7MS #279: Patching Solutions Bake-Off - Part 4
7 Minute Security28 Sep 2017

7MS #279: Patching Solutions Bake-Off - Part 4

Intro

The patching solutions review concludes this week with Ivanti's patch solution, as well as PDQ Deploy/Inventory.

As a quick reminder, here's where our bake-off currently sits:

Quick reminder: none of these solutions are bribing me with fat wads of cash to plug their products. Some day I hope to have such problems, but today is not that day.

Ivanti

You might know Ivanti as Shavlik - that's the product name I'm more familiar with anyways. Back in February, Shavlik became Ivanti.

Pros

  • Pretty easy to install and manage - even without a deep background in IT (in today's episode I tell a story that can back this claim based on my experience)

  • Does a solid job of applying patching Windows OS and third party

Cons

  • Pricing is a little steep - last figures I saw were ~$80 per server, per year and ~$40 per workstation, per year.

  • ITScripts library (that allows for GPO-style policy enforcement) is a little slim when compared to similar functionality offered from other solutions

PDQ Deploy/Inventory Pros

  • Lets you crazy with building custom packages you can deploy to granular groups

  • Awesome online help resources, including a YouTube video library that's got a video for just about everything

  • Quick response to support tickets

Cons

  • A bit more complicated to get comfortable with than the other solutions

  • A little confusing on the Windows patching side - not quite as "point and patch" as some of the other solutions

  • Agentless system - machines have to be able to "see" the PDQ

Avsnitt(690)

7MS #121: Migrating from Tumblr to Ghost-Part 2

7MS #121: Migrating from Tumblr to Ghost-Part 2

Part 2 concludes my journey in moving 7ms.us from Tumblr to a Digital Ocean droplet running Ghost. Here are the key resources mentioned during the podcast: How to run multiple Ghost blogs on one DI VPS. The key takeaway here was that I had to upgrade to the $10 droplet (I did a "flexible" resize to add more proc/memory) and then the second instance of Ghost installed fine. Turning on CloudFlare SSL was easy. I chose flexible SSL since I wasn't using a "real" cert. I also wrote a rule to force HTTPs for all connections. And, just for grins, I turned on DNSSEC. Because...why not? :-) I picked a strong root password for my DI droplet, but I still don't like the idea of IPs banging on that connection all day and night. I followed this article on installing Fail2Ban to prevent my SSH login from being abused. There are a few IPs that I want to perma-ban, so I'm going to look throughthis article and this one which looks a tad easier. You can subscribe to the 7 Minute Security podcast here.

19 Dec 20158min

7MS #120: THE PURGE!

7MS #120: THE PURGE!

Announcing the 7MS PURGE! I've got a back log of episodes banked and I want to get caught up for the new year. So I'm going to release one (or maybe more) episodes per day between now and 2016. Plus (spoiler alerts!) in 2016 we're moving to a Monday/Wednesday/Friday release schedule. Yep, 7MS three times a week - thanks for the idea, mom! Subscribe to 7MS on iTunes here.

18 Dec 20152min

7MS #119: Migrating from Tumblr to Ghost-Part 1

7MS #119: Migrating from Tumblr to Ghost-Part 1

In this episode I talk about my adventures in moving my brianjohnson.tv Tumblr content over to a Digital Ocean hosted droplet running Ghost. I think you'll want to check this episode out, because in part 2 I talk about the challenges I faced in hosting multiple Ghost instances on one DI droplet. I will also be talking about how to enable CloudFlare SSL (for free!) as well as enabling Fail2Ban to keep annoying people/IPs from brute forcing your SSH root account!

17 Dec 20158min

7MS #118: Should Phishing be Fair?

7MS #118: Should Phishing be Fair?

This episode discusses an important and rhetorical (to me) infosec question: Should phishing campaigns be "fair?"

15 Dec 20157min

7MS #117: OFFTOPIC-Alive Inside

7MS #117: OFFTOPIC-Alive Inside

Today I talk about one of the most moving films I've ever seen - a documentary called Alive Inside.

10 Dec 20157min

7MS #116: Tips for a Succesful Vulnerability Scan

7MS #116: Tips for a Succesful Vulnerability Scan

In this episode I complain about getting stuck in NY for two days, and also how to efficiently scan for vulnerabilities when your time is crunched.

8 Dec 201514min

7MS #115: OFFTOPIC-Love and Mercy

7MS #115: OFFTOPIC-Love and Mercy

We're going off-topic today and talking about the new(ish) movie about Brian Wilson's life called Love and Mercy.

4 Dec 20157min

7MS #114: PCI Pentesting 101-Part 3

7MS #114: PCI Pentesting 101-Part 3

Part 3 on my series about PCI pentesting. Yeah. That.

2 Dec 20157min

Populärt inom Politik & nyheter

svenska-fall
p3-krim
rss-krimstad
fordomspodden
rss-viva-fotboll
flashback-forever
aftonbladet-daily
rss-sanning-konsekvens
rss-vad-fan-hande
olyckan-inifran
dagens-eko
krimmagasinet
rss-frandfors-horna
rss-krimreportrarna
motiv
rss-expressen-dok
svd-dokumentara-berattelser-2
svd-nyhetsartiklar
blenda-2
spotlight