[Script Info]
Title: 
[Events]
Format: Layer, Start, End, Style, Name, MarginL, MarginR, MarginV, Effect, Text
Dialogue: 0,0:00:00.00,0:00:01.60,Default,,0000,0000,0000,,Hey everybody, Josh here. Welcome back to
Dialogue: 0,0:00:01.60,0:00:03.52,Default,,0000,0000,0000,,my channel. I do a lot of videos on IT
Dialogue: 0,0:00:03.52,0:00:05.60,Default,,0000,0000,0000,,cyber security education and career
Dialogue: 0,0:00:05.60,0:00:07.52,Default,,0000,0000,0000,,things, and today's video is going to be
Dialogue: 0,0:00:07.52,0:00:09.28,Default,,0000,0000,0000,,on vulnerability management. We're
Dialogue: 0,0:00:09.28,0:00:10.16,Default,,0000,0000,0000,,actually going to be doing a
Dialogue: 0,0:00:10.16,0:00:12.00,Default,,0000,0000,0000,,vulnerability management lab where we
Dialogue: 0,0:00:12.00,0:00:13.84,Default,,0000,0000,0000,,install Nessus Essentials and we install
Dialogue: 0,0:00:13.84,0:00:15.68,Default,,0000,0000,0000,,VMware Workstation Player, and set up
Dialogue: 0,0:00:15.68,0:00:18.00,Default,,0000,0000,0000,,Windows 10 inside of a VM, install some
Dialogue: 0,0:00:18.00,0:00:19.92,Default,,0000,0000,0000,,old deprecated software on it, and then
Dialogue: 0,0:00:19.92,0:00:21.12,Default,,0000,0000,0000,,we're going to be doing some
Dialogue: 0,0:00:21.12,0:00:23.20,Default,,0000,0000,0000,,vulnerability scans against that virtual
Dialogue: 0,0:00:23.20,0:00:24.72,Default,,0000,0000,0000,,machine to kind of discover any
Dialogue: 0,0:00:24.72,0:00:26.40,Default,,0000,0000,0000,,vulnerabilities that might be on there,
Dialogue: 0,0:00:26.40,0:00:27.44,Default,,0000,0000,0000,,and then we're going to go ahead and
Dialogue: 0,0:00:27.44,0:00:29.36,Default,,0000,0000,0000,,remediate one or two of those just so we
Dialogue: 0,0:00:29.36,0:00:31.12,Default,,0000,0000,0000,,can kind of observe what's happening. I
Dialogue: 0,0:00:31.12,0:00:32.64,Default,,0000,0000,0000,,figured this would be a good video to do
Dialogue: 0,0:00:32.64,0:00:33.84,Default,,0000,0000,0000,,because there's like quite a few
Dialogue: 0,0:00:33.84,0:00:36.00,Default,,0000,0000,0000,,vulnerability management jobs on
Dialogue: 0,0:00:36.00,0:00:37.76,Default,,0000,0000,0000,,LinkedIn and I've gotten a
Dialogue: 0,0:00:37.76,0:00:39.60,Default,,0000,0000,0000,,lot of spam from recruiters for these
Dialogue: 0,0:00:39.60,0:00:41.60,Default,,0000,0000,0000,,type of positions, and actually the last
Dialogue: 0,0:00:41.60,0:00:43.36,Default,,0000,0000,0000,,real job I had I was a vulnerability
Dialogue: 0,0:00:43.36,0:00:45.36,Default,,0000,0000,0000,,management program manager for King
Dialogue: 0,0:00:45.36,0:00:47.12,Default,,0000,0000,0000,,County here in Washington State so I
Dialogue: 0,0:00:47.12,0:00:49.68,Default,,0000,0000,0000,,kind of did this on an ongoing basis for
Dialogue: 0,0:00:49.68,0:00:51.20,Default,,0000,0000,0000,,a while. Basically what vulnerability
Dialogue: 0,0:00:51.20,0:00:53.36,Default,,0000,0000,0000,,management is continuously assessing
Dialogue: 0,0:00:53.36,0:00:55.12,Default,,0000,0000,0000,,your assets, discovering vulnerabilities,
Dialogue: 0,0:00:55.12,0:00:57.52,Default,,0000,0000,0000,,remediating them to an acceptable risk,
