Qualys Security Conference Virtual 2018. New Agents, Patch Management and Free Services. Today I attended a very interesting online event – Qualys Security Conference Virtual 2018. It consisted of 11 webinars, began at 18:00 and will end at 03:45 Moscow time. Not the most convenient timing for Russia, but it was worth it. 🙂
Last time I was at offline QSC event in 2016, so for me it was especially interesting to learn about the new features of Qualys platform.
ZeroNights 2017: back to the cyber 80s. Last Friday, 17th of November, I attended the ZeroNights 2017 conference in Moscow. And it was pretty awesome. Thanks to the organizers! Here I would like to share some of my impressions.
First of all, I want to say that two main Moscow events for information security practitioners, PHDays and ZeroNights, provide an excellent opportunity to meet all of the colleagues at once and to synchronize current views on important information security issues, including, of course, Vulnerability Management, the most relevant for me. My opinion is that this year’s behind-the-scene conversations were especially good. And this is the most valuable characteristic for the event.
Every ZeroNights event has it’s own style. This time it was some geeky cyber retro from 1980s, like in popular cult movie Kung Fury. The place was also changed from familiar Cosmos Hotel to ZIL Culture Centre. It is the largest Palace of Culture from the Soviet Moscow times. The combination of US 80s cultural artifacts, RETROWAVE music with Soviet-style interiors (including, for example, statue of Lenin) made a pretty weird combination, but I liked it =)
I was unintentionally taking photos using some strange mode in camera and recorded a very short video fragment (3-5 seconds) for each photo. I decided to combine this fragments in a small video. This does not make much sense, but, perhaps, someone will find this “time-lapse” interesting 😉
Among the great presentations and workshops, there were also a small exhibition. This year there was two Vulnerability Management vendors: Beyond Security and Qualys.
Carbon Blacking your sensitive data it’s what the agents normally do. But usually without such consequences. In this situation with Carbon Black, I am most interested in the actual reasons of all this media noise. From what point business as usual becomes a scandal. Ok, when you see Carbon Black customer’s private files in public access at Virus Total it’s a 100% epic fail. But what about other options.
Illustration from investigation by DirectDefense
Bye-bye Nessus Cloud, hello Tenable.io. Tenable Network Security has announced today a new cloud platform – Tenable.io. Let’s see what it’s all about.
As you can see on this figure there will be three applications available for the platform: familiar Vulnerability Management (the new name of Nessus Cloud), new Container Security (Tenable bought FlawCheck service last October) and the long-awaited Web Application Security (not available yet).
It’s not clear yet how closely these services will be integrated with each other. But now even trial versions of Container Security and Vulnerability Management should be requested separately.
New Vulners.com services for Linux Security Audit and Vulnerability Alerting. Upd. This post is out of date! Check out “Vulners Linux Audit API for Host Vulnerability Detection: Manual Auditing, Python Scripting and Licensing” from 2021.
A few weeks ago I was describing how to perform Linux Vulnerability Assessment without a Vulnerability Scanner. I also wrote in “Vulnerability scanners: a view from the vendor and end user side” that vulnerability scanning is not rocket science and it is easy to make your own scanner for vulnerabilities for a particular OS. Especially it is a popular Linux Distribution.
But. It’s one thing to write that you can do it, and another thing to develop a script for home use, and quite another thing to make a publicly available and efficient service…
Vulners Team guys have actually created such free Linux Vulnerability Audit service!
First of all, they made a GUI where you can specify OS version (usually it is in the /etc/os-release file), list of packages installed on the host and get the list of vulnerabilities.
For example, here are the vulnerabilities for my Ubuntu Laptop, which I update frequently:
One vulnerability was found:
But GUI is good for demonstration. In real life, you can use Vulners Audit API. It will return list of vulnerabilities in JSON.
This is my personal blog. The opinions expressed here are my own and not of my employer. All product names, logos, and brands are property of their respective owners. All company, product and service names used here for identification purposes only. Use of these names, logos, and brands does not imply endorsement. You can freely use materials of this site, but it would be nice if you place a link on https://avleonov.com and send message about it at me@avleonov.com or contact me any other way.