Jun 4, 2020
Today's episode is all about getting the most value out of your vulnerability scans, including:
Why, IMHO you should only do credentialed scans
Policy tweaks that will keep servers from tipping over and printers from printing novels of gibberish ;-)
How to make your scan report more actionable and less unruly
Turning up logging to 11 (use with caution!)
A small tweak to an external scan policy that can result in the difference between a successful or failed scan
The nessusd.rules file is awesome for excluding specific hosts and services from your scans