Powershell Qualys Get Asset Group Info Part 2

Today I decided to write another post regarding PowerShell and Qualys Vulnerability Management API. This post will focus on gathering information about your enrolled Asset Groups. You can find the complete script on GitHub: https://github.com/MSAdministrator/POSH-Guard/blob/master/Get-QualysAssetGroupInformation We start of by opening up PowerShell ISE and using our handy “Snippet” shortcut: We select the “Cmdlet (Advanced function) - complete” option in the “Snippet” context menu. Once we have our advanced function template, we then proceed by entering a name for our Qualys Asset Group function. Continue reading

Powershell Qualys Authentication Part 1

I always mean to post more on my blog, but as life gets in the way and work keeps me busy, I always seem to push it to the back-burner. This time, I am hoping to make it stick as a regular routine. To kick off my new-found motivation to blog more, I am starting a series of posts surrounding PowerShell and Qualys Vulnerability Management API. To start this off, first I’m going to share some my basic steps with regards to authentication to Qualys VM API v1. Continue reading

Presentation Securing Windows With Group Policy

Recently I gave a presentation at MORENet’s 2015 Annual Conference about “Securing Windows with Group Policy”. This presentation was part of their “Advanced” technology track, and really focused on looking at the current permission levels of your users and deciding if they really need those rights/permissions. I hope some people find these slides useful or at least a good reference point. If you have any questions about these slides then please do not hesitate to contact me by leaving a comment below. Continue reading

Qualysguard Decentralized It How to Organize Your Assets

I work for a University with a decentralized IT department: each college, division, department, etc maintains their users. As a security department who maintains QualysGuard, we were wanting each department to scan their own assets and re-mediate all vulnerabilities found in these scans based on the following policy: Level 4 and Level 5 vulnerabilities must be re-mediated within 15 days Level 3 vulnerabilities must be re-mediated within 30 days Level 2 vulnerabilities must be re-mediated within the next semesters Level 1 vulnerabilities must be re-mediated whenever possible WIth this policy in mind, we began rolling out our QualysGuard service using the following methods. Continue reading

Windows Security Publicprivate Key Exchange Basics

My wife and I saw CITIZENFOUR yesterday during a secret screening. If you have not had the chance to see this movie, please do so as soon as you can - it’s a great documentary! The only complaint I have about the film is that they do not explain Cryptography or Encryption for the “normal” folks. When the film ended, I looked around and their were many non-technical people (including older individuals). Continue reading

Windows Security Server Hardening Security Templates

Hardening your systems (Servers, Workstations, Applications, etc.) ensures that every system is secured in accordance to your organizations standards. Microsoft has a “Solution Accelerator” called Security Compliance Manager that allows System Administrators or IT Pro’s to create security templates that help harden their systems in a manageable, repeatable, way. In addition to SCM, you can build your own by using the standard MMC console and adding the Security Templates Snap-In to the console - this gives you a more refined configuration, but can be cumbersome. Continue reading

Windows Security Patch Management

Recently, at work, I nominated myself to begin a “Windows Security” course for IT Professionals that I work with. Being a former IT Pro, and now part of our security department as an Incident Responder, I thought I would create a course surrounding security. So, i’m going to use my blog to layout my plans for this “Windows Security” course - which will hopefully be useful for others as well. Continue reading