Home page logo
/

basics logo Security Basics mailing list archives

Re: Vulnerability Scanning - Prioritising Remediation
From: krymson () gmail com
Date: Thu, 22 Sep 2011 14:31:34 GMT

I agree with those who say you should do two scans, one without the IPS in the way and one with the IPS in the way.

For the first one, you know your potential weaknesses, for instance if someone says you can't afford the license for 
your IPS next year, what risk does that open?

The second one helps measure what you really have exposed even with your compensating controls in place.

This is one area where I like to turn off the "Prevention" part of IPS for just the vulnerability scanner addresses, 
but still detect the attacks. But really, both types of scans should be done to some degree.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]