Dialogue: 0,0:00:57.52,0:00:59.20,Default,,0000,0000,0000,,and then kind of starting the process
Dialogue: 0,0:00:59.20,0:01:00.64,Default,,0000,0000,0000,,over and over again to kind of make sure
Dialogue: 0,0:01:00.64,0:01:02.88,Default,,0000,0000,0000,,the risk in the whole organization is
Dialogue: 0,0:01:02.88,0:01:05.36,Default,,0000,0000,0000,,low or at least an acceptable level. So I
Dialogue: 0,0:01:05.36,0:01:07.28,Default,,0000,0000,0000,,think if you kind of watch this video
Dialogue: 0,0:01:07.28,0:01:09.20,Default,,0000,0000,0000,,and practice it a few times, you can get
Dialogue: 0,0:01:09.20,0:01:11.44,Default,,0000,0000,0000,,pretty good at it and get an idea of how
Dialogue: 0,0:01:11.44,0:01:13.20,Default,,0000,0000,0000,,vulnerability management might work in
Dialogue: 0,0:01:13.20,0:01:15.12,Default,,0000,0000,0000,,like a larger corporation. This is
Dialogue: 0,0:01:15.12,0:01:16.40,Default,,0000,0000,0000,,definitely something you can put on your
Dialogue: 0,0:01:16.40,0:01:20.16,Default,,0000,0000,0000,,resume. It might look something like this.
Dialogue: 0,0:01:22.00,0:01:23.68,Default,,0000,0000,0000,,So it will definitely help you out. So
Dialogue: 0,0:01:23.68,0:01:25.04,Default,,0000,0000,0000,,yeah, if you're excited to learn
Dialogue: 0,0:01:25.04,0:01:26.40,Default,,0000,0000,0000,,vulnerability management, consider
Dialogue: 0,0:01:26.40,0:01:28.08,Default,,0000,0000,0000,,smashing that like button and let's get
Dialogue: 0,0:01:28.08,0:01:29.52,Default,,0000,0000,0000,,started. So the first thing we're going
Dialogue: 0,0:01:29.52,0:01:31.36,Default,,0000,0000,0000,,to do is go ahead and
Dialogue: 0,0:01:31.36,0:01:33.84,Default,,0000,0000,0000,,download and install VMware Player. Now
Dialogue: 0,0:01:33.84,0:01:35.44,Default,,0000,0000,0000,,you probably want to have like a
Dialogue: 0,0:01:35.44,0:01:37.68,Default,,0000,0000,0000,,semi-decent computer to be able
Dialogue: 0,0:01:37.68,0:01:39.28,Default,,0000,0000,0000,,to do this, maybe like at least eight
Dialogue: 0,0:01:39.28,0:01:41.36,Default,,0000,0000,0000,,gigabytes of ram and maybe dual core
Dialogue: 0,0:01:41.36,0:01:42.64,Default,,0000,0000,0000,,or something. But if you don't know about
Dialogue: 0,0:01:42.64,0:01:44.56,Default,,0000,0000,0000,,any of that, just try to go ahead and do
Dialogue: 0,0:01:44.56,0:01:46.56,Default,,0000,0000,0000,,it, and if something fails, then it fails.=
Dialogue: 0,0:01:46.56,0:01:47.84,Default,,0000,0000,0000,,I suppose. But go ahead and download
Dialogue: 0,0:01:47.84,0:01:49.76,Default,,0000,0000,0000,,VMware Player. I'll put a link to this in
Dialogue: 0,0:01:49.76,0:01:51.92,Default,,0000,0000,0000,,the description. Just download
Dialogue: 0,0:01:51.92,0:01:53.52,Default,,0000,0000,0000,,for Windows. I'm not gonna do it again
Dialogue: 0,0:01:53.52,0:01:54.80,Default,,0000,0000,0000,,because I already have it, but just go
Dialogue: 0,0:01:54.80,0:01:56.48,Default,,0000,0000,0000,,ahead and like click this, download it,
Dialogue: 0,0:01:56.48,0:01:58.08,Default,,0000,0000,0000,,and install it. You can see mine started
Dialogue: 0,0:01:58.08,0:01:59.36,Default,,0000,0000,0000,,downloading, I'm just going to go ahead
