Campus-Wide Vulnerability Scanning

Wednesday, May 16 | 2:00PM–3:00PM | White River Ballroom C
Session Type: Professional Development
Scanning a campus network for vulnerabilities and managing the results can be a tedious task. Even a moderately sized network produces too much information to process manually or without a logical management system. We'll discuss two approaches to addressing this issue. Ohio University takes a centrally managed approach and looks at each device as it comes on the network. Scanning is initiated automatically using Nessus and custom-built scripts. At the University of Arizona, scanning is done by departmental IT personnel, with the project managed by the Information Security office. The focus is on servers and applications and involves scheduled scans, training, and remediation consultations. Both methods present challenges that must be overcome. Come discuss these and other issues concerning campus-wide vulnerability scanning.

Presenters

  • Kelley Bogart

  • Ed Carter

    Senior Director & Chief Information Security Officer, Ohio University

  • Tom Conley

    Information Security Officer, University of Colorado Colorado Springs

  • Gil Salazar

Resources & Downloads

UA Presentation
1 MB, Powerpoint Slides
Uploaded on 03/25/2015
Template for Server Inventory
10 KB, Microsoft Office Spreadsheet
Uploaded on 09/08/2013