmontani
PRO
1
490
How to train your dragon (web standard)
notwaldorf
97
6.6k
The Anti-SEO Checklist Checklist. Pubcon Cyber Week
ryanjones
0
100
Unsuck your backbone
ammeep
672
58k
Transcript
None
the question: what is the security posture of our devices?
what we used to try and get the answer: McAfee
ePO Nessus Build something
our Experience
McAfee ePO
problems with McAfee ePO complex inaccuracies cumbersome reports blackbox (customizations,
waiting)
Nessus
problems with Nessus tedious overkill inconsistent results hosts accounted for:
76%
our problems in general timing transient devices deepfreeze
our kick at the can
None
what we collect (currently) antivirus windows updates asset info
None
None
None
None
None
the backend host host antivirus antivirus windows updates windows updates
asset info asset info active directory active directory …? …? …? …? other.. other..
the backend host host antivirus antivirus windows updates windows updates
asset info asset info active directory active directory compliance history compliance history problem frequency problem frequency other.. other.. SHAZAM! SHAZAM!
the script (patch_status.vbs) what it does how it evolved where
it’s headed
what it does deployment scheduled task information gathering transport
how it evolved primarily driven by trial and error a
lot of: “wouldn’t this be neat” what works? what doesn’t? dealing with problems
what it has changed Managed AV Microsoft update Maintenance window
where it’s headed deployment strategy refne/improve installer target other OS’s
where it’s headed additional metrics ids alert data device usage
java version flash version
where it’s headed helpdesk integration automated ticket generation
thoughts?
paulh
overflowinc
aslander
cybozuinsideout
tsubakimoto_s
aws_shota
littlehands
nazonohito51
yakumo
toru_kubota
kanyamaguc
kaminashi
jonrohan
eileencodes
codingconduct
skipperchong
matthewcrist
rasmusluckow
iamctodd
rabernat
inesmontani
notwaldorf
ryanjones
ammeep