Dialogue: 0,0:01:59.36,0:02:00.64,Default,,0000,0000,0000,,and cancel this. And then while you're
Dialogue: 0,0:02:00.64,0:02:02.24,Default,,0000,0000,0000,,waiting for VMware Player to download,
Dialogue: 0,0:02:02.24,0:02:03.76,Default,,0000,0000,0000,,we'll go ahead and download the Windows
Dialogue: 0,0:02:03.76,0:02:06.00,Default,,0000,0000,0000,,10 ISO. That's basically a file that'll
Dialogue: 0,0:02:06.00,0:02:08.48,Default,,0000,0000,0000,,let us install Windows 10 onto our
Dialogue: 0,0:02:08.48,0:02:10.40,Default,,0000,0000,0000,,virtual machine. So again, I'll put a link
Dialogue: 0,0:02:10.40,0:02:11.92,Default,,0000,0000,0000,,to this in the description as well, but
Dialogue: 0,0:02:11.92,0:02:14.48,Default,,0000,0000,0000,,just go ahead and go to it, and then
Dialogue: 0,0:02:14.48,0:02:15.92,Default,,0000,0000,0000,,you'll go to where it says create
Dialogue: 0,0:02:15.92,0:02:17.76,Default,,0000,0000,0000,,Windows 10 installation media and you'll
Dialogue: 0,0:02:17.76,0:02:19.76,Default,,0000,0000,0000,,say download tool, and when
Dialogue: 0,0:02:19.76,0:02:21.28,Default,,0000,0000,0000,,this downloads, just go ahead and open it.
Dialogue: 0,0:02:21.28,0:02:22.88,Default,,0000,0000,0000,,Don't be surprised if this takes a while
Dialogue: 0,0:02:22.88,0:02:24.48,Default,,0000,0000,0000,,to like start up and download. So we'll
Dialogue: 0,0:02:24.48,0:02:26.96,Default,,0000,0000,0000,,just say accept. And then we're going to
Dialogue: 0,0:02:26.96,0:02:27.76,Default,,0000,0000,0000,,click
Dialogue: 0,0:02:27.76,0:02:29.76,Default,,0000,0000,0000,,create installation media. We want to get
Dialogue: 0,0:02:29.76,0:02:32.32,Default,,0000,0000,0000,,an ISO file so we'll say next. This looks
Dialogue: 0,0:02:32.32,0:02:34.88,Default,,0000,0000,0000,,good. And we're going to say ISO file, be
Dialogue: 0,0:02:34.88,0:02:36.72,Default,,0000,0000,0000,,sure to select this. And then we'll just
Dialogue: 0,0:02:36.72,0:02:38.88,Default,,0000,0000,0000,,choose where it goes. I like this nice xp
Dialogue: 0,0:02:38.88,0:02:40.88,Default,,0000,0000,0000,,pro ISO that I have. Go ahead and put it
Dialogue: 0,0:02:40.88,0:02:42.56,Default,,0000,0000,0000,,in a folder, just remember what folder
Dialogue: 0,0:02:42.56,0:02:45.12,Default,,0000,0000,0000,,you put in. So I'll just save it to my C:
Dialogue: 0,0:02:45.12,0:02:47.36,Default,,0000,0000,0000,,_ISOs folder and then we'll
Dialogue: 0,0:02:47.36,0:02:49.12,Default,,0000,0000,0000,,wait for this to finish. And while this
Dialogue: 0,0:02:49.12,0:02:50.40,Default,,0000,0000,0000,,is going, we can actually
Dialogue: 0,0:02:50.40,0:02:52.80,Default,,0000,0000,0000,,download and install Nessus
Dialogue: 0,0:02:52.80,0:02:54.32,Default,,0000,0000,0000,,Essentials which is going to
Dialogue: 0,0:02:54.32,0:02:56.40,Default,,0000,0000,0000,,be the vulnerability scanner that we use
Dialogue: 0,0:02:56.40,0:02:58.32,Default,,0000,0000,0000,,to actually conduct our scans. So I'll
Dialogue: 0,0:02:58.32,0:03:00.08,Default,,0000,0000,0000,,put a link to this in the description as
Dialogue: 0,0:03:00.08,0:03:01.92,Default,,0000,0000,0000,,well, but you can probably find it on google.
