A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Can you patch a cloud? - Scott Thomas GrrCON 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)

Can you patch a cloud?
Scott Thomas
GrrCON 2015

The Sans 20 tells us that to protect our companies, we should have a vulnerability management program. Some companies may think they're good enough with their current patching process. Some companies may take the SANS advice and implement a vulnerability management program for their on-prem devices. This is a good first step. What happens when you extend your infrastructure to "The Cloud"? When you add the complexity of cloud computing how does this change your Vulnerability Management program? Do you just point the scanner at the cloud provider and "let 'er rip"? Your provider may be less than pleased with this method. So what needs to change? Scan discovery, frequency, and methods all need to be part of the equation! To the cloud!

Back to GrrCON 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast