Vulnerability Scanning

HCHTech

HCHTech

Well-Known Member
Reaction score
3,835
Location
Pittsburgh, PA - USA
The other thread on vulnerability scanning makes me think that this would be a good thing to recommend to new clients, or even existing clients as a way of independently identifying weak points in their infrastructure. Without a common system, we're left with interviewing and manually crawling through settings of multiple devices & softwares looking for problems with an ever-growing "watch out for this" list.

There are tons of companies and softwares out there, so I'm wondering if anyone here can share their experience, especially if they have a platform they like. In the SMB world, anything we can use to bolster our recommendations is a good thing, even if the only result is adding to our own to-do list. I think the benefits would be undeniable, and if the price is palatable even better. Like always, contacting vendors first just isn't efficient, so looking for recommendations here is preferable.
 
While there are a plethora of "free vulnerability scanning tools" out there...the thing is, there is an incredible...INCREDIBLE amount of setup, labor, configuration, and lots of time..time...time....in doing the process. It's not something like running a scan of malwarebytes free and looking at the results 15 minutes later. The price of the product you use is a fraction of the total cost of a vuln test...once you factor in the time involved.

Cisa has some good articles to pour through.

Home Page | CISA

www.cisa.gov www.cisa.gov

Subscription based products that have support behind them, like Tenable or NodeWare....you're starting out at a couple of hundred bucks a month for a tool you can walk around to your clients with. We used Nessus on trial for a bit.....back when we were with N-Able.
 
Last edited:
YeOldeStonecat said:
Subscription based products that have support behind them, like Tenable or NodeWare....you're starting out at a couple of hundred bucks a month for a tool you can walk around to your clients with. We used Nessus on trial for a bit.....back when we were with N-Able.
Click to expand...

Yeah, I was hoping for a piece-rate scenario where you'd have a provider-relationship with the vendor, but not be signing up for an on-going subscription - just on-demand analysis that we could resell as a one-time or maybe even once-a-year item. I imagine that's a big ask in today's RMR-focused world. I think the value here is in an analysis being independent - I don't want to be the expert, I want the analysis done by folks that do that job for a living all day every day. Once the analysis is done, we could interpret the results together with the client and they could decide to act or not.
 
I look at it like this. There's 2 parts to a network. WAN and LAN. If you are not serving out anything from the site, www, email, ftp, etc then the WAN pretty much goes away and you're left with LAN. Part of the LAN concerns are internally generated requests, such as clicking on a poisoned link, going to the WAN which then might allow black hats access.

Of course hosting things in Azure, AWS, etc still has concerns for WAN.
 
Network scanning doesn't mean you don't need to do device hardening separately. Some SIEM systems have configuration advisors.
 
HCHTech said:
The other thread on vulnerability scanning makes me think that this would be a good thing to recommend to new clients, or even existing clients as a way of independently identifying weak points in their infrastructure. Without a common system, we're left with interviewing and manually crawling through settings of multiple devices & softwares looking for problems with an ever-growing "watch out for this" list.

There are tons of companies and softwares out there, so I'm wondering if anyone here can share their experience, especially if they have a platform they like. In the SMB world, anything we can use to bolster our recommendations is a good thing, even if the only result is adding to our own to-do list. I think the benefits would be undeniable, and if the price is palatable even better. Like always, contacting vendors first just isn't efficient, so looking for recommendations here is preferable.
Click to expand...
If you want something super basic and simple, check out Action 1. Their software can detect installed apps and list associated vulnerabilities, probably similar to what defender for endpoint can do. Something like that is going to be quick and easy unless you are advertising that you are a cyber security expert and providing an entire on-host detection, complete network vuln scanning and pen testing. We have partnered with others to do stuff like that and for a one-time thing its thousands of dollars. Galactic advisors is a company that tries to offer it as a service, but honestly I wasnt too impressed with their reports.
 
You must log in or register to reply here.

Similar threads

HCHTech
Managing Unifi equipment
Replies
12
Views
2K
Sky-Knight
Sky-Knight
FoolishTech
All techs with d7II will receive d7x update...
Replies
3
Views
3K
FoolishTech
FoolishTech
Slaters Kustum Machines
Kaspersky PM 5.0.0.164 - Software Filter Vulnerability
Replies
1
Views
2K
ArtemusComputerTechnology
ArtemusComputerTechnology
A
Intro to bga reworking services
2
Replies
35
Views
6K
Mercenary Roadie
Mercenary Roadie
16k_zx81
The first 12 months - where I got it wrong
2 3
Replies
51
Views
18K
cvanhoof
cvanhoof
Back
Top