Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
System Compliance on a Budget
Search
paulh
June 04, 2012
Technology
0
41
System Compliance on a Budget
AUCTC, Saint Mary's University. 2012
paulh
June 04, 2012
Tweet
Share
More Decks by paulh
See All by paulh
Beginners Guide to OSINT
paulh
1
410
squert – an open source UI for NSM data
paulh
0
57
squert - an open source UI for NSM data
paulh
0
300
Internet Safety
paulh
0
110
Situational Awareness with Open Source Tools
paulh
0
100
Network Security Monitoring with Open Source Tools
paulh
0
180
Other Decks in Technology
See All in Technology
仕様駆動開発を実現する上流工程におけるAIエージェント活用
sergicalsix
8
3.7k
RemoteFunctionを使ったコロケーション
mkazutaka
1
140
AIエージェントによる業務効率化への飽くなき挑戦-AWS上の実開発事例から学んだ効果、現実そしてギャップ-
nasuvitz
5
1.4k
SREのキャリアから経営に近づく - Enterprise Risk Managementを基に -
shonansurvivors
0
250
re:Invent 2025の見どころと便利アイテムをご紹介 / Highlights and Useful Items for re:Invent 2025
yuj1osm
0
340
GPUをつかってベクトル検索を扱う手法のお話し~NVIDIA cuVSとCAGRA~
fshuhe
0
220
20251027_findyさん_音声エージェントLT
almondo_event
2
490
Retrospectiveを振り返ろう
nakasho
0
130
Oracle Database@Google Cloud:サービス概要のご紹介
oracle4engineer
PRO
0
390
JAWS UG AI/ML #32 Amazon BedrockモデルのライフサイクルとEOL対応/How Amazon Bedrock Model Lifecycle Works
quiver
1
110
様々なファイルシステム
sat
PRO
0
260
【SORACOM UG Explorer 2025】さらなる10年へ ~ SORACOM MVC 発表
soracom
PRO
0
170
Featured
See All Featured
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
16k
Practical Orchestrator
shlominoach
190
11k
Building Adaptive Systems
keathley
44
2.8k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
10
620
Become a Pro
speakerdeck
PRO
29
5.6k
Being A Developer After 40
akosma
91
590k
A designer walks into a library…
pauljervisheath
209
24k
Code Reviewing Like a Champion
maltzj
526
40k
How to Think Like a Performance Engineer
csswizardry
27
2.1k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
333
22k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
230
22k
Why You Should Never Use an ORM
jnunemaker
PRO
59
9.6k
Transcript
None
the question: what is the security posture of our devices?
what we used to try and get the answer: McAfee
ePO Nessus Build something
our Experience
McAfee ePO
problems with McAfee ePO complex inaccuracies cumbersome reports blackbox (customizations,
waiting)
Nessus
problems with Nessus tedious overkill inconsistent results hosts accounted for:
76%
our problems in general timing transient devices deepfreeze
our kick at the can
None
what we collect (currently) antivirus windows updates asset info
None
None
None
None
None
the backend host host antivirus antivirus windows updates windows updates
asset info asset info active directory active directory …? …? …? …? other.. other..
the backend host host antivirus antivirus windows updates windows updates
asset info asset info active directory active directory compliance history compliance history problem frequency problem frequency other.. other.. SHAZAM! SHAZAM!
the script (patch_status.vbs) what it does how it evolved where
it’s headed
what it does deployment scheduled task information gathering transport
how it evolved primarily driven by trial and error a
lot of: “wouldn’t this be neat” what works? what doesn’t? dealing with problems
what it has changed Managed AV Microsoft update Maintenance window
where it’s headed deployment strategy refne/improve installer target other OS’s
where it’s headed additional metrics ids alert data device usage
java version flash version
where it’s headed helpdesk integration automated ticket generation
thoughts?