Dialogue: 0,0:03:01.92,0:03:04.40,Default,,0000,0000,0000,,And just basically like fill this thing
Dialogue: 0,0:03:04.40,0:03:05.84,Default,,0000,0000,0000,,out. After you fill this out, you'll be
Dialogue: 0,0:03:05.84,0:03:07.20,Default,,0000,0000,0000,,able to download it and it will send
Dialogue: 0,0:03:07.20,0:03:09.20,Default,,0000,0000,0000,,like a key to your email, so just go
Dialogue: 0,0:03:09.20,0:03:11.12,Default,,0000,0000,0000,,ahead and- actually I'll just do it. Just
Dialogue: 0,0:03:11.12,0:03:13.60,Default,,0000,0000,0000,,fill this thing out, cool. So it will send
Dialogue: 0,0:03:13.60,0:03:16.32,Default,,0000,0000,0000,,an email inside of your email, I can't
Dialogue: 0,0:03:16.32,0:03:17.92,Default,,0000,0000,0000,,show it because it has a key and like, I
Dialogue: 0,0:03:17.92,0:03:19.60,Default,,0000,0000,0000,,don't know, so inside of your email
Dialogue: 0,0:03:19.60,0:03:21.44,Default,,0000,0000,0000,,there'll be like a button that says
Dialogue: 0,0:03:21.44,0:03:23.44,Default,,0000,0000,0000,,download Nessus and then there will be a
Dialogue: 0,0:03:23.44,0:03:24.88,Default,,0000,0000,0000,,key. Go ahead and click the button to
Dialogue: 0,0:03:24.88,0:03:26.56,Default,,0000,0000,0000,,download Nessus and it will take you to
Dialogue: 0,0:03:26.56,0:03:28.32,Default,,0000,0000,0000,,a page that looks like this, and just
Dialogue: 0,0:03:28.32,0:03:30.32,Default,,0000,0000,0000,,click on Nessus. And we already have an
Dialogue: 0,0:03:30.32,0:03:32.24,Default,,0000,0000,0000,,activation code, it should be in your
Dialogue: 0,0:03:32.24,0:03:35.20,Default,,0000,0000,0000,,email, so we'll pick the one for, this one,
Dialogue: 0,0:03:35.20,0:03:37.12,Default,,0000,0000,0000,,it says Windows Server 2008 blah blah
Dialogue: 0,0:03:37.12,0:03:39.12,Default,,0000,0000,0000,,blah, and then it says 10 in here. So
Dialogue: 0,0:03:39.12,0:03:40.96,Default,,0000,0000,0000,,we'll download this. Just say agree and
Dialogue: 0,0:03:40.96,0:03:42.72,Default,,0000,0000,0000,,then, you know, download it anywhere. And
Dialogue: 0,0:03:42.72,0:03:43.92,Default,,0000,0000,0000,,then meanwhile, remember in the
Dialogue: 0,0:03:43.92,0:03:45.84,Default,,0000,0000,0000,,background, Windows 10 should be still
Dialogue: 0,0:03:45.84,0:03:48.00,Default,,0000,0000,0000,,downloading. Virtual VMware Player might
Dialogue: 0,0:03:48.00,0:03:49.52,Default,,0000,0000,0000,,be downloading still too, so we just have
Dialogue: 0,0:03:49.52,0:03:51.12,Default,,0000,0000,0000,,to install that on your own. I'm not
Dialogue: 0,0:03:51.12,0:03:52.24,Default,,0000,0000,0000,,going to show it on the screen because I
Dialogue: 0,0:03:52.24,0:03:53.84,Default,,0000,0000,0000,,already have it installed. Here we are at
Dialogue: 0,0:03:53.84,0:03:56.56,Default,,0000,0000,0000,,the Tenable setup, so we just say next,
Dialogue: 0,0:03:56.56,0:03:59.60,Default,,0000,0000,0000,,accept, and just accept this location, and
Dialogue: 0,0:03:59.60,0:04:01.76,Default,,0000,0000,0000,,then go ahead and install it, and then
Dialogue: 0,0:04:01.76,0:04:03.60,Default,,0000,0000,0000,,say finish.
