Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
System Compliance on a Budget
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
paulh
June 04, 2012
Technology
59
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
System Compliance on a Budget
AUCTC, Saint Mary's University. 2012
paulh
June 04, 2012
More Decks by paulh
See All by paulh
Beginners Guide to OSINT
paulh
1
440
squert – an open source UI for NSM data
paulh
0
70
squert - an open source UI for NSM data
paulh
0
370
Internet Safety
paulh
0
140
Situational Awareness with Open Source Tools
paulh
0
120
Network Security Monitoring with Open Source Tools
paulh
0
200
Other Decks in Technology
See All in Technology
AWS Summit の片隅で、体育座りしながらコミュニティがにぎわう理由を考えた
k_adachi_01
2
360
プライバシー保護の理論と実践
lycorptech_jp
PRO
1
250
地域 SRE コミュニティ最前線 / SRE NEXT 2026 Discussion Night Track C
muziyoshiz
0
150
どうして今サーバーサイドKotlinを選択したのか
nealle
0
210
しぶいSRE: サーバから見えない障害にどう向き合うか。ラストワンマイルのデバッグ実践 / Shibui SRE
kanny
12
4.9k
「ちゃんとやっている」は独りよがりだった ― 不安に寄り添うインシデント対応へ / Towards incident response that addresses anxieties
chmikata
1
3.6k
ZOZOTOWNの進化と信頼性を両立する負荷試験
zozotech
PRO
0
140
Claude Codeとハーネスについて考えてみる
oikon48
18
8.7k
はじめてのWDM
miyukichi_ospf
1
120
美しいコードを書くためにF#を学んでみた話
yud0uhu
1
330
Road to SRE NEXTの今までとこれから
hiroyaonoe
0
210
Empower GenAI with Agile - あなたのアジャイルが生成AIのバフになる仕組み
hageyahhoo
1
130
Featured
See All Featured
The innovator’s Mindset - Leading Through an Era of Exponential Change - McGill University 2025
jdejongh
PRO
1
220
Rails Girls Zürich Keynote
gr2m
96
14k
Learning to Love Humans: Emotional Interface Design
aarron
275
41k
Digital Projects Gone Horribly Wrong (And the UX Pros Who Still Save the Day) - Dean Schuster
uxyall
1
1.9k
A Tale of Four Properties
chriscoyier
163
24k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
Public Speaking Without Barfing On Your Shoes - THAT 2023
reverentgeek
1
450
Sam Torres - BigQuery for SEOs
techseoconnect
PRO
0
300
Writing Fast Ruby
sferik
630
63k
Applied NLP in the Age of Generative AI
inesmontani
PRO
4
2.4k
Designing for Timeless Needs
cassininazir
1
270
The Pragmatic Product Professional
lauravandoore
37
7.4k
Transcript
None
the question: what is the security posture of our devices?
what we used to try and get the answer: McAfee
ePO Nessus Build something
our Experience
McAfee ePO
problems with McAfee ePO complex inaccuracies cumbersome reports blackbox (customizations,
waiting)
Nessus
problems with Nessus tedious overkill inconsistent results hosts accounted for:
76%
our problems in general timing transient devices deepfreeze
our kick at the can
None
what we collect (currently) antivirus windows updates asset info
None
None
None
None
None
the backend host host antivirus antivirus windows updates windows updates
asset info asset info active directory active directory …? …? …? …? other.. other..
the backend host host antivirus antivirus windows updates windows updates
asset info asset info active directory active directory compliance history compliance history problem frequency problem frequency other.. other.. SHAZAM! SHAZAM!
the script (patch_status.vbs) what it does how it evolved where
it’s headed
what it does deployment scheduled task information gathering transport
how it evolved primarily driven by trial and error a
lot of: “wouldn’t this be neat” what works? what doesn’t? dealing with problems
what it has changed Managed AV Microsoft update Maintenance window
where it’s headed deployment strategy refne/improve installer target other OS’s
where it’s headed additional metrics ids alert data device usage
java version flash version
where it’s headed helpdesk integration automated ticket generation
thoughts?