1
00:00:15,290 --> 00:00:21,730
In the last lecture, we are an introduction to this vulnerability assessment, in this lecture, we

2
00:00:21,740 --> 00:00:24,680
are going to see different phases of vulnerability assessment.

3
00:00:26,080 --> 00:00:32,950
Vulnerability assessment and scans should be performed on a regular basis, I.T. environments are changing

4
00:00:32,950 --> 00:00:33,530
all the time.

5
00:00:33,820 --> 00:00:42,040
For instance, a software update or a system configuration can change or change in complete new vulnerability.

6
00:00:43,300 --> 00:00:50,290
New threats continue to emerge, so it's essential to identify and address vulnerabilities quickly to

7
00:00:50,290 --> 00:00:58,180
limit cyber security risk when the scanning is only part of a vulnerability assessment of the process.

8
00:00:58,330 --> 00:01:05,890
So that's brain testing can identify different types of threats to I.T. in your organization when testing

9
00:01:05,890 --> 00:01:12,250
complements vulnerability scanning and is useful for determining if they can be acted on and whether

10
00:01:12,250 --> 00:01:15,700
that action will cause damage and data loss or other issues.

11
00:01:16,540 --> 00:01:23,800
So the first phase is initial assessment, phase it, identify the assets and define the risk and critical

12
00:01:23,800 --> 00:01:30,130
value for each device based on the client input, such as security assessment, vulnerability scanning.

13
00:01:30,690 --> 00:01:36,250
It is important to identify at least the importance of the device that you have on your network, or

14
00:01:36,250 --> 00:01:38,170
at least the devices that you will test.

15
00:01:39,310 --> 00:01:45,340
It's also important to understand if the device can be accessed by any member of your company, such

16
00:01:45,340 --> 00:01:49,240
as a public computer, or does administrators and authorized users.

17
00:01:50,230 --> 00:01:56,530
The initial assessment phase is also important to gather information about the systems before the vulnerability

18
00:01:56,530 --> 00:02:00,370
assessment or at least review if the device is open.

19
00:02:00,370 --> 00:02:07,540
Ports, processes and services that shouldn't be open also understand the approved drivers and software

20
00:02:07,690 --> 00:02:12,250
that should be installed on the device and the basic configuration of each new device.

21
00:02:13,300 --> 00:02:19,330
Try to perform a banner grabbing or learn what kind of public information should be accessible based

22
00:02:19,330 --> 00:02:26,830
on the configuration slim like does the device and logs into security information and event management

23
00:02:26,830 --> 00:02:31,270
and same platform are the logs at least stored in a central repository?

24
00:02:31,900 --> 00:02:38,200
Get the public information and vulnerabilities regarding the device platform wasn't vendor and other

25
00:02:38,200 --> 00:02:39,220
relevant details.

26
00:02:40,630 --> 00:02:43,210
Next is to perform vulnerabilities.

27
00:02:43,210 --> 00:02:50,800
Can use the right policy on your scanner to accomplish the desired results prior to starting the vulnerabilities

28
00:02:50,800 --> 00:02:57,460
can look for any compliance requirements based on your company's posture and businesses and then know

29
00:02:57,610 --> 00:02:59,770
the best time and date to perform the scan.

30
00:03:00,680 --> 00:03:06,590
It's important to recognize the climate in this context and determine if the scan can be performed all

31
00:03:06,590 --> 00:03:09,080
at once or if a segmentation is needed.

32
00:03:09,970 --> 00:03:16,310
An important step is to redefine and get the approval of the policy for the vulnerable scan to be performed

33
00:03:17,300 --> 00:03:22,550
for the best results, use related tools and plug ins on the assessment platforms.

34
00:03:24,660 --> 00:03:30,990
In case you need to perform manual scan for critical assets to ensure the best results, be sure to

35
00:03:30,990 --> 00:03:36,890
configure the credentials on the scanner configuration to perform a better and deeper penalty assessment.

36
00:03:37,930 --> 00:03:45,640
The last is the post assessment piece, it includes a risk assessment, a remediation verification and

37
00:03:45,640 --> 00:03:48,910
monitoring and the most important report, creation.

38
00:03:49,450 --> 00:03:55,600
Pay attention to the details and try to add extra value on the recommendations fees to get the real

39
00:03:55,600 --> 00:04:00,640
value from the final report and recommendations based on the initial assessment goals.

