In my working life I have had various roles as security consultant. One of these roles was working in an operational security team. Now that I have found a new job as security specialist, I am again seconded to a company within an operational security team. One of my specialties is Vulnerability Management and Vulnerability scanning and I have found out (call it the hard way) that this is never an easy task. Although from the outside, it appears to be a rather ‘simple’ solution, Vulnerability scanning is a complex topic with many touch points throughout an organization. Difficulties I had always taken for granted but are not as ‘common’ as I had expected. Therefore I am starting a series of blog-posts to explain vulnerability scanning. In the next couple of months I will write posts on the following topics:
- What are the types of scanners and what is their purpose
- Defining a scanning approach
- What kind of results can I expect and what to do with them
- What are the considerations when scanning in a corporate environment
These are the plans for now, perhaps these series will be expanded with some additional (more organizational) topics but that is for later care. Hope you will enjoy reading these posts and learn something in the meantime.