Vulnerability management involves identifying and addressing weaknesses in computer systems or networks to prevent cyberattacks.
For example if a software program has a known security flaw that hackers could exploit to gain unauthorized access, vulnerability management would entail regularly updating the software with patches or fixes provided by the manufacturer to close that vulnerability and reduce the risk of a successful cyberattack. Additionally, vulnerability management may involve conducting regular security scans and assessments to identify potential weaknesses before they can be exploited by malicious actors.
Register Nessus and Download the Windows Server👇
Create your Account and Sign up after that you ready to Go đź‘Ť
Setup your VMware with Windows 10 then you have to use "Command Prompt" for confirming ipadress of your VMware so type ipconfig
Now you have to ping the ipv4 address with your personal computer so lets type ping 10.0.0.189 -t in personal computer command prompt đź‘Ť ( note: -t keep going it untill i stop it )
So now lets go to VMware and OFF firewalls 🔥
Click on Windows defender firewall properties đź‘Ť
Click "OFF" Firewall state on Domain profile , Private profile , Public profile đź‘Ť
Go go Nessus (web app) Click create Scan👇
Click to "Basic Network scan" 👇
Name it and Paste the Ip address and save it👇
Now we can see in "My Scans" and it will show up this bar, Go to Right and Click "Launch" button✅ After That Click on Today at 10:47 AM you can see Its Running👇
It will scan up your computer without you enter your credentials but if you want Deep Scan then you need to Give your credentials👇
After the Scan complete you will see a check mark ✔️ Click on that👇
Here you. an see Scan details 👇
Go to Vulnerabilities and visit the things you want to cover and you can see all the details with problems and solutions,
Now, the above provided steps are without credentials lets check setup with credentials đź‘Ť
- we are going to Setup VMware to be able to accept authenticated scans
- Provide some credentials to nessus
- After that we gonna rescan the VMware with credentials
- Compare the results
Open up your VMWARE >>> Search bar >>> Services(Local) >>> Remote Registry >>> Status = Automatic✅ 👇
Search bar >>> Network and sharing center >>> Advance sharing settings >>> TurnOn Network discoveryâś… and TurnOn File and printer sharingâś…
Search bar >>> User account center settings >>> Click OKâś…
We have to add a key that will allow the remote account to connect after connecting the registry we gonna add another key to further disable the remote account after we Scan đź‘Ť
- To open this Go to windows 10 search bar
- type "regedit"
- Select Registry editor (Desktop app)
- Computer
- HKEY_LOCAL_MACHINE
- SOFTWARE
- Microsoft
- Windows
- Current version
- Policies
- system
- Create a new file (LocalAccountFilterPolicy)
- set this value to 1
- then "Ok"
- Close it
- Go and restart your Windows 10 VMwaređź‘Ť
Now our window 10 is ready for scan So, Open your windows 10 with your password (Remenber the password)
-
After login go to Nessus
-
Open up your scan which is Windows 10 Single host
-
Move to Right corner Click more
-
Configuration
-
Click to Credentials >>> Give your admin (Windows10VMwarename) and password (whatever you created) and save
-
Now run the scan one more time and wait few minutes for taking time đź‘Ť
Now after scanning lets check the results and compare them
VPR Top Threats ⚠️ ( Provides priorities view of top 10 vulnerabilities to help guide and reduce risks )
Vulnerabilities ( provides more details about risks which is harmfull and you can dive into deep details of risks and their solutions by visiting the Vulnerabilities đź‘Ť
We learned ,
Risk Awareness: We gain a deeper understanding of the vulnerabilities present in our systems and applications, as well as the potential impact they could have on our organization if exploited.
Prioritization: We learn how to prioritize vulnerabilities based on factors such as severity, exploitability, and potential impact on business operations, allowing us to allocate resources more effectively.
Proactive Approach: We understand the importance of taking a proactive approach to cybersecurity by regularly scanning for vulnerabilities, rather than reacting to breaches after they occur.
Collaboration: We recognize the value of collaboration between IT, security teams, and other stakeholders to effectively identify, assess, and remediate vulnerabilities across the organization.Continuous Improvement: We acknowledge that vulnerability management is an ongoing process and that continuous improvement is necessary to adapt to emerging threats and evolving technology landscapes.
Compliance: We learn how vulnerability management practices align with regulatory requirements and industry standards, ensuring that our organization remains compliant and avoids potential fines or penalties.
the successful completion of the vulnerability management project has significantly enhanced our organization's cybersecurity posture. Through assessment, prioritization, and remediation of vulnerabilities, we have fortified our defenses against potential threats, minimized risk exposure, and safeguarded sensitive assets. Moving forward, continued vigilance, regular updates, and proactive measures will be essential to sustain this strengthened security framework and adapt to evolving threats in the dynamic digital landscape.