SlideShare a Scribd company logo
Addressing the challenge of
patch management with The
Secunia CSI and System Center
ConfigMngrWilliam Melby, Regional Director, Secunia
Kent Agerlund, MVP, Coretech
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
2
Company Overview
Brief Secunia facts
Established: 2002
HQ: Copenhagen, Denmark
Regional office: Minneapolis, USA
Regional development office:
Bucharest, Romania
Ongoing collaboration with
leading industry organizations
Trusted advisor to thousands of
organizations, including CERTS
and ISACs, the White House,
NATO, NIST, NERC and Mitre.
Employees: 96 FTE’s, 25
Nationalities
Ownership: DKA Capital
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
3
Where does the raw intel come from?
Meta-crawler engine searching 3,000 sources
Good relationship with software vendors
Good relationship to community / coordinated disclosure via Secunia
In-house research
What happens with the raw data?
Secunia verifies
Secunia standardizes
How does Secunia Research work?
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
4
Research Team
The heart and soul of Secunia; the eyes and ears of the industry
One of the largest Vulnerability
Intelligence databases on the
market
• Database contains
vulnerabilities in software
products since 2003.
• 50,000+ programs,
applications and plug-ins
from thousands of
software vendors.
• Fully CVE compliant.
Data is tested and
verified by Secunia’s
researchers.
• The database is unique
to Secunia and is
Secunia IP.
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
5
Solutions Portfolio
Reliable, transparent, integrated, cloud-deployed solutions
Free version for smartphones and tablets
Scans apps downloaded from Google Play as
well as apps from external sources
Alerts users to apps with known vulnerabilities
Checks that security updates are performed
quickly
Personal Software Inspector (PSI) PSI for Android
Consumer
Free tool for Vulnerability Management
Safeguard data from cybercriminals
Scans software on PCs and identifies insecure
programs
Automatically applies software security updates to
keep PCs secure
Corporate
Corporate Software Inspector (CSI) Vulnerability Intelligence Manager (VIM)
Targeted, flexible Patch Management
Secures and updates vital applications
The complete A-Z: Vulnerability Intelligence and
Scanning plus Patch Creation and Deployment
Microsoft System Center 2012 and WSUS
integration
Scans PCs and Apple Mac OS X
Tactical handling of vulnerability threats
Enables pre-emptive action against
vulnerabilities in a simple, cost-effective way
Delivers real-time vulnerability alerts
No installation required
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
6
13,073 vulnerabilities were discovered in 2,289 vulnerable products.
Vulnerabilities in All Products in 2013: 13,073
A 45% increase in vulnerabilities (5 year trend)
Source: “Secunia Vulnerability Review 2014.” https://secunia.com/vulnerability-review/
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
7
In 2013 there were less third-party programs in a typical software portfolio, yet these programs
accounted for the majority of vulnerabilities. It is not enough to only patch Microsoft programs or
the ‘usual suspects’.
Enterprise Challenge: Knowing What to Patch
Secunia brings visibility and solutions to vulnerability threats
Source: “Secunia Vulnerability Review 2014.” http://secunia.com/vulnerability-review/
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
8
86% of vulnerabilities had patches available on the day of disclosure.
You can patch most vulnerabilities – the trick is knowing what to patch.
Time to Patch! Top 50 Software Portfolio
Patch availability on the day of disclosure is increasing
Source: “Secunia Vulnerability Review 2014.” https://secunia.com/vulnerability-review/
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
9
Corporate Software Inspector
(CSI)
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
10
From Patch Management to Software Vulnerability
Management
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
11
The only security solution for patch management
Rich security content: Vulnerability Intelligence
Proprietary vulnerability database
Software inventory scanner: 20,000+ applications
Tested patches
Secunia Packaging System:
Disabled adware, EULA, shortcuts
Single-click configuration options
Enterprise ready
The Secunia CSI
How we are different
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
12
Patch Management = Patch deployment
No synergy between security assessment and patch
activities
Focus on the most common applications
Dependency on vendor information
Non prioritized patching process
Non rated patch content (criticality)
Focus on content rather than assessment and
prioritization
Patch Management
Challenges and Misconceptions
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
13
The Secunia CSI
We support the entire Software Vulnerability Management Lifecycle
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
14
Introduction to the Secunia CSI
Combining scanning and patching to meet the requirements of both IT security and
operations
It’s not enough to detect the
vulnerabilities if you can’t
patch them. It’s not enough to
have the patches, if you don’t
know where to apply them.
Secunia CSI gives you the when, the
where, the what and the how:
This combination of vulnerability
intelligence, vulnerability scanning, patch
creation and patch deployment is unique
in the industry.
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
15
Coverage
Scan/assess the security state of
practically all legitimate programs
running on Microsoft Windows
Platforms.
Scanning support for Windows,
Apple Mac OS X, Red Hat
Enterprise Linux (RHEL) and
Android platforms.
Sources Secunia’s Vulnerability
Intelligence Database, covering
all off-the-shelf programs.
CSI Feature Highlights
Complete, flexible, unique – it works the way you do
Overview
Smart Groups filter and
segment data according to
products, devices or
advisories.
User group accounts based
on roles and permissions.
Exact mapping of
infrastructure and users to
ensure environments are in
sync.
Integration
Manage and publish packages
using third-party patch deployment
solutions (Microsoft
WSUS/System Center 2012 or
Altiris).
Secunia VIM: automatically
create/update asset lists based on
Secunia CSI’s scan results.
Secunia PSI 3.0/PSI for Android:
manage decentralized
PCs/Android devices.
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
16
Management
Comply with regulatory standards (e.g. PCI-DSS or NERC-
CIP) regarding the patching of programs.
Utilize your existing infrastructure to enforce security levels,
i.e. Microsoft System Center 2012.
Enable policy enforcement and document your compliance
efforts in the case of a breach.
Operations
An overview of the security state of all programs installed
across endpoints and servers for effective prioritization of
patching efforts.
Cross-platform scanning and patching of non-Microsoft
programs.
Automatic package creation, plus access to out-of-the-box
packages.
Security
Pinpoint the exact vulnerabilities affecting your network and
verify security levels (Microsoft, third-party and custom
programs).
Audit, enforce and document patching levels based on in-
depth intelligence.
Secure your off-site assets.
CSI Key Takeaways
What’s in it for you?
CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
17
Strengths:
Complete coverage of Microsoft applications
Complete coverage of Windows Client OS
Good deployment capabilities (“Supersedence”, “Dependencies”)
Weaknesses
No content for 3rd Party (non-Microsoft) applications
No tool for supporting patch management of non-Microsoft
applications
The Patch Management Challenge with Microsoft
System Center
“Microsoft Configuration Manager does not provide automated
patch management for other products, such as Adobe applications
(other than Reader and Flash), Java, Firefox, Chrome, and Skype.
Organizations must patch these types of applications by doing
their own patch research, repackaging or scripting the updates, and
pushing through Configuration Manager.”
Stay Secure
www.secunia.com
Secunia
Mikado House, Rued Langgaards Vej 8, 4th floor
DK-2300 Copenhagen S
Denmark
Phone: +45 7020 5144
Fax: +45 7020 5145
Secunia Inc.
Lake Calhoun Business Center, Suite 420
3033 Excelsior Boulevard
Minneapolis, MN 55416
USA
Phone: +1 888 924 8265
Fax: +1 888 924 8266

