Tag Archives: Windows

Qualys Security Conference Virtual 2018. New Agents, Patch Management and Free Services

Today I attended a very interesting online event – Qualys Security Conference Virtual 2018. It consisted of 11 webinars, began at 18:00 and will end at 03:45 Moscow time. Not the most convenient timing for Russia, but it was worth it. ๐Ÿ™‚

Qualys Security Conference 2018

Last time I was at offline QSC event in 2016, so for me it was especially interesting to learn about the new features of Qualys platform.

Continue reading

CISO Forum and the problems of Vulnerability Databases

Last Tuesday, April 24,ย  I was at “CISO FORUM 2020: glance to the future“. I presented there my report “Vulnerability Databases: sifting thousands tons of verbal ore”. In this post, I’ll briefly talk about this report and about the event itself.

CISO Forum 2020

My speech was the last in the program. At the same time, in a parallel stream, there was another interesting presentation by the most famous Russian information security blogger. Thus, there was a real danger of speaking in an empty room. ๐Ÿ™‚ But everything went well. There were about 30 spectators and we had an active QA session afterwards.

As I wrote earlier, I started preparing my CyberCentral presentation several months before the event. I did not want to tell the same story again at CISO Forum and PHDays. So I prepared 2 different presentations. At CyberCentral, I was talking about Vulnerability Scanners. And at CISO Forum I was talking mainly about Vulnerable Databases. Of course, I reused some materials, but the accents were different.

Continue reading

CyberCentral Summit 2018 in Prague

Almost whole last week I spent in Prague at CyberCentral conference. It was a pretty unique experience for me. I was for the first time at the International conference as a speaker. And not only I presented my report there, but lead the round table on Vulnerability Management and participated in a panel session.

CyberCentral2018 my presentation

From my point of view, everything was pretty good. I successfully closed my gestalt on public speaking in English. I definitely can do it. ๐Ÿ™‚

The event was hold in Lucerna passage right in a center of Prague. Beautiful building in Art Nouveau style with famous ironicย  “Statue of King Wenceslas Riding an Upside-Down Dead Horse”. ๐Ÿ™‚

CyberCentral Lucerna passage

Even to speak in this building was a great honor. In my opinion the place was chosen ideally. It is beautiful and really good located. Lots of good hotels, restaurants and all main tourist attractions were in nearby. It was easy to go for a walk in a spare time. Some photos you can see at my Facebook page [1,2] .

Continue reading

Tenable University: Nessus Certificate of Proficiency

Yesterday I finished “Nessus Certificate of Proficiency” learning plan at Tenable University and passed the final test. Here I would like to share my impressions.

Nessus Certificate test completed

First of all, few words about my motivation. I use Nessus literally every day at work. So, it was fun to check my knowledge. I already wrote about Tenable education portal in “Study Vulnerability Assessment in Tenable University for free” post. It’s free. It’s available for everyone on demand. However, Tenable customers get access to way more content.

At this moment there are four learning plan available for Tenable customers: for Nessus, Tenable.io, SecurityCenter and SecurityCenter Continuous View. Each learning plan consist of short video lessons grouped in courses and the final test.

Continue reading

Scaner-VS: Vulnerability Management solution for Russian Military

Scaner-VS is a Vulnerability Assessment system developed by Moscow-based NPO Echelon. It’s pretty popular in Russian government organizations, especially in Russian Army, because it comply all government requirements, has all necessary certificates and is relatively cheap.

Scaner-VS webgui

As for requirements and certificates, NPO Echelon itself is an important certification authority, so they know how to do the things right. It’s not a secret product or something. You can request trial version freely at http://scaner-vs.ru/version-for-testing/. But note, that it is only available in Russian. I am also sorry, but screenshots in this post will be also in Russian. I will try to do my best to describe them properly.

When you fill the form on Echelon website, you will soon get a link to 3.3 gb .iso file by email. Run it in VirtualBox virtual machine (choose Debian 64 or Debian 32).

Here is a boot menu. Choose first default option.

Scaner-VS boot

Some seconds later you will see Linux desktop environment with Scaner-VS web-GUI opened in Firefox.

Continue reading