This project series demonstrates vulnerability management using Tenable.io. The labs include authenticated scanning, unauthenticated scanning, agent based monitoring, discovery scans, manual remediation, PowerShell remediation, and validation scans.
- Vulnerability scanning
- Authenticated and unauthenticated scanning
- Windows and Linux remediation
- Tenable.io scan configuration
- Agent based monitoring
- Risk analysis
- Remediation validation
- Technical documentation
- Tenable.io
- Windows 11
- Linux
- Microsoft Azure
- PowerShell
- Virtual machines
| Lab | Description |
|---|---|
| Authenticated and Unauthenticated Scans on Windows | Compared scan results with and without credentials on a Windows target |
| Authenticated and Unauthenticated Scans on Linux | Compared scan results with and without credentials on a Linux target |
| Using a DISA STIG Scan Template | Used a compliance focused scan template to assess system hardening |
| Agent-Based Monitoring: Windows | Deployed and reviewed agent based monitoring on Windows |
| Agent Based Monitoring Linux | Deployed and reviewed agent based monitoring on Linux |
| Discovery Scan: Entire Cyber Range Subnet | Identified active hosts and services across a cyber range subnet |
| Manual Vulnerability Remediation on Windows | Reviewed scan findings and manually remediated Windows vulnerabilities |
| Manual Vulnerability Remediation on Linux | Reviewed scan findings and manually remediated Linux vulnerabilities |
| Programmatic Remediation in Windows PowerShell | Used PowerShell to remediate Windows findings and validate results |
| Programmatic Remediation in Linux (BASH Scripting) | Used Bash scripts to remediate Linux findings and validate results |
| Simulated the implementation of a comprehensive vulnerability management program, from the initial planning phase all the way to completion. |
The goal of this project series is to show the full vulnerability management lifecycle: identify assets, scan systems, analyze findings, remediate issues, and validate that the risk was reduced.