More Related Content

What's hot

Office 365 smb guidelines for pure bookkeeping (slideshare)
Office 365 smb guidelines for pure bookkeeping (slideshare)Office 365 smb guidelines for pure bookkeeping (slideshare)
Office 365 smb guidelines for pure bookkeeping (slideshare)
DavidNicholls52
 
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Happiest Minds Technologies
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Chalkline Microsoft Webinar about Windows Virtual Desktop
Chalkline Microsoft Webinar about Windows Virtual DesktopChalkline Microsoft Webinar about Windows Virtual Desktop
Chalkline Microsoft Webinar about Windows Virtual Desktop
Articulate Marketing
 
Protect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainProtect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chain
David J Rosenthal
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
Olav Tvedt
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security Overview
Robert Crane
 
How to use Microsoft Azure Virtual Desktop
How to use Microsoft Azure Virtual DesktopHow to use Microsoft Azure Virtual Desktop
How to use Microsoft Azure Virtual Desktop
Abdulghani Alkhateeb
 
Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the Enterprise
David J Rosenthal
 
How to Secure Access Control in Office 365 Environments
How to Secure Access Control in Office 365 EnvironmentsHow to Secure Access Control in Office 365 Environments
How to Secure Access Control in Office 365 Environments
Quest
 
Troubleshooting The Modern Managed Client - Workplace Nijna Summit 2020
Troubleshooting The Modern Managed Client - Workplace Nijna Summit 2020  Troubleshooting The Modern Managed Client - Workplace Nijna Summit 2020
Troubleshooting The Modern Managed Client - Workplace Nijna Summit 2020
Ronni Pedersen
 
Microsoft 365
Microsoft 365Microsoft 365
Microsoft 365
Jeannette Browning
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itWhat is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy it
Peter De Tender
 
Taking conditional access to the next level
Taking conditional access to the next levelTaking conditional access to the next level
Taking conditional access to the next level
Ronny de Jong
 
Securing Servers in Public and Hybrid Clouds
Securing Servers in Public and Hybrid CloudsSecuring Servers in Public and Hybrid Clouds
Securing Servers in Public and Hybrid Clouds
RightScale
 
Working with MS Endpoint Manager
Working with MS Endpoint ManagerWorking with MS Endpoint Manager
Working with MS Endpoint Manager
George Grammatikos
 
Supporting Remote Work While Securing, Governing, and Protecting Your Microso...
Supporting Remote Work While Securing, Governing, and Protecting Your Microso...Supporting Remote Work While Securing, Governing, and Protecting Your Microso...
Supporting Remote Work While Securing, Governing, and Protecting Your Microso...
Chris Bortlik
 
A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365
David J Rosenthal
 
Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...
Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...
Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...
Alexander Benoit
 
Experts Live Europe 2017 - Best Practices to secure Windows 10 with already i...
Experts Live Europe 2017 - Best Practices to secure Windows 10 with already i...Experts Live Europe 2017 - Best Practices to secure Windows 10 with already i...
Experts Live Europe 2017 - Best Practices to secure Windows 10 with already i...
Alexander Benoit
 

What's hot (20)

Office 365 smb guidelines for pure bookkeeping (slideshare)
Office 365 smb guidelines for pure bookkeeping (slideshare)Office 365 smb guidelines for pure bookkeeping (slideshare)
Office 365 smb guidelines for pure bookkeeping (slideshare)
 
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Chalkline Microsoft Webinar about Windows Virtual Desktop
Chalkline Microsoft Webinar about Windows Virtual DesktopChalkline Microsoft Webinar about Windows Virtual Desktop
Chalkline Microsoft Webinar about Windows Virtual Desktop
 
Protect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainProtect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chain
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security Overview
 
How to use Microsoft Azure Virtual Desktop
How to use Microsoft Azure Virtual DesktopHow to use Microsoft Azure Virtual Desktop
How to use Microsoft Azure Virtual Desktop
 
Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the Enterprise
 
How to Secure Access Control in Office 365 Environments
How to Secure Access Control in Office 365 EnvironmentsHow to Secure Access Control in Office 365 Environments
How to Secure Access Control in Office 365 Environments
 
