Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
System Compliance on a Budget
Search
paulh
June 04, 2012
Technology
0
41
System Compliance on a Budget
AUCTC, Saint Mary's University. 2012
paulh
June 04, 2012
Tweet
Share
More Decks by paulh
See All by paulh
Beginners Guide to OSINT
paulh
1
410
squert – an open source UI for NSM data
paulh
0
57
squert - an open source UI for NSM data
paulh
0
290
Internet Safety
paulh
0
110
Situational Awareness with Open Source Tools
paulh
0
100
Network Security Monitoring with Open Source Tools
paulh
0
180
Other Decks in Technology
See All in Technology
BirdCLEF+2025 Noir 5位解法紹介
myso
0
200
20250929_QaaS_vol20
mura_shin
0
130
動画データのポテンシャルを引き出す! Databricks と AI活用への奮闘記(現在進行形)
databricksjapan
0
150
GC25 Recap+: Advancing Go Garbage Collection with Green Tea
logica0419
1
430
多様な事業ドメインのクリエイターへ 価値を届けるための営みについて
massyuu
1
390
Shirankedo NOCで見えてきたeduroam/OpenRoaming運用ノウハウと課題 - BAKUCHIKU BANBAN #2
marokiki
0
150
バイブコーディングと継続的デプロイメント
nwiizo
2
440
OCI Network Firewall 概要
oracle4engineer
PRO
1
7.8k
pprof vs runtime/trace (FlightRecorder)
task4233
0
170
定期的な価値提供だけじゃない、スクラムが導くチームの共創化 / 20251004 Naoki Takahashi
shift_evolve
PRO
3
330
社内お問い合わせBotの仕組みと学び
nish01
0
450
研究開発部メンバーの働き⽅ / Sansan R&D Profile
sansan33
PRO
3
20k
Featured
See All Featured
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
7
890
Writing Fast Ruby
sferik
629
62k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
657
61k
Practical Orchestrator
shlominoach
190
11k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4k
Fireside Chat
paigeccino
40
3.7k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
610
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
34
6.1k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.2k
Designing for humans not robots
tammielis
254
26k
Transcript
None
the question: what is the security posture of our devices?
what we used to try and get the answer: McAfee
ePO Nessus Build something
our Experience
McAfee ePO
problems with McAfee ePO complex inaccuracies cumbersome reports blackbox (customizations,
waiting)
Nessus
problems with Nessus tedious overkill inconsistent results hosts accounted for:
76%
our problems in general timing transient devices deepfreeze
our kick at the can
None
what we collect (currently) antivirus windows updates asset info
None
None
None
None
None
the backend host host antivirus antivirus windows updates windows updates
asset info asset info active directory active directory …? …? …? …? other.. other..
the backend host host antivirus antivirus windows updates windows updates
asset info asset info active directory active directory compliance history compliance history problem frequency problem frequency other.. other.. SHAZAM! SHAZAM!
the script (patch_status.vbs) what it does how it evolved where
it’s headed
what it does deployment scheduled task information gathering transport
how it evolved primarily driven by trial and error a
lot of: “wouldn’t this be neat” what works? what doesn’t? dealing with problems
what it has changed Managed AV Microsoft update Maintenance window
where it’s headed deployment strategy refne/improve installer target other OS’s
where it’s headed additional metrics ids alert data device usage
java version flash version
where it’s headed helpdesk integration automated ticket generation
thoughts?