Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
System Compliance on a Budget
Search
paulh
June 04, 2012
Technology
0
41
System Compliance on a Budget
AUCTC, Saint Mary's University. 2012
paulh
June 04, 2012
Tweet
Share
More Decks by paulh
See All by paulh
Beginners Guide to OSINT
paulh
1
410
squert – an open source UI for NSM data
paulh
0
57
squert - an open source UI for NSM data
paulh
0
290
Internet Safety
paulh
0
110
Situational Awareness with Open Source Tools
paulh
0
100
Network Security Monitoring with Open Source Tools
paulh
0
180
Other Decks in Technology
See All in Technology
BPaaSにおける人と協働する前提のAIエージェント-AWS登壇資料
kentarofujii
0
130
なぜスクラムはこうなったのか?歴史が教えてくれたこと/Shall we explore the roots of Scrum
sanogemaru
5
1.6k
品質視点から考える組織デザイン/Organizational Design from Quality
mii3king
0
200
AIエージェント開発用SDKとローカルLLMをLINE Botと組み合わせてみた / LINEを使ったLT大会 #14
you
PRO
0
100
「どこから読む?」コードとカルチャーに最速で馴染むための実践ガイド
zozotech
PRO
0
290
バッチ処理で悩むバックエンドエンジニアに捧げるAWS Glue入門
diggymo
3
200
JTCにおける内製×スクラム開発への挑戦〜内製化率95%達成の舞台裏/JTC's challenge of in-house development with Scrum
aeonpeople
0
210
Firestore → Spanner 移行 を成功させた段階的移行プロセス
athug
1
450
CDK CLIで使ってたあの機能、CDK Toolkit Libraryではどうやるの?
smt7174
4
130
20250910_障害注入から効率的復旧へ_カオスエンジニアリング_生成AIで考えるAWS障害対応.pdf
sh_fk2
3
240
Generative AI Japan 第一回生成AI実践研究会「AI駆動開発の現在地──ブレイクスルーの鍵を握るのはデータ領域」
shisyu_gaku
0
150
LLMを搭載したプロダクトの品質保証の模索と学び
qa
0
1k
Featured
See All Featured
[RailsConf 2023] Rails as a piece of cake
palkan
57
5.8k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
188
55k
Practical Orchestrator
shlominoach
190
11k
jQuery: Nuts, Bolts and Bling
dougneiner
64
7.9k
Git: the NoSQL Database
bkeepers
PRO
431
66k
Making the Leap to Tech Lead
cromwellryan
135
9.5k
Context Engineering - Making Every Token Count
addyosmani
1
37
GraphQLとの向き合い方2022年版
quramy
49
14k
Visualization
eitanlees
148
16k
Done Done
chrislema
185
16k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
46
7.6k
Unsuck your backbone
ammeep
671
58k
Transcript
None
the question: what is the security posture of our devices?
what we used to try and get the answer: McAfee
ePO Nessus Build something
our Experience
McAfee ePO
problems with McAfee ePO complex inaccuracies cumbersome reports blackbox (customizations,
waiting)
Nessus
problems with Nessus tedious overkill inconsistent results hosts accounted for:
76%
our problems in general timing transient devices deepfreeze
our kick at the can
None
what we collect (currently) antivirus windows updates asset info
None
None
None
None
None
the backend host host antivirus antivirus windows updates windows updates
asset info asset info active directory active directory …? …? …? …? other.. other..
the backend host host antivirus antivirus windows updates windows updates
asset info asset info active directory active directory compliance history compliance history problem frequency problem frequency other.. other.. SHAZAM! SHAZAM!
the script (patch_status.vbs) what it does how it evolved where
it’s headed
what it does deployment scheduled task information gathering transport
how it evolved primarily driven by trial and error a
lot of: “wouldn’t this be neat” what works? what doesn’t? dealing with problems
what it has changed Managed AV Microsoft update Maintenance window
where it’s headed deployment strategy refne/improve installer target other OS’s
where it’s headed additional metrics ids alert data device usage
java version flash version
where it’s headed helpdesk integration automated ticket generation
thoughts?
paulh
kentarofujii
sanogemaru
mii3king
you
zozotech
diggymo
aeonpeople
athug
smt7174
sh_fk2
shisyu_gaku
qa
palkan
soudai
shlominoach
dougneiner
bkeepers
cromwellryan
addyosmani
quramy
eitanlees
chrislema
eileencodes
ammeep