Troubleshooting The Modern Managed Client - Workplace Nijna Summit 2020
Troubleshooting The Modern Managed Client - Workplace Nijna Summit 2020  Troubleshooting The Modern Managed Client - Workplace Nijna Summit 2020
Troubleshooting The Modern Managed Client - Workplace Nijna Summit 2020
 
Microsoft 365
Microsoft 365Microsoft 365
Microsoft 365
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itWhat is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy it
 
Taking conditional access to the next level
Taking conditional access to the next levelTaking conditional access to the next level
Taking conditional access to the next level
 
Securing Servers in Public and Hybrid Clouds
Securing Servers in Public and Hybrid CloudsSecuring Servers in Public and Hybrid Clouds
Securing Servers in Public and Hybrid Clouds
 
Working with MS Endpoint Manager
Working with MS Endpoint ManagerWorking with MS Endpoint Manager
Working with MS Endpoint Manager
 
Supporting Remote Work While Securing, Governing, and Protecting Your Microso...
Supporting Remote Work While Securing, Governing, and Protecting Your Microso...Supporting Remote Work While Securing, Governing, and Protecting Your Microso...
Supporting Remote Work While Securing, Governing, and Protecting Your Microso...
 
A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365
 
Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...
Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...
Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...
 
Experts Live Europe 2017 - Best Practices to secure Windows 10 with already i...
Experts Live Europe 2017 - Best Practices to secure Windows 10 with already i...Experts Live Europe 2017 - Best Practices to secure Windows 10 with already i...
Experts Live Europe 2017 - Best Practices to secure Windows 10 with already i...
 

Similar to ECMDay2015 - Kent Agerlund - Secunia - 10 minutes is all it takes – Managing Microsoft and 3rd party updates with System Center 2012 Configuration Manager & Secunia CSI

productsheet_csi70_brief
productsheet_csi70_briefproductsheet_csi70_brief
productsheet_csi70_brief
Sagren Naidoo
 
2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital Security2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital Security
Shawn Wells
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptx
YoisRoberthTapiadeLa
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptx
VictoriaChavesta
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security Program
WSO2
 
4-lessons-of-security-leaders-for-2022.pdf
4-lessons-of-security-leaders-for-2022.pdf4-lessons-of-security-leaders-for-2022.pdf
4-lessons-of-security-leaders-for-2022.pdf
Jose R
 
Delve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of ThingsDelve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of Things
Frederic Roy-Gobeil, CPA, CGA, M.Tax.
 
The Challenge of Integrating Security Solutions with CI.pdf
The Challenge of Integrating Security Solutions with CI.pdfThe Challenge of Integrating Security Solutions with CI.pdf
The Challenge of Integrating Security Solutions with CI.pdf
Savinder Puri
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt Labs
RedhuntLabs2
 
BMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/MalwareBMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/Malware
Mike Rizzo
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
Career Communications Group
 
Building DevOps in the enterprise: Transforming challenges into organizationa...
Building DevOps in the enterprise: Transforming challenges into organizationa...Building DevOps in the enterprise: Transforming challenges into organizationa...
Building DevOps in the enterprise: Transforming challenges into organizationa...
Jonah Kowall
 
Security is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperSecurity is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White Paper
Mohd Anwar Jamal Faiz
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
Scalar Decisions
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
Scalar Decisions
 
The CISO Problems Risk Compliance Management in a Software Development 030420...
The CISO Problems Risk Compliance Management in a Software Development 030420...The CISO Problems Risk Compliance Management in a Software Development 030420...
The CISO Problems Risk Compliance Management in a Software Development 030420...
lior mazor
 
Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?
London School of Cyber Security
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소
GE코리아
 
Veracode Corporate Overview - Print
Veracode Corporate Overview - PrintVeracode Corporate Overview - Print
Veracode Corporate Overview - Print
Andrew Kanikuru
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
GFI Software
 