Dialogue: 0,0:04:03.60,0:04:05.44,Default,,0000,0000,0000,,And then it's going to kind of show
Dialogue: 0,0:04:05.44,0:04:07.52,Default,,0000,0000,0000,,this like socket up here like localhost
Dialogue: 0,0:04:07.52,0:04:09.28,Default,,0000,0000,0000,,in the port. I would recommend saving
Dialogue: 0,0:04:09.28,0:04:10.88,Default,,0000,0000,0000,,this URL because it's kind of
Dialogue: 0,0:04:10.88,0:04:13.04,Default,,0000,0000,0000,,annoying if you lose it, so just save it
Dialogue: 0,0:04:13.04,0:04:14.64,Default,,0000,0000,0000,,in like a notepad somewhere or something
Dialogue: 0,0:04:14.64,0:04:16.80,Default,,0000,0000,0000,,like this. And then we'll say connect via
Dialogue: 0,0:04:16.80,0:04:19.12,Default,,0000,0000,0000,,SSL, and just say advanced, and then say
Dialogue: 0,0:04:19.12,0:04:21.44,Default,,0000,0000,0000,,proceed. And this takes a while to set up
Dialogue: 0,0:04:21.44,0:04:23.04,Default,,0000,0000,0000,,the very first time. It has to like
Dialogue: 0,0:04:23.04,0:04:24.80,Default,,0000,0000,0000,,initialize and install things, and I
Dialogue: 0,0:04:24.80,0:04:26.40,Default,,0000,0000,0000,,assume, download a whole bunch of
Dialogue: 0,0:04:26.40,0:04:28.00,Default,,0000,0000,0000,,definitions or something like this, so
Dialogue: 0,0:04:28.00,0:04:29.68,Default,,0000,0000,0000,,just go get like some coffee or
Dialogue: 0,0:04:29.68,0:04:31.12,Default,,0000,0000,0000,,something while you wait for
Dialogue: 0,0:04:31.12,0:04:32.56,Default,,0000,0000,0000,,this to happen because it will take a
Dialogue: 0,0:04:32.56,0:04:34.32,Default,,0000,0000,0000,,while to do. And we're going to say
Dialogue: 0,0:04:34.32,0:04:36.72,Default,,0000,0000,0000,,Nessus Essentials. It's essentially free.
Dialogue: 0,0:04:36.72,0:04:38.56,Default,,0000,0000,0000,,You can read the, I guess, license
Dialogue: 0,0:04:38.56,0:04:40.16,Default,,0000,0000,0000,,agreement if you want, but we're going to
Dialogue: 0,0:04:40.16,0:04:41.92,Default,,0000,0000,0000,,install Essentials. And then just fill
Dialogue: 0,0:04:41.92,0:04:43.36,Default,,0000,0000,0000,,this thing out and we'll get an
Dialogue: 0,0:04:43.36,0:04:45.84,Default,,0000,0000,0000,,activation code. I believe I have one
Dialogue: 0,0:04:45.84,0:04:47.84,Default,,0000,0000,0000,,already. It should have emailed it to
Dialogue: 0,0:04:47.84,0:04:49.36,Default,,0000,0000,0000,,you actually. It should have emailed the
Dialogue: 0,0:04:49.36,0:04:51.68,Default,,0000,0000,0000,,activation code to you so maybe skip
Dialogue: 0,0:04:51.68,0:04:53.76,Default,,0000,0000,0000,,this, and then just paste the activation
Dialogue: 0,0:04:53.76,0:04:55.84,Default,,0000,0000,0000,,code that was in your email
Dialogue: 0,0:04:55.84,0:04:57.60,Default,,0000,0000,0000,,that you already received, and just
Dialogue: 0,0:04:57.60,0:04:59.20,Default,,0000,0000,0000,,continue. And then this is where you're
Dialogue: 0,0:04:59.20,0:05:00.72,Default,,0000,0000,0000,,going to set up a username and password.
