[Dailydave] Drinking the Cool-aid
Joe Gatt
gattjoseph at hotmail.com
Mon Feb 24 13:06:26 EST 2014
> Authenticated scanners are a bad practice (imho)
Can you expand on this a bit more? I would be interested to hear your opinion as to why you say this. I think using authenticated scanners is an excellent way to identify:
1. Computers missed by the patch management process.2. Effectiveness of patch management process. I've seen patch products report to the console that a host is patched; however, the scan proved that a given patch failed to apply.3. Client software not managed and patched by IT (i.e., iTunes)4. Mis configurations (i.e., Autorun, no SEHOP, no DEP, etc.).
Joe Gatt at gattjoe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20140224/936900e0/attachment.html>
More information about the Dailydave
mailing list