1 00:00:00,060 --> 00:00:00,840 Welcome back, everyone. 2 00:00:00,870 --> 00:00:03,890 This is a new shanghaiing and this is about one scanning. 3 00:00:04,670 --> 00:00:05,150 Wonderful. 4 00:00:05,310 --> 00:00:09,510 I hope you've got the sense of security testing so far. 5 00:00:09,840 --> 00:00:17,610 And this one British scanning station will help you to get to the actual production tools very quickly. 6 00:00:17,890 --> 00:00:18,230 All right. 7 00:00:18,750 --> 00:00:20,070 So let's get started. 8 00:00:20,290 --> 00:00:26,190 What I'm really scanning as we discuss in the last session, it's an it's a way of it's a process, 9 00:00:26,190 --> 00:00:32,960 in fact, finding vulnerabilities against the network web application system as well. 10 00:00:34,050 --> 00:00:39,450 Usually vulnerabilities scanning is a very important process for any organization. 11 00:00:39,450 --> 00:00:41,600 It's about compliance as well. 12 00:00:41,970 --> 00:00:45,700 Security compliance is as well maybe is to be serious. 13 00:00:45,720 --> 00:00:52,530 Assaults in many of the compliances do require that we perform the vulnerability scanning on a routine 14 00:00:52,530 --> 00:00:53,010 basis. 15 00:00:53,260 --> 00:00:58,560 It could be done quarterly, could be done monthly for some organization, for some critical asset. 16 00:00:58,680 --> 00:01:01,440 It might be done on a weekly basis. 17 00:01:01,620 --> 00:01:02,460 Well, right. 18 00:01:02,870 --> 00:01:08,580 And it's usually, as I told you, it's usually performed by automated tools. 19 00:01:08,850 --> 00:01:14,850 And there are many leaders, private, you know, commercial tools which are being used for this. 20 00:01:15,150 --> 00:01:19,730 Some are to it, some are on paroma on prime boots as well. 21 00:01:19,740 --> 00:01:21,990 Some are open source and free tools as well. 22 00:01:22,570 --> 00:01:22,820 Right. 23 00:01:22,840 --> 00:01:26,580 So we can make use of Nessus, which is the commercial tool. 24 00:01:26,820 --> 00:01:29,370 And Maverick is the company of free tools. 25 00:01:29,580 --> 00:01:34,680 Gaullists, which is the commercial has been exposed, which is Bio-Reference seven and Open Vast, 26 00:01:34,680 --> 00:01:41,820 which is by Green Green Born Green Building Organization, which is also called TVM. 27 00:01:41,940 --> 00:01:45,210 And then these are of course, the two rapid seven. 28 00:01:45,210 --> 00:01:53,040 Those is another tool for this inside IBM and both an expose and of inside VM. 29 00:01:53,040 --> 00:01:55,140 It's the same product it does that. 30 00:01:55,140 --> 00:01:56,640 It has got more features to it. 31 00:01:56,790 --> 00:02:02,460 And this is how it looks like you got Nessus walking most of the organization, you know, you would 32 00:02:02,460 --> 00:02:03,850 find a teeny booth. 33 00:02:04,140 --> 00:02:08,370 Nessa's to enable is the organization who says the NSA's system. 34 00:02:09,360 --> 00:02:18,810 Then those open masses, which has been used in many of the European organizations and some of the other 35 00:02:18,810 --> 00:02:25,800 organizations, also make use of koala's, although this is this is heavily a cloud Koestenbaum with 36 00:02:25,800 --> 00:02:32,130 talk about it and will be making use of the but will be extensively be using the Nessa's to Lisboa, 37 00:02:32,430 --> 00:02:40,410 which which is some sort of largest one of really scanning platform, in fact, and will be also covering 38 00:02:40,620 --> 00:02:48,780 and mappers as well, and mappers heavily used by the admins and major leading ethical hacking and you 39 00:02:48,780 --> 00:02:49,860 know, network testing. 40 00:02:50,280 --> 00:02:56,700 But for when when it comes to the Web application, Nessus and expose Squillace, something which is 41 00:02:56,700 --> 00:02:58,480 being, you know, heavily adopted. 42 00:02:58,850 --> 00:02:59,210 All right. 43 00:02:59,220 --> 00:03:02,310 So this is all about vulnerability scanning within the next session. 44 00:03:02,580 --> 00:03:03,000 Thank you.