Physical Security Assessments can be viewed as a penetration test against the physical infrastructure of an organisation. Instead of the assessment of computer networks and services, buildings and physical locations are being assessed. During this type of assessment the overall physical security of the location of a building, the facilities and the access controls are in scope. Physical security is often overlooked and the consequences of a physical breach can have the same impact as a computer breach.
Thursday, 20 November 2014
Monday, 10 November 2014
The discovery and patching of security vulnerabilities can be a very difficult and a time-consuming task, especially without the use of a proper vulnerability scanner.
The following, is a list of the most well-known vulnerability scanners currently available in the market. A security consultant should spend some time to familiarise himself/herself with these scanners. Find the scanner that is most suitable for your needs and use it to scan your network infrastructure for security vulnerabilities. Go through the reports these scanners generate and engage in remediating the vulnerabilities discovered. This can be an invaluable experience when it comes to becoming able to understand security issues affecting large network infrastructures.
Some of these scanner can be used under a free license for personal use.
01) Nessus - http://bit.ly/1prtrZ3
02) Nexpose - http://bit.ly/1NHBSML
03) CORE Impact Pro - http://bit.ly/19e7dWC
04) OpenVAS - http://bit.ly/1NHCdPy
05) QualysGuard - http://bit.ly/1MUn52l
06) MBSA (Microsoft Baseline Security Analyser) - http://bit.ly/1MJ2NCE
07) Secunia PSI - http://bit.ly/1iiTjGR
08) Retina - http://bit.ly/1MBNHzo
09) Acunetix - http://bit.ly/1PA8rfA
10) SAINTscanner - http://bit.ly/1RLtB9A
11) GFI Lan Guard - http://bit.ly/1RLt8V2
If you know of a vulnerability scanner that you have used and it is worth mentioning here, let me know and I will add it to the list.