Beth Pariseau · @BPariseau
318 followers · 143 posts · Server hachyderm.io@chainguard Enforce now automates #SBOMs, but execs and an early customer say they aren't the ultimate answer to #softwaresupplychainsecurity.
#vulnerabilityscanning #softwaresecurity #cybersecurity #containerimages #chainguardimages #wolfi
#SBOMs #softwaresupplychainsecurity #vulnerabilityscanning #softwaresecurity #cybersecurity #containerimages #chainguardimages #Wolfi
Karoly Kass · @karolykassjr
11 followers · 18 posts · Server mstdn.social
ππ’ @Docker 4.17.0 (99724) update includes early access to Docker Scout. π§π΅οΈ
π https://docs.docker.com/scout/
#dockerπ #DockerPro #DockerScout #DockerCommunity #SoftwareSupplyChain #DevSecOps #DevOps #InfoSec #containers #security #VulnerabilityScanning #CVE
#cve #vulnerabilityscanning #Security #containers #InfoSec #DevOps #devsecops #softwaresupplychain #DockerCommunity #dockerscout #dockerpro #Docker
Karoly Kass · @karolykassjr
12 followers · 23 posts · Server mstdn.socialππ’ @Docker 4.17.0 (99724) update includes early access to Docker Scout. π§π΅οΈ
π https://docs.docker.com/scout/
#dockerπ #DockerPro #DockerScout #DockerCommunity #SoftwareSupplyChain #DevSecOps #DevOps #InfoSec #containers #security #VulnerabilityScanning #CVE
#cve #vulnerabilityscanning #Security #containers #InfoSec #DevOps #devsecops #softwaresupplychain #DockerCommunity #dockerscout #dockerpro #Docker
acrypthashπ¨π»βπ» · @acrypthash
301 followers · 284 posts · Server infosec.exchangeHas anyone used vPentest.io before? I just finished building out our agent and am waiting for the SOC to try it. I'm curious of the results compared to openVAS.
Happy Friday!
#soc #vulnerabilityscanning #vpentest #openvas #security
reimerex · @reimerex
4 followers · 18 posts · Server infosec.exchange
[ #AdventOfCyber2022 #tryhackme] Day 4
In Day 4 Tasks, we learn on how to do #scanning
Scanning is procedure to identify living hosts, ports, and services running on specify target.
There are 2 types of scan based on their intrusiveness:
1. #passivescan
Passive scan is scanning without touching/interacting directly with the target device. The scan usually done being capturing packages using #wireshark. However, the information you can get are fairly limited.
2. #activescanning
Active scan is scanning that interacting directly with the target service, usually by sending pocket to specific asset. The scanning will immediately do a deep scan to get a lot of information from the target.
Several #scanning techniques:
1. #networkscanning
The scan that aimed to map the entire network of the target. When an attacker has mapped the entire network of their target, they can launch #exploit through the weakness of enemy network.
2. #portscanning
The scan that aimed to look for any open port that capable of sending and retrieving request/data.
3. #vulnerabilityscanning
The scan that aimed to identify what kind of #vulnerability existed on the network that may threaten the system.
Tools to do scanning:
1. #nmap
NMAP is one of the most popular tool used for scanning a network. It can be used to scan open ports, open #networkprotocols , open #services, running #operatingsystem, etc.
2. #nikto
Nikto is a open source that can be used to identify #website for #vulnerability. It allows to search a #website for their subdomains, outdated servers, #debug messages, and many more.
#adventofcyber2022 #tryhackme #scanning #passivescan #wireshark #activescanning #networkscanning #exploit #portscanning #vulnerabilityscanning #vulnerability #nmap #networkprotocols #services #operatingsystem #nikto #website #debug
DJ Schleen · @djschleen
20 followers · 13 posts · Server fosstodon.org
Just released a new version of DKFM bomber (the SBOM vulnerability scanner) that includes a ton of bug fixes, documentation improvements, and improved summary output. Youβll now see the list of files bomber has scanned through and their hashes. #sbom #vulnerabilityscanning #opensource
#SBOM #vulnerabilityscanning #opensource
Olivier Duquesne aka DaffyDuke · @daffyduke
485 followers · 37712 posts · Server mamot.frRT @Hakin9@twitter.com
NERVE is a vulnerability scanner tailored to find low-hanging fruit level vulnerabilities, in specific application configurations, network services, and unpatched services.
#vulnerabilityscanning #hacking #cybersecurity
https://hakin9.org/nerve-network-exploitation-reconnaissance-vulnerability-engine/
π¦π: https://twitter.com/Hakin9/status/1349823603408191488
#cybersecurity #hacking #vulnerabilityscanning
ITSEC News · @itsecbot
687 followers · 32461 posts · Server schleuss.online
TrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions - A new "TrickBoot" module scans for vulnerable firmware and has the ability to read, write and eras... https://threatpost.com/trickbot-returns-bootkit-functions/161873/ #vulnerabilityscanning #read-writeeverything #firmwareinspection #vulnerabilities #malwareanalysis #rweverything #eclypsium #microsoft #trickboot #advintel #firmware #takedown #trickbot #malware #bootkit #botnet #bios #uefi
#uefi #bios #botnet #bootkit #malware #trickbot #takedown #firmware #advintel #trickboot #microsoft #eclypsium #rweverything #malwareanalysis #vulnerabilities #firmwareinspection #read #vulnerabilityscanning