Similar to ECMDay2015 - Kent Agerlund - Secunia - 10 minutes is all it takes – Managing Microsoft and 3rd party updates with System Center 2012 Configuration Manager & Secunia CSI (20)

productsheet_csi70_brief
productsheet_csi70_briefproductsheet_csi70_brief
productsheet_csi70_brief
 
2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital Security2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital Security
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptx
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptx
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security Program
 
4-lessons-of-security-leaders-for-2022.pdf
4-lessons-of-security-leaders-for-2022.pdf4-lessons-of-security-leaders-for-2022.pdf
4-lessons-of-security-leaders-for-2022.pdf
 
Delve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of ThingsDelve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of Things
 
The Challenge of Integrating Security Solutions with CI.pdf
The Challenge of Integrating Security Solutions with CI.pdfThe Challenge of Integrating Security Solutions with CI.pdf
The Challenge of Integrating Security Solutions with CI.pdf
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt Labs
 
BMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/MalwareBMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/Malware
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
 
Building DevOps in the enterprise: Transforming challenges into organizationa...
Building DevOps in the enterprise: Transforming challenges into organizationa...Building DevOps in the enterprise: Transforming challenges into organizationa...
Building DevOps in the enterprise: Transforming challenges into organizationa...
 
Security is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperSecurity is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White Paper
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
 
The CISO Problems Risk Compliance Management in a Software Development 030420...
The CISO Problems Risk Compliance Management in a Software Development 030420...The CISO Problems Risk Compliance Management in a Software Development 030420...
The CISO Problems Risk Compliance Management in a Software Development 030420...
 
Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소
 
Veracode Corporate Overview - Print
Veracode Corporate Overview - PrintVeracode Corporate Overview - Print
Veracode Corporate Overview - Print
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 

More from Kenny Buntinx

Llunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cbLlunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cb
Kenny Buntinx
 
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.wayLlunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
Kenny Buntinx
 
Llunitebe2018 worst config mgr cb mistakes
Llunitebe2018 worst config mgr cb mistakesLlunitebe2018 worst config mgr cb mistakes
Llunitebe2018 worst config mgr cb mistakes
Kenny Buntinx
 
Llunitebe2018 windows 10 security features
Llunitebe2018 windows 10 security featuresLlunitebe2018 windows 10 security features
Llunitebe2018 windows 10 security features
Kenny Buntinx
 
Llunitebe2018 ten practical tips to secure your corporate data with microsoft...
Llunitebe2018 ten practical tips to secure your corporate data with microsoft...Llunitebe2018 ten practical tips to secure your corporate data with microsoft...
Llunitebe2018 ten practical tips to secure your corporate data with microsoft...
Kenny Buntinx
 
Llunitebe2018 rdmi in practice
Llunitebe2018 rdmi in practiceLlunitebe2018 rdmi in practice
Llunitebe2018 rdmi in practice
Kenny Buntinx
 
Llunitebe2018 implement modern management as like brewing a beer
Llunitebe2018 implement modern management as like brewing a beerLlunitebe2018 implement modern management as like brewing a beer
Llunitebe2018 implement modern management as like brewing a beer
Kenny Buntinx
 
SCUGBE_Lowlands_Unite_2017_1E tachyon
SCUGBE_Lowlands_Unite_2017_1E tachyonSCUGBE_Lowlands_Unite_2017_1E tachyon
SCUGBE_Lowlands_Unite_2017_1E tachyon
Kenny Buntinx
 
SCUGBE_Lowlands_Unite_2017_Managing Windows Containers with Docker
SCUGBE_Lowlands_Unite_2017_Managing Windows Containers with DockerSCUGBE_Lowlands_Unite_2017_Managing Windows Containers with Docker
SCUGBE_Lowlands_Unite_2017_Managing Windows Containers with Docker
Kenny Buntinx
 
SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.
SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.
SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.
Kenny Buntinx
 
SCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdmin
SCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdminSCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdmin
SCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdmin
Kenny Buntinx
 
SCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clients
SCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clientsSCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clients
SCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clients
Kenny Buntinx
 
ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...
ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...
ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...
Kenny Buntinx
 
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
Kenny Buntinx
 
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site ReviewECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
Kenny Buntinx
 
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
Kenny Buntinx
 
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Keynote
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - KeynoteECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Keynote
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Keynote
Kenny Buntinx
 
ECMDAY2015 - Kaido Jarvemets - Managing Configuration Manager with PowerShell
ECMDAY2015 - Kaido Jarvemets -  Managing Configuration Manager with PowerShellECMDAY2015 - Kaido Jarvemets -  Managing Configuration Manager with PowerShell
ECMDAY2015 - Kaido Jarvemets - Managing Configuration Manager with PowerShell
Kenny Buntinx
 
Scom how to tune and tame the beast
Scom how to tune and tame the beastScom how to tune and tame the beast
Scom how to tune and tame the beast
Kenny Buntinx
 
Best ofmms2013didiervanhoye
Best ofmms2013didiervanhoyeBest ofmms2013didiervanhoye
Best ofmms2013didiervanhoye
Kenny Buntinx
 

More from Kenny Buntinx (20)

Llunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cbLlunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cb
 
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.wayLlunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
 
Llunitebe2018 worst config mgr cb mistakes
Llunitebe2018 worst config mgr cb mistakesLlunitebe2018 worst config mgr cb mistakes
Llunitebe2018 worst config mgr cb mistakes
 
Llunitebe2018 windows 10 security features
Llunitebe2018 windows 10 security featuresLlunitebe2018 windows 10 security features
Llunitebe2018 windows 10 security features
 
Llunitebe2018 ten practical tips to secure your corporate data with microsoft...
Llunitebe2018 ten practical tips to secure your corporate data with microsoft...Llunitebe2018 ten practical tips to secure your corporate data with microsoft...
Llunitebe2018 ten practical tips to secure your corporate data with microsoft...
 
Llunitebe2018 rdmi in practice
Llunitebe2018 rdmi in practiceLlunitebe2018 rdmi in practice
Llunitebe2018 rdmi in practice
 
Llunitebe2018 implement modern management as like brewing a beer
Llunitebe2018 implement modern management as like brewing a beerLlunitebe2018 implement modern management as like brewing a beer
Llunitebe2018 implement modern management as like brewing a beer
 
SCUGBE_Lowlands_Unite_2017_1E tachyon
SCUGBE_Lowlands_Unite_2017_1E tachyonSCUGBE_Lowlands_Unite_2017_1E tachyon
SCUGBE_Lowlands_Unite_2017_1E tachyon
 
SCUGBE_Lowlands_Unite_2017_Managing Windows Containers with Docker
SCUGBE_Lowlands_Unite_2017_Managing Windows Containers with DockerSCUGBE_Lowlands_Unite_2017_Managing Windows Containers with Docker
SCUGBE_Lowlands_Unite_2017_Managing Windows Containers with Docker
 
SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.
SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.
SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.
 
SCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdmin
SCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdminSCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdmin
SCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdmin
 
SCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clients
SCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clientsSCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clients
SCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clients
 
ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...
ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...
ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...
 
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
 
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site ReviewECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
 
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
 
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Keynote
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - KeynoteECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Keynote
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Keynote
 
ECMDAY2015 - Kaido Jarvemets - Managing Configuration Manager with PowerShell
ECMDAY2015 - Kaido Jarvemets -  Managing Configuration Manager with PowerShellECMDAY2015 - Kaido Jarvemets -  Managing Configuration Manager with PowerShell
ECMDAY2015 - Kaido Jarvemets - Managing Configuration Manager with PowerShell
 
Scom how to tune and tame the beast
Scom how to tune and tame the beastScom how to tune and tame the beast
Scom how to tune and tame the beast
 
