Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
System Compliance on a Budget
Search
paulh
June 04, 2012
Technology
0
41
System Compliance on a Budget
AUCTC, Saint Mary's University. 2012
paulh
June 04, 2012
Tweet
Share
More Decks by paulh
See All by paulh
Beginners Guide to OSINT
paulh
1
410
squert – an open source UI for NSM data
paulh
0
57
squert - an open source UI for NSM data
paulh
0
300
Internet Safety
paulh
0
110
Situational Awareness with Open Source Tools
paulh
0
100
Network Security Monitoring with Open Source Tools
paulh
0
180
Other Decks in Technology
See All in Technology
SREのキャリアから経営に近づく - Enterprise Risk Managementを基に -
shonansurvivors
0
290
Azure Well-Architected Framework入門
tomokusaba
1
140
可観測性は開発環境から、開発環境にもオブザーバビリティ導入のススメ
layerx
PRO
4
1.8k
JSConf JPのwebsiteをGatsbyからNext.jsに移行した話 - Next.jsの多言語静的サイトと課題
leko
2
190
Amazon Athena で JSON・Parquet・Iceberg のデータを検索し、性能を比較してみた
shigeruoda
1
200
re:Invent 2025の見どころと便利アイテムをご紹介 / Highlights and Useful Items for re:Invent 2025
yuj1osm
0
340
What's new in OpenShift 4.20
redhatlivestreaming
0
370
AI連携の新常識! 話題のMCPをはじめて学ぶ!
makoakiba
0
150
入院医療費算定業務をAIで支援する:包括医療費支払い制度とDPCコーディング (公開版)
hagino3000
0
120
Dify on AWS 環境構築手順
yosse95ai
0
170
仕様駆動開発を実現する上流工程におけるAIエージェント活用
sergicalsix
8
3.9k
AI時代、“平均値”ではいられない
uhyo
8
2.7k
Featured
See All Featured
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
46
2.5k
Rebuilding a faster, lazier Slack
samanthasiow
84
9.2k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
21
1.2k
Java REST API Framework Comparison - PWX 2021
mraible
34
8.9k
How GitHub (no longer) Works
holman
315
140k
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
Building a Modern Day E-commerce SEO Strategy
aleyda
44
7.9k
The Cult of Friendly URLs
andyhume
79
6.6k
Context Engineering - Making Every Token Count
addyosmani
8
310
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.7k
We Have a Design System, Now What?
morganepeng
53
7.8k
Leading Effective Engineering Teams in the AI Era
addyosmani
7
660
Transcript
None
the question: what is the security posture of our devices?
what we used to try and get the answer: McAfee
ePO Nessus Build something
our Experience
McAfee ePO
problems with McAfee ePO complex inaccuracies cumbersome reports blackbox (customizations,
waiting)
Nessus
problems with Nessus tedious overkill inconsistent results hosts accounted for:
76%
our problems in general timing transient devices deepfreeze
our kick at the can
None
what we collect (currently) antivirus windows updates asset info
None
None
None
None
None
the backend host host antivirus antivirus windows updates windows updates
asset info asset info active directory active directory …? …? …? …? other.. other..
the backend host host antivirus antivirus windows updates windows updates
asset info asset info active directory active directory compliance history compliance history problem frequency problem frequency other.. other.. SHAZAM! SHAZAM!
the script (patch_status.vbs) what it does how it evolved where
it’s headed
what it does deployment scheduled task information gathering transport
how it evolved primarily driven by trial and error a
lot of: “wouldn’t this be neat” what works? what doesn’t? dealing with problems
what it has changed Managed AV Microsoft update Maintenance window
where it’s headed deployment strategy refne/improve installer target other OS’s
where it’s headed additional metrics ids alert data device usage
java version flash version
where it’s headed helpdesk integration automated ticket generation
thoughts?