7MS #417: Vulnerability Scanning Tips and Tricks

Today's episode is all about getting the most value out of your vulnerability scans, including:

• Why, IMHO you should only do credentialed scans

• Policy tweaks that will keep servers from tipping over and printers from printing novels of gibberish ;-)

• How to make your scan report more actionable and less unruly

• Turning up logging to 11 (use with caution!)

• A small tweak to an external scan policy that can result in the difference between a successful or failed scan

• The nessusd.rules file is awesome for excluding specific hosts and services from your scans