Best ofmms2013didiervanhoye
Best ofmms2013didiervanhoyeBest ofmms2013didiervanhoye
Best ofmms2013didiervanhoye
 

Recently uploaded

Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the  Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the  Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Zilliz
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Daiki Mogmet Ito
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 

Recently uploaded (20)

Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the  Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the  Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 

ECMDay2015 - Kent Agerlund - Secunia - 10 minutes is all it takes – Managing Microsoft and 3rd party updates with System Center 2012 Configuration Manager & Secunia CSI

  • 1. Addressing the challenge of patch management with The Secunia CSI and System Center ConfigMngrWilliam Melby, Regional Director, Secunia Kent Agerlund, MVP, Coretech
  • 2. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 2 Company Overview Brief Secunia facts Established: 2002 HQ: Copenhagen, Denmark Regional office: Minneapolis, USA Regional development office: Bucharest, Romania Ongoing collaboration with leading industry organizations Trusted advisor to thousands of organizations, including CERTS and ISACs, the White House, NATO, NIST, NERC and Mitre. Employees: 96 FTE’s, 25 Nationalities Ownership: DKA Capital
  • 3. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 3 Where does the raw intel come from? Meta-crawler engine searching 3,000 sources Good relationship with software vendors Good relationship to community / coordinated disclosure via Secunia In-house research What happens with the raw data? Secunia verifies Secunia standardizes How does Secunia Research work?
  • 4. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 4 Research Team The heart and soul of Secunia; the eyes and ears of the industry One of the largest Vulnerability Intelligence databases on the market • Database contains vulnerabilities in software products since 2003. • 50,000+ programs, applications and plug-ins from thousands of software vendors. • Fully CVE compliant. Data is tested and verified by Secunia’s researchers. • The database is unique to Secunia and is Secunia IP.
  • 5. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 5 Solutions Portfolio Reliable, transparent, integrated, cloud-deployed solutions Free version for smartphones and tablets Scans apps downloaded from Google Play as well as apps from external sources Alerts users to apps with known vulnerabilities Checks that security updates are performed quickly Personal Software Inspector (PSI) PSI for Android Consumer Free tool for Vulnerability Management Safeguard data from cybercriminals Scans software on PCs and identifies insecure programs Automatically applies software security updates to keep PCs secure Corporate Corporate Software Inspector (CSI) Vulnerability Intelligence Manager (VIM) Targeted, flexible Patch Management Secures and updates vital applications The complete A-Z: Vulnerability Intelligence and Scanning plus Patch Creation and Deployment Microsoft System Center 2012 and WSUS integration Scans PCs and Apple Mac OS X Tactical handling of vulnerability threats Enables pre-emptive action against vulnerabilities in a simple, cost-effective way Delivers real-time vulnerability alerts No installation required
  • 6. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 6 13,073 vulnerabilities were discovered in 2,289 vulnerable products. Vulnerabilities in All Products in 2013: 13,073 A 45% increase in vulnerabilities (5 year trend) Source: “Secunia Vulnerability Review 2014.” https://secunia.com/vulnerability-review/
  • 7. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 7 In 2013 there were less third-party programs in a typical software portfolio, yet these programs accounted for the majority of vulnerabilities. It is not enough to only patch Microsoft programs or the ‘usual suspects’. Enterprise Challenge: Knowing What to Patch Secunia brings visibility and solutions to vulnerability threats Source: “Secunia Vulnerability Review 2014.” http://secunia.com/vulnerability-review/
  • 8. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 8 86% of vulnerabilities had patches available on the day of disclosure. You can patch most vulnerabilities – the trick is knowing what to patch. Time to Patch! Top 50 Software Portfolio Patch availability on the day of disclosure is increasing Source: “Secunia Vulnerability Review 2014.” https://secunia.com/vulnerability-review/
