Expanding Your VM Program Policy Compliance WAS

Doug Dexter, Audit Team Lead, CISCO

  • Expanding Your VM Program Into Policy... (00:00:00)
  • Leader-Led, but Includes Everyone (00:01:21)
  • Our Organization (00:02:09)
  • CSPO Audit Team (00:03:55)
  • The Growth of Vulnerability Management (00:05:26)
  • Vulnerability Management (00:05:35)
  • Chapter Title (00:07:00)
  • Know Your Network (00:07:19)
  • Qualys Scanner Deployment (00:08:11)
  • A (New) Problem with Size (00:09:37)
  • A Quick Refresher on IPv6, CIDR and Size (00:11:04)
  • We Need to Change How we Scan (00:13:46)
  • Scanning IPv6 (00:16:41)
  • Web Application Scanning (00:17:47)
  • Why Web Application Scanning (External) (00:18:54)
  • Why Web Application Scanning (Internal) (00:20:30)
  • Why Web Application Scanning (Internal) (00:21:01)
  • A[nother] New Problem With Size (00:24:38)
  • Penetration Testing (00:24:45)
  • Penetration Testing (00:25:19)
  • Audit RTP Campus Network (00:25:58)
  • Client Connection Request (00:26:26)
  • Client Connection Exposure (00:27:48)
  • Vulnerability Management (00:28:22)
  • PCI Audit (00:29:33)
  • Qualys PCI (00:30:15)
  • Vulnerability Management - What's Next? (00:31:24)
  • Chapter Title (00:32:06)
  • In Summary (00:21:58)
Expanding Your VM Program Into Policy...