40
00:04:01,060 --> 00:04:07,000
Also, add a risk mitigation techniques based on the critical list of the assets and results.

41
00:04:07,690 --> 00:04:13,040
Are findings related to any possible gap between the results and the system baseline definition?

42
00:04:13,870 --> 00:04:17,740
Also at the base, that whole vulnerability can be mitigated.

43
00:04:18,520 --> 00:04:24,310
Findings on the vulnerability assessment are normally very useful and are ordered in a way to ensure

44
00:04:24,310 --> 00:04:29,950
the understanding of the various reports and findings that you have achieved through vulnerability assessment

45
00:04:29,960 --> 00:04:30,310
phase.

46
00:04:30,670 --> 00:04:36,670
The last phase is the post assessment phase will reflect a complete understanding of the security posture

47
00:04:36,820 --> 00:04:39,070
in all the different aspects of the process.

48
00:04:39,640 --> 00:04:45,160
It will also deliver a better outcome for something that in the most cases it does the compliance tool.

49
00:04:46,330 --> 00:04:49,210
There are six types of vulnerability assessment tools.

50
00:04:49,660 --> 00:04:56,530
The first is the host based vulnerability assessment to a host based venerability assessment tool,

51
00:04:56,740 --> 00:05:03,640
finds and identifies the EU's running on a particular host computer and tests it for known deficiencies.

52
00:05:04,300 --> 00:05:07,070
It searches for common applications and services.

53
00:05:07,630 --> 00:05:09,970
The next is the depth assessment tools.

54
00:05:10,510 --> 00:05:14,930
These tools find and identify previously unknown vulnerabilities in the system.

55
00:05:15,790 --> 00:05:18,600
These type of tools include Feather's.

56
00:05:19,730 --> 00:05:27,050
Next is the application that Venerability Assessment Tools Application Larapinta Assessment Tools are

57
00:05:27,050 --> 00:05:30,020
directed towards Web servers or databases.

58
00:05:31,510 --> 00:05:38,110
The scope assessment tools to provide security to the I.T. system by testing for different vulnerabilities

59
00:05:38,110 --> 00:05:40,210
and applications and operating systems.

60
00:05:41,170 --> 00:05:48,160
Active and passive tools, active scanners perform vulnerability checks on the network that consume

61
00:05:48,160 --> 00:05:53,700
resources on the network, passive scanners do not have access to resources considerably.

62
00:05:54,280 --> 00:06:01,810
They only observe the same data and perform data processing on a separate analysis machine, location

63
00:06:01,810 --> 00:06:03,390
and data examine tools.

64
00:06:04,030 --> 00:06:10,600
These are network based scanners Egin with scanners, proxy scanners and plastic scanners.

65
00:06:12,250 --> 00:06:15,430
So characteristics of a good vulnerability assessment tools.

66
00:06:16,420 --> 00:06:18,180
It ensures correct outcomes.

67
00:06:18,310 --> 00:06:26,230
Testing the network, network resources, ports, protocols and operating systems uses well-organized

68
00:06:26,230 --> 00:06:29,920
inference based approach for testing automatically.

69
00:06:29,920 --> 00:06:37,810
Scans against continuously updated databases creates brief, actionable and customizable reports, including

70
00:06:37,810 --> 00:06:40,810
vulnerabilities by severity, level and trend analysis.

71
00:06:41,410 --> 00:06:48,220
Supports various networks how to use the one Raverty assessment tools when their ability assessment

72
00:06:48,220 --> 00:06:51,610
tools are used to test a host application for vulnerabilities.

73
00:06:52,780 --> 00:06:58,840
Tools, the tools that best satisfy the following requirements, like tests from dozens to 3000 different

74
00:06:58,840 --> 00:07:06,460
vulnerabilities, depending on the product, contained several hundred different signatures, match

75
00:07:06,460 --> 00:07:14,110
your involvement and expertise, have a great network application mapping and pen testing, have a number

76
00:07:14,110 --> 00:07:18,280
of regularly updated vulnerably scripts for the platform you're scanning.

77
00:07:18,940 --> 00:07:24,970
It should be able to generate reports and also it should be able to check the different levels of brain

78
00:07:24,970 --> 00:07:26,860
testing to prevent Lokos.

79
00:07:28,080 --> 00:07:32,250
In the next lecture, we will see when rapidly scoring systems.