1 Remediation Workflow Automated Email Scan Reports Patch Report Remediation Policies Remediation Tickets API Custom Report Templates.

Slides:



Advertisements
Similar presentations
1 Capability Set - Detail. 2 Common Content Problems Content Mayhem –File management and storage confusion Content Multiplication –Editing déjà vu - same.
Advertisements

September 2, 2013 VM Evolution via API Parag Baxi, Technical Account Manager.
Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.
Microsoft Office 4/16/2017 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
DOCUMENT MANAGEMENT ZETA ERP.
ECM Base Compliance Input Messaging & Alert Compliance dashboard Compliance Monitoring Internal & External Audit Tracking Access Control Compliance & Financial.
GLOCO – Integrated Corporate Portal Final Presentation Presented by Team 3 1 Team 3 Members: Joyce Torres Kenneth Kittredge Pamela Fisher Ruzhena Saltisky.
Is Your IT Out of Alignment? Chargeback and Billing with Parallels Automation Brian Shellabarger, Chief Architect - SaaS.
Microsoft Office Access 2007 A rich client for Windows SharePoint Services 3.0 Mark Bower Senior Consultant Microsoft UK
Content Management and Process Automation Presented by Mark Chambers SE Regional Manager Document Imaging Solutions, Inc.
VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Secure Search Engine Ivan Zhou Xinyi Dong. Project Overview  The Secure Search Engine project is a search engine that utilizes special modules to test.
Enterprise Sense PACS System. Contents PACS Server Modality Worklist Server Online PACS Adnministration DICOM File Importer DICOM.
Online Search Marketing OMI Certification Course – Discovery Documentation.
Alfresco – An Open Source Content Management System - Bindu Nayar, Bhavana Mohanraj.
What is BAM?. :Contents *Definition *Description *Goals and benefits *BAM Applications *BAM components.
1 Talal Abu Ghazaleh Information Technology International (TAG-ITI)
What’s New in Sage SalesLogix V Release Overview Sage SalesLogix v7.5.2 focuses on: −User Enhancements streamline the user experience furthering.
Deploying Vulnerability Management and Policy Compliance on a Global Scale ON TIME – ON BUDGET – ON DEMAND Implementation Best Practices by David French.
Developing Workflows with SharePoint Designer David Coe Application Development Consultant Microsoft Corporation.
Mark Jones Senior Product Manager How Automation Can Help You: Use Cases for NetIQ Aegis™
Chris Wright Senior Systems Engineer, Lucity IMPORT & UPDATE.
Data File Access API : Under the Hood Simon Horwith CTO Etrilogy Ltd.
The Microsoft Baseline Security Analyzer A practical look….
1 © 2008 Avaya Inc. All rights reserved. IPOffice Configuration Service Emil Ratnam.
Microsoft SharePoint Server 2010 for the Microsoft ASP.NET Developer Yaroslav Pentsarskyy
Welcome To Business Summary DiveIn Incorporated is a small company that specializes in the sales of swimming pools supplies to homeowners by mail order.
7-1 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Chapter 7 IT Infrastructures.
What is new in SD What is New in ServiceDesk 7.1 Mark Hopper Technical Field Enablement.
It’s all about your mission. Francis Scudellari Trish Perkins Cloud Consultants Validation.
Paul Butterworth Management Technology Architect
Developing Policy and Procedure Management System إعداد برنامج سياسات وإجراءات العمل 8 Safar February 2007 HERA GENERAL HOSPITAL.
The CMS Data Navigator Marc Wynne, Senior Advisor Office of Enterprise Management CMS.
Gathering, Integrating and Analyzing Usage Data: A look at collection analysis tools and usage statistics standards, and important questions to consider.
VEGA TERRY WELLIVER GREG SYME JUANA WELLS NAVAL POSTGRADUATE SCHOOL.
GLOCO – Integrated Corporate Portal Final Presentation Presented by Team 3 1 Team 3 Members: Joyce Torres Kenneth Kittredge Pamela Fisher Ruzhena Saltisky.
Stanislaus County Employee Access DataStore Application Presented By: Melanie Lema, Information Technology Unit Stanislaus County Department of Child.
Analyze This: Translating Business Needs into Technical Solutions
Ontolica Fusion 4.0 The easy Automation Tool for SharePoint Steen Jakobsen Fusion Principal Architect
17 Copyright © 2006, Oracle. All rights reserved. Information Publisher.
© Akaza Research, LLC : 1 :: 10 Professional open source for clinical research.
The Basics of Protecting Electronic Personal Health Information Greg Nance - CISSP, CRISC, CISA, ITIL Information Security Governance, Risk and Compliance.
«My future profession»
SharePoint 101 – An Overview of SharePoint 2010, 2013 and Office 365
OIT Security Operations
Let's talk about Linux and Virtualization in 'vLAMP'
Stop Those Prying Eyes Getting to Your Data
Overview – SOE PatchTT November 2015.
Streamlined publishing through the cloud with HTML5
IT Services Portfolio Todd Endicott – Senior Network and System Engineer Mary Monroe – Implementation Engineer.
SERVICENOW INTEGRATION online Training in Hyderabad
SERVICE NOW online Training at GoLogica
Best Practices for IW Document Management with SharePoint 2007
Presenter: Karoline Lapko
Content Management Systems
Microsoft Ignite NZ October 2016 SKYCITY, Auckland.
Wavestore Integrates…
Wavestore Integrates… Paxton Net2 Access Control
eCopy PDF Pro Office Integration with iManage Work.
ILMT/BigFix Inventory Demo
Web Site Analytics with Google Analytics
Herding Cats and Security Tools
1 5 Identify Connect Leverage MOBILE-READY SINGLE PLATFORM
Campus Software Deployment Solution
A simple and secure single sign-in authentication service, designed to help businesses prove who they are when transacting with public services online.
Final Design Authorization
COMPLETE BUSINESS TEXTING SOLUTION
QG Vulnerability Management Module
Presentation transcript:

