Topic: AutoNessus: analyzing vulnerability assessment data the easy way…
Frank Breedijk CISSP B ICT is employed as a Security Engineer at Schuberg Philis since 2006. He is responsible for the technical information security of Schuberg Philis Mission Critical outsourcing services. This includes, but is not limited to:
- Security Awareness
- Vulnerability management
- Internal security consultancy
- Internal technical audits
- AutoNessus development
Frank Breedijk has been active in IT Security for over 10 years. Before joining Schuberg Philis he worked as a Security Consultant for INS/BT and Security Officer for Interxion. He managed the European Security Operations Center (SOC) for Unisys’ managed security services. During this period Gartner labeled Unisys leader in the magic quadrant for Managed Security Services in Europe.
As part of his job as Security Engineer at Schuberg Philis, Frank Breedijk performs regular security scans. The repetitive nature of scanning the same customer infrastructure over and over again made him decide to look for a more automated approach. After building his first scanning scheduler he realized that it actually does not make sense to look at all findings every time they are reported. It would be much better to only investigate the deltas between the scans. The philosophy behind AutoNessus was born.
In his presentation Frank will demonstrate AutoNessus by performing scans of a live demo environment and explain its inner working and the philosophy behind it.
What is AutoNessus?
AutoNessus automates regular Nessus scans and provides delta reporting. It effectively reduces the analysis time for subsequent scans of the same infrastructure by only reporting delta findings.
Anyone who has ever used Nessus or OpenVAS will be familiar with one of its biggest drawbacks. Nessus and OpenVAS are very valuable tools, but unfortunately also very noisy. The time needed to report on a single scan will often be two or three times the time needed to do the actual scan. AutoNessus was created in order to more effectively analyze the results of regular scans of the same infrastructure.
How does it work?
AutoNessus runs vulnerability scans at regular intervals and compares the findings of the last scan with the findings of the previous scan. The delta of this scan is presented in a web GUI where findings can be easily marked as either real findings or non-issues. Non-issues get ignored until they change. This causes a dramatic reduction of the analysis time.
What will be in the talk?
The talk will be combined presentation and demonstration of the AutoNessus tool. While scanning a live demo environment Frank will discuss the following topics:
- The philosophy behind AutoNessus
- The inner workings
- AutoNessus in action
- AutoNessus in real live
Everything about AutoNessus and its philosophy.
This talk will give you real world knowledge. You will learn how to do more vulnerability scanning in less time and get more accurate results.
If scanning is part of you job, you should attend this talk. If scanning the same infrastructure more then once is part of your job, this is a must see talk!