• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Integrating Qualys into the patch and vulnerability management processes
 

Integrating Qualys into the patch and vulnerability management processes

on

  • 1,642 views

A short presentation for Qualys Secure London Dec 2011.

A short presentation for Qualys Secure London Dec 2011.

Statistics

Views

Total Views
1,642
Views on SlideShare
1,640
Embed Views
2

Actions

Likes
0
Downloads
12
Comments
0

2 Embeds 2

http://a0.twimg.com 1
http://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Areas support each other, all feed into SIEM and GRC

Integrating Qualys into the patch and vulnerability management processes Integrating Qualys into the patch and vulnerability management processes Presentation Transcript

  • INTEGRATING QUALYS INTOTHE PATCH ANDVULNERABILITY MANAGEMENTPROCESSESVladimir JirasekBlog: JirasekOnSecurity.comBio: About.me/jirasek10th Nov 2011
  • About me• Security professional (11 years)• Founding member and steering group member of (Common Assurance Maturity Model) CAMM (common- assurance.com)• Director, CSA UK & Ireland• I love reading books: thrillers (Clive Cussler) and business management (Jo Owen)
  • I will cover topics today• How Qualys fits into the Security technology stack• Experiences from Qualys implementations• Integration into IT operations processes• Using MSSP
  • Security technology stack and Qualys • Feed into the SIEM• Metrics from Qualys and Threat enterprise portal intelligence GRC • Pattern matching in Information & Event Configuration Identity, Entitlement, Acce Mgmt compliance Cryptography Data Security • Web application scanning ss Application Security • Browser Check Host Security • Patch assessment • Configuration Network Security compliance Physical Security • SSL Server test
  • Experiences with Qualys• Easy deployment of non- • Configuration authenticated scanning compliance – manual• Resistance from IT configuration. Start small admins to give and grow controls root/server admin • Limited Oracle credentials compliance scanning• Do not scan through adoption firewalls • Vulnerability reporting –• CMDB usually treat vulnerabilities as inaccurate – using quality issues Qualys map/scan to • Browser check – populate excellent tool but requires user action
  • MSSP and Qualys• Outsourcing just Qualys to MSSP low value• Tools need to be used by IT Ops• MSSP add value when vulnerability data correlated with information sources • Firewall rules • Routing • Threat intelligence • CMDB – business criticality • IDS data • Anit-malware status
  • Integration into IT ops processes• Security is a quality aspect• Map security criticality levels to those in Ops change/incident process• Responsibility for patching and correction of non- compliance sits with the asset owner• But the risk management and escalation sits with security team – risk sign-off based on risk level