Campus-Wide Vulnerability Scanning
Wednesday, May 16 | 2:00PM–3:00PM | White River Ballroom C
Session Type: Professional Development
Scanning a campus network for vulnerabilities and managing the results can be a tedious task. Even a moderately sized network produces too much information to process manually or without a logical management system. We'll discuss two approaches to addressing this issue. Ohio University takes a centrally managed approach and looks at each device as it comes on the network. Scanning is initiated automatically using Nessus and custom-built scripts. At the University of Arizona, scanning is done by departmental IT personnel, with the project managed by the Information Security office. The focus is on servers and applications and involves scheduled scans, training, and remediation consultations. Both methods present challenges that must be overcome. Come discuss these and other issues concerning campus-wide vulnerability scanning.