1 Remediation Workflow Automated Scan Reports Patch Report Remediation Policies Remediation Tickets API Custom Report Templates

2 Remediation Workflow Automated QGIR (QualysGuard Integration with Reporting)

3 Sample Reporting Issue

4 QualysGuard tickets are grouped by QID in Reporting. This enables easy patching. To further ease the administrative burden we utilize the patch report to consolidate vulnerabilities. QGIR tracks metrics against all offices fairly. All participating offices are given the same time frame and opportunity to remediate vulnerabilities. Further rounds supersede existing tickets. All unresolved Reporting tickets from the previous round are marked incomplete and the remaining vulnerabilities will be included in the new round. Create the tickets into Reporting, a JIRA ITIL-aligned implementation. With Landesks ability to patch multiple hosts for the same vulnerability, it makes sense to group by QID. Store the vulnerabilities and associated Reporting tickets in a separate database to allow for proper verification. QualysGuard vulnerabilities of the same QID for the same office are assembled into a CSV containing pertinent information. QGIR Workflow – Issue Vulnerabilities

5 QGIR Verify Workflow QGIR verification will reopen all QGIR Reporting issues that still have vulnerable hosts. For example, lets say Site A had 2 QGIR tickets in Reporting, and each of those QGIR tickets had 10 vulnerable hosts. If one host in both QGIR tickets was not fixed for either vulnerability then both tickets will be reopened. QGIR will verify that all hosts in each ticket that was marked resolved has, in fact, removed the vulnerability.

6 QGIR Verify Workflow – Attachments

7 QGIR Verify – Decommissioned Hosts QGIR verification will reopen all QGIR Reporting issues that still have vulnerable hosts. Therefore, all QualysGuard remediation tickets associated with decommissioned hosts must be removed. Note the search by NetBIOS name is not an exact search. It will return remediation tickets containing the NetBIOS name. For example, a NetBIOS search of USNYSMITHGE1 will also return tickets associated with hostname, USNYSMITHGE11. Remove these false positives by parsing the resulting XML file. QualysGuard will not report a very real, but previously discovered vulnerability on a replacement host with the decomissioned IP/hostname. The ticket must be deleted.

8 Parag Baxi, CISA, CISM, CISSP, CRISC, PMP Employee, Qualys Senior Security Engineer, Ogilvy & Mather Architected ITIL-aligned worldwide VM QualysGuard implementation with heavy emphasis on automation, ROI and security best practices. Over 10 years of enterprise experience at UMDNJ, EDS, HP Enterprise Services (consultancy for The Federal Reserve Bank of New York), and Google. Advocate and active contributor of the Qualys community. Published open-source QualysGuard integration code. B.S. degree in Computer Science from Rutgers University. Thank you!