Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
System Compliance on a Budget
Search
paulh
June 04, 2012
Technology
0
34
System Compliance on a Budget
AUCTC, Saint Mary's University. 2012
paulh
June 04, 2012
Tweet
Share
More Decks by paulh
See All by paulh
Beginners Guide to OSINT
paulh
1
340
squert – an open source UI for NSM data
paulh
0
48
squert - an open source UI for NSM data
paulh
0
200
Internet Safety
paulh
0
100
Situational Awareness with Open Source Tools
paulh
0
95
Network Security Monitoring with Open Source Tools
paulh
0
140
Other Decks in Technology
See All in Technology
非機能品質を作り込むための実践アーキテクチャ
knih
5
1.6k
プロダクト開発を加速させるためのQA文化の築き方 / How to build QA culture to accelerate product development
mii3king
1
280
成果を出しながら成長する、アウトプット駆動のキャッチアップ術 / Output-driven catch-up techniques to grow while producing results
aiandrox
0
380
生成AIをより賢く エンジニアのための RAG入門 - Oracle AI Jam Session #20
kutsushitaneko
4
280
Oracle Cloud Infrastructure:2024年12月度サービス・アップデート
oracle4engineer
PRO
1
230
watsonx.ai Dojo #5 ファインチューニングとInstructLAB
oniak3ibm
PRO
0
190
LINEスキマニにおけるフロントエンド開発
lycorptech_jp
PRO
0
340
alecthomas/kong はいいぞ / kamakura.go#7
fujiwara3
1
300
PHPerのための計算量入門/Complexity101 for PHPer
hanhan1978
5
280
事業貢献を考えるための技術改善の目標設計と改善実績 / Targeted design of technical improvements to consider business contribution and improvement performance
oomatomo
0
140
新機能VPCリソースエンドポイント機能検証から得られた考察
duelist2020jp
0
230
Yahoo! ズバトクにおけるフロントエンド開発
lycorptech_jp
PRO
0
100
Featured
See All Featured
Large-scale JavaScript Application Architecture
addyosmani
510
110k
What's in a price? How to price your products and services
michaelherold
243
12k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
1
100
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
45
2.2k
Learning to Love Humans: Emotional Interface Design
aarron
274
40k
How To Stay Up To Date on Web Technology
chriscoyier
789
250k
Done Done
chrislema
182
16k
Building Your Own Lightsaber
phodgson
103
6.1k
Producing Creativity
orderedlist
PRO
342
39k
Raft: Consensus for Rubyists
vanstee
137
6.7k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
6
520
4 Signs Your Business is Dying
shpigford
182
21k
Transcript
None
the question: what is the security posture of our devices?
what we used to try and get the answer: McAfee
ePO Nessus Build something
our Experience
McAfee ePO
problems with McAfee ePO complex inaccuracies cumbersome reports blackbox (customizations,
waiting)
Nessus
problems with Nessus tedious overkill inconsistent results hosts accounted for:
76%
our problems in general timing transient devices deepfreeze
our kick at the can
None
what we collect (currently) antivirus windows updates asset info
None
None
None
None
None
the backend host host antivirus antivirus windows updates windows updates
asset info asset info active directory active directory …? …? …? …? other.. other..
the backend host host antivirus antivirus windows updates windows updates
asset info asset info active directory active directory compliance history compliance history problem frequency problem frequency other.. other.. SHAZAM! SHAZAM!
the script (patch_status.vbs) what it does how it evolved where
it’s headed
what it does deployment scheduled task information gathering transport
how it evolved primarily driven by trial and error a
lot of: “wouldn’t this be neat” what works? what doesn’t? dealing with problems
what it has changed Managed AV Microsoft update Maintenance window
where it’s headed deployment strategy refne/improve installer target other OS’s
where it’s headed additional metrics ids alert data device usage
java version flash version
where it’s headed helpdesk integration automated ticket generation
thoughts?