  • 9. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 9 Corporate Software Inspector (CSI)
  • 10. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 10 From Patch Management to Software Vulnerability Management
  • 11. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 11 The only security solution for patch management Rich security content: Vulnerability Intelligence Proprietary vulnerability database Software inventory scanner: 20,000+ applications Tested patches Secunia Packaging System: Disabled adware, EULA, shortcuts Single-click configuration options Enterprise ready The Secunia CSI How we are different
  • 12. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 12 Patch Management = Patch deployment No synergy between security assessment and patch activities Focus on the most common applications Dependency on vendor information Non prioritized patching process Non rated patch content (criticality) Focus on content rather than assessment and prioritization Patch Management Challenges and Misconceptions
  • 13. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 13 The Secunia CSI We support the entire Software Vulnerability Management Lifecycle
  • 14. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 14 Introduction to the Secunia CSI Combining scanning and patching to meet the requirements of both IT security and operations It’s not enough to detect the vulnerabilities if you can’t patch them. It’s not enough to have the patches, if you don’t know where to apply them. Secunia CSI gives you the when, the where, the what and the how: This combination of vulnerability intelligence, vulnerability scanning, patch creation and patch deployment is unique in the industry.
  • 15. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 15 Coverage Scan/assess the security state of practically all legitimate programs running on Microsoft Windows Platforms. Scanning support for Windows, Apple Mac OS X, Red Hat Enterprise Linux (RHEL) and Android platforms. Sources Secunia’s Vulnerability Intelligence Database, covering all off-the-shelf programs. CSI Feature Highlights Complete, flexible, unique – it works the way you do Overview Smart Groups filter and segment data according to products, devices or advisories. User group accounts based on roles and permissions. Exact mapping of infrastructure and users to ensure environments are in sync. Integration Manage and publish packages using third-party patch deployment solutions (Microsoft WSUS/System Center 2012 or Altiris). Secunia VIM: automatically create/update asset lists based on Secunia CSI’s scan results. Secunia PSI 3.0/PSI for Android: manage decentralized PCs/Android devices.
  • 16. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 16 Management Comply with regulatory standards (e.g. PCI-DSS or NERC- CIP) regarding the patching of programs. Utilize your existing infrastructure to enforce security levels, i.e. Microsoft System Center 2012. Enable policy enforcement and document your compliance efforts in the case of a breach. Operations An overview of the security state of all programs installed across endpoints and servers for effective prioritization of patching efforts. Cross-platform scanning and patching of non-Microsoft programs. Automatic package creation, plus access to out-of-the-box packages. Security Pinpoint the exact vulnerabilities affecting your network and verify security levels (Microsoft, third-party and custom programs). Audit, enforce and document patching levels based on in- depth intelligence. Secure your off-site assets. CSI Key Takeaways What’s in it for you?
  • 17. CONFIDENTIAL - Secunia Corporate, Product and Roadmap Briefing 17 Strengths: Complete coverage of Microsoft applications Complete coverage of Windows Client OS Good deployment capabilities (“Supersedence”, “Dependencies”) Weaknesses No content for 3rd Party (non-Microsoft) applications No tool for supporting patch management of non-Microsoft applications The Patch Management Challenge with Microsoft System Center “Microsoft Configuration Manager does not provide automated patch management for other products, such as Adobe applications (other than Reader and Flash), Java, Firefox, Chrome, and Skype. Organizations must patch these types of applications by doing their own patch research, repackaging or scripting the updates, and pushing through Configuration Manager.”
  • 18. Stay Secure www.secunia.com Secunia Mikado House, Rued Langgaards Vej 8, 4th floor DK-2300 Copenhagen S Denmark Phone: +45 7020 5144 Fax: +45 7020 5145 Secunia Inc. Lake Calhoun Business Center, Suite 420 3033 Excelsior Boulevard Minneapolis, MN 55416 USA Phone: +1 888 924 8265 Fax: +1 888 924 8266