Network Visualization and Vulnerability Detection
Network Visualization and Vulnerability Detection - The proliferation of internet-connected devices has resulted in increased interconnectivity, which has, in turn, led to more security breaches and compromises. The SANS top 20 security controls have identified Inventory of Devices and Software as the top two controls. Secure configurations of hardware/software, along with continuous vulnerability assessment, come in as controls number 3 and 4. As security professionals, we have an ethical obligation to understand our environment to gain full visibility into the potential attack surface, as well as the consequences of successfully exploited vulnerabilities.
Regular asset discovery and vulnerability scanning are crucial to identify and address potential security weaknesses, thereby reducing the risk of system compromises. The following paper provides the research and evaluation of various vulnerability detection tools, comparing and contrasting their value, accuracy and return on investment. The paper primarily focuses on providing guidance for vendor selection and potential investment.
| network_visualization_and_vulnerability_detection_-_trade_study.docx |
Reflection
My experience in vulnerability management has helped me with the Network Visualization and Vulnerability Detection course. I understand the importance of having a continuous vulnerability management program for any company. On average, 19 new vulnerabilities are reported daily. Without regular scanning, the chances of being exploited increases. Systems or technology may have inherent security weaknesses, which require continuous assessments to uncover those risks. If not identified and addressed appropriately, these risks can be exploited. Organizations may fail to apply security patches, leaving their systems vulnerable to attacks. The Network Visualization and Vulnerability Detection course emphasized the need for a robust discovery and assessment program.
I have gained advanced knowledge about various security vendor platforms through this course. These platforms can be used to successfully enumerate assets on the network and identify vulnerabilities and misconfigurations. Given the sensitive nature of security breaches, it is important for team members to have strong ethics and keep vulnerable data confidential. I particularly enjoyed the Trade Study exercise, which involved comparing technical capabilities and financial investment costs associated with the selection of a vendor. This exercise will help me advance my career by assisting decision makers with evaluations.
References:
OpenVAS (n.d.) Open Vulnerability Assessment Scanner. Retrieved from https://www.openvas.org/
Wireshark (n.d.) Download Wireshark. Retrieved from https://wireshark.org/download.html
Rapid7 (n.d.) Metasploitable 2 Exploitability Guide. Retrieved from
https://docs.rapid7.com/metasploit/metasploitable-2-exploitability-guide
Tenable (n.d.) Nessus Essentials. Retrieved from
https://www.tenable.com/products/nessus/nessus-essentials
