7MS #277: Patching Solutions Bake-Off - Part 3
7 Minute Security14 Syys 2017

7MS #277: Patching Solutions Bake-Off - Part 3

ManageEngine Desktop Central

Overall, I have to bluntly say that I really enjoyed playing with ManageEngine's solution. It's got a crap-ton of features built into it - above and beyond patching - that I think IT/security folks will really appreciate.

Pros

  • Agent or agentless management of systems

  • MDM (didn't play with it but it certainly looks feature-rich)

  • Application white/blacklisting

  • Ability to push out configurations for things you'd normally use GPOs for - i.e. setting a login banner, enforcing screen locks, setting IE homepage and search engine, etc.

  • Patch management is full-featured - it's easy to setup a simple "scan systems, download and deploy missing patches." Or just a "scan to identify missing patches" kind of thing. It's easy to run a variety of reports to find out which systems are most vulnerable, which patches are missing across the enterprise, etc.

  • Software deployment engine - there's a big package library where you can easily search and deploy things like Dropbox, Adobe Reader, etc. It also includes a self-service portal where users can simply select certain packages and have them installed automagically!

  • Inventory - ability to have detailed hardware/software level details on each machine. Ability to block software by path and/or hash. You can also give people a warning saying "We're gonna nuke dropbox in 2 days if you keep it on here!"

  • Agent-based install gives you ability to chat with users, remote control systems, send announcements, drop to a command line at a target machine, etc.

  • Reports - you can create a report for just about anything under the sun like AD group changes, user logon reports, users that are disabled/expired, and on and on...

  • Email alerts - I think you can trigger an email alert for just about ANYTHING that happens in the environment.

...more on today's episode!

Jaksot(705)

7MS #33: ProXPN (audio)

7MS #33: ProXPN (audio)

This episode's all about a cool product called ProXPN that I use to encrypt/anonymize my traffic for various reasons. Not a sponsored episode or anything like that, but I am a fan of this service :-). Download: 7MS #33: ProXPN (audio)

7 Marras 20147min

7MS #32: OSCP – part 3 (audio)

7MS #32: OSCP – part 3 (audio)

Been a while since I shared an update on OSCP progress. It's going good but…slow. However, I do have one (maybe obvious) tip to share that I hope will save you a ton of time. Download: 7MS #32: OSCP – part 3 (audio)

1 Marras 20147min

7MS #31: Network Detective (audio)

7MS #31: Network Detective (audio)

Network Detective is a tool we've been using as kind of an addendum to our full security assessment. It gives some nice, plain-English Excel spreadsheets and Word docs that report on AD health and structure, PC inventory and open ports, AV clients that aren't working right, and a whole lot more. Download: 7MS #31: Network Detective…

25 Loka 20147min

7MS #30: Managing Privileged Accounts (audio)

7MS #30: Managing Privileged Accounts (audio)

Most organizations I talk to have no idea where their privileged accounts are used across the network. I recently saw a demo of a solution called CyberArk, which seems to address that problem. Download: 7MS #30: Managing Privileged Accounts (audio)

18 Loka 20147min

7MS #29: Follow Up Then (audio)

7MS #29: Follow Up Then (audio)

This isn't necessarily related to security, but it's about one of my favorite tools to keep my todos organized: FollowUp Then! Download: 7MS #29: Follow Up Then (audio)

11 Loka 20147min

7MS #28: Infosec for Kids? (audio)

7MS #28: Infosec for Kids? (audio)

This is more of a random, wondering aloud type of episode as I think about raising my kids with infosec in mind. Specifically, what's life going to be like for them growing up in an Internet-soaked world where there are constantly text/video/photos of them going online – to stay forever? Download: 7MS #28: Infosec for Kids?…

27 Syys 20147min

7MS #27: Backing Up with CrashPlan (audio)

7MS #27: Backing Up with CrashPlan (audio)

Hey, when it comes to backups…uh…you should have them! This is a NON-endorsed/sponsored episode about my personal favorite backup service called CrashPlan. Download: 7MS #27: Backing Up with Crashplan (audio)

20 Syys 20147min

7MS #26: The Importance of Training and Awareness (audio)

7MS #26: The Importance of Training and Awareness (audio)

Training and awareness – specifically as it relates to infosec – is something companies can't spend enough $ on. But from my experience, not enough of them are making this a front-burner priority. This episode talks about one topic I'm particularly passionate about. I call it "How not to click on bad stuff." Download: 7MS #26:…

13 Syys 20147min

Suosittua kategoriassa Politiikka ja uutiset

rss-ootsa-kuullut-tasta
aikalisa
tervo-halme
ootsa-kuullut-tasta-2
politiikan-puskaradio
viisupodi
rss-podme-livebox
et-sa-noin-voi-sanoo-esittaa
rss-vaalirankkurit-podcast
otetaan-yhdet
aihe
linda-maria
the-ulkopolitist
rss-polikulaari-humanisti-vastaa-ja-muut-ts-podcastit
rss-hyvaa-huomenta-bryssel
radio-antro
rss-valiokunta
rss-kaikki-paskaksi-ystavat
rss-kuka-mina-olen
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset