7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
https://7ms.us/
7MS #417: Vulnerability Scanning Tips and Tricks
Today's episode is all about getting the most value out of your vulnerability scans, including:
-
Why, IMHO you should only do credentialed scans
-
Policy tweaks that will keep servers from tipping over and printers from printing novels of gibberish ;-)
-
How to make your scan report more actionable and less unruly
-
Turning up logging to 11 (use with caution!)
-
A small tweak to an external scan policy that can result in the difference between a successful or failed scan
-
The nessusd.rules file is awesome for excluding specific hosts and services from your scans