Session Title:   Vulnerability Scanning and Service Reduction

Abstract:   Abstract There is a common thread running through security circles. The perimeter is softening. Gone are the days of the firewall being the most important device on the network for security. Standard network functionality like VPN's, Web Interfaces, Citrix, Extranets and more mean the the hole the firewall is plugging is not the only way in. Just ask Microsoft. Rather than patching yourself silly, here's a silly idea. How about running less stuff and knowing what you run, that way when the next attack comes along, there is less for the bad guys to attack, and less for you to manage. Vendors don't always like this approach, it says "we dont't trust your stuff". But the reality is that we dont, and this works. Reduced attack surface, and knowing what you have to protect, make it much easier to sleep at night. This presentation is on how to find out what is running on your network, and what risks it poses. Managing it, well that's up to you.

 

Speaker:  Paul            Young

Level: 400