<html>
<head>
</head>
<body class='hmmessage'><div dir='ltr'>
<div dir="ltr">
<div dir="ltr">
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:Calibri
}
--></style>
<div dir="ltr"><div><span style="font-size: 12pt;">> </span><span style="font-size: 12pt;">Authenticated scanners are a bad practice (imho)</span></div><div><span style="font-size: 12pt;"><br></span></div><div><span style="font-size: 12pt;">Can you expand on this a bit more? I would be interested to hear your opinion as to why you say this. </span><span style="font-size: 12pt;">I think using authenticated scanners is an excellent way to identify:</span></div><div><span style="font-size: 12pt;"><br></span></div><div><span style="font-size: 12pt;">1. Computers missed by the patch management process.</span></div><div><span style="font-size: 12pt;">2. Effectiveness of patch management process. I've seen patch products report to the console that a host is patched; however, the scan proved that a given patch failed to apply.</span></div><div><span style="font-size: 12pt;">3. Client software not managed and patched by IT (i.e., iTunes)</span></div><div><span style="font-size: 12pt;">4. Mis configurations (i.e., Autorun, no SEHOP, no DEP, etc.).</span></div><div><br></div><div>Joe Gatt</div><div>@gattjoe</div><div><br><div><hr id="stopSpelling"><br></div></div></div>
</div>
</div>
</div></body>
</html>