You can't secure what you don't acknowledge.SM

Thursday, May 1, 2014

Running vulnerability scans over VPN connections

If you haven't yet, you'll likely run into a situation where you need to run vulnerability scans over a VPN connection (i.e. for remote office networks). Well, certain scanners won't scan over "raw sockets" - the underlying communication method for certain VPN connections. Other scanners can't even connect to a remote network at all because they're caught up in their own little virtual machines that you cannot add a VPN client to.

If you're faced with this situation, check out GFI LanGuard (currently in version 2014). LanGuard works like a charm over various VPN connections. I have found that when performing unauthenticated scans LanGuard typically doesn't find as many relevant vulnerabilities as other scanners but its authenticated scans of Windows and Linux systems are very good. I have some clients that use LanGuard for patch management with positive results as well. Definitely a worthy tool!


Wednesday, April 30, 2014

Things that impact careers in information security

Here are some recent pieces I've written that can make or break your success in information security:

Open your eyes and you’ll see the light

Steering your career as a desktop admin in the mobility age

The mindset of everyday employees and their impact on security

Why a CIO's relationship with enterprise IT security is important

Be sure to check out the hundreds of security articles, webcasts, and more I've written/developed over the past 12 years at principlelogic.com/resources.
Be sure to go to principlelogic.com/resources for links to hundreds of security resources I've written/developed over the past decade+. - See more at: http://securityonwheels.blogspot.com/#sthash.PLfJQfID.dpuf

Be sure to go to principlelogic.com/resources for links to hundreds of security resources I've written/developed over the past decade+. - See more at: http://securityonwheels.blogspot.com/#sthash.PLfJQfID.dpuf