Your SlideShare is downloading. ×
Integrating Qualys into the patch and vulnerability management processes
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Integrating Qualys into the patch and vulnerability management processes

1,400
views

Published on

A short presentation for Qualys Secure London Dec 2011.

A short presentation for Qualys Secure London Dec 2011.

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,400
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Areas support each other, all feed into SIEM and GRC
  • Transcript

    • 1. INTEGRATING QUALYS INTOTHE PATCH ANDVULNERABILITY MANAGEMENTPROCESSESVladimir JirasekBlog: JirasekOnSecurity.comBio: About.me/jirasek10th Nov 2011
    • 2. About me• Security professional (11 years)• Founding member and steering group member of (Common Assurance Maturity Model) CAMM (common- assurance.com)• Director, CSA UK & Ireland• I love reading books: thrillers (Clive Cussler) and business management (Jo Owen)
    • 3. I will cover topics today• How Qualys fits into the Security technology stack• Experiences from Qualys implementations• Integration into IT operations processes• Using MSSP
    • 4. Security technology stack and Qualys • Feed into the SIEM• Metrics from Qualys and Threat enterprise portal intelligence GRC • Pattern matching in Information & Event Configuration Identity, Entitlement, Acce Mgmt compliance Cryptography Data Security • Web application scanning ss Application Security • Browser Check Host Security • Patch assessment • Configuration Network Security compliance Physical Security • SSL Server test
    • 5. Experiences with Qualys• Easy deployment of non- • Configuration authenticated scanning compliance – manual• Resistance from IT configuration. Start small admins to give and grow controls root/server admin • Limited Oracle credentials compliance scanning• Do not scan through adoption firewalls • Vulnerability reporting –• CMDB usually treat vulnerabilities as inaccurate – using quality issues Qualys map/scan to • Browser check – populate excellent tool but requires user action
    • 6. MSSP and Qualys• Outsourcing just Qualys to MSSP low value• Tools need to be used by IT Ops• MSSP add value when vulnerability data correlated with information sources • Firewall rules • Routing • Threat intelligence • CMDB – business criticality • IDS data • Anit-malware status
    • 7. Integration into IT ops processes• Security is a quality aspect• Map security criticality levels to those in Ops change/incident process• Responsibility for patching and correction of non- compliance sits with the asset owner• But the risk management and escalation sits with security team – risk sign-off based on risk level