Dialogue: 0,0:05:00.72,0:05:02.00,Default,,0000,0000,0000,,Just make sure you don't forget this. It
Dialogue: 0,0:05:02.00,0:05:03.60,Default,,0000,0000,0000,,might be troublesome, you know, if you
Dialogue: 0,0:05:03.60,0:05:04.96,Default,,0000,0000,0000,,forget it, you'll have to reset it or
Dialogue: 0,0:05:04.96,0:05:07.60,Default,,0000,0000,0000,,something like this. So just set up a
Dialogue: 0,0:05:07.60,0:05:09.52,Default,,0000,0000,0000,,password, I guess. And this is the part
Dialogue: 0,0:05:09.52,0:05:11.44,Default,,0000,0000,0000,,that takes a while, so just, you know, go
Dialogue: 0,0:05:11.44,0:05:13.76,Default,,0000,0000,0000,,get coffee or sandwich or something, and
Dialogue: 0,0:05:13.76,0:05:16.64,Default,,0000,0000,0000,,we will meet back here. Okay so while
Dialogue: 0,0:05:16.64,0:05:17.92,Default,,0000,0000,0000,,this is still installing and
Dialogue: 0,0:05:17.92,0:05:19.84,Default,,0000,0000,0000,,initializing and doing everything that it
Dialogue: 0,0:05:19.84,0:05:21.52,Default,,0000,0000,0000,,needs to do, let's go ahead and set up
Dialogue: 0,0:05:21.52,0:05:23.20,Default,,0000,0000,0000,,our virtual machine since this is going
Dialogue: 0,0:05:23.20,0:05:25.20,Default,,0000,0000,0000,,to take some time anyway. So by now you
Dialogue: 0,0:05:25.20,0:05:27.44,Default,,0000,0000,0000,,should have downloaded and installed
Dialogue: 0,0:05:27.44,0:05:29.44,Default,,0000,0000,0000,,VMware Workstation Player. So we'll just
Dialogue: 0,0:05:29.44,0:05:31.76,Default,,0000,0000,0000,,go ahead and open this up and check on
Dialogue: 0,0:05:31.76,0:05:34.88,Default,,0000,0000,0000,,your Windows 10 ISO download. It should
Dialogue: 0,0:05:34.88,0:05:36.80,Default,,0000,0000,0000,,be finished by now as well, maybe it
Dialogue: 0,0:05:36.80,0:05:38.56,Default,,0000,0000,0000,,looks something like this, and then it
Dialogue: 0,0:05:38.56,0:05:40.48,Default,,0000,0000,0000,,shows you like where it's at the C: ISO
Dialogue: 0,0:05:40.48,0:05:42.72,Default,,0000,0000,0000,,Windows dot or yeah, wherever you put
Dialogue: 0,0:05:42.72,0:05:44.40,Default,,0000,0000,0000,,yours. So just take note of this and
Dialogue: 0,0:05:44.40,0:05:46.40,Default,,0000,0000,0000,,we'll say finish, cool. And then we're
Dialogue: 0,0:05:46.40,0:05:48.56,Default,,0000,0000,0000,,going to create a new virtual machine
Dialogue: 0,0:05:48.56,0:05:50.56,Default,,0000,0000,0000,,inside of VMware Workstation Player.
Dialogue: 0,0:05:50.56,0:05:52.64,Default,,0000,0000,0000,,We'll go to player and then file and
Dialogue: 0,0:05:52.64,0:05:55.28,Default,,0000,0000,0000,,then new virtual machine. And then
Dialogue: 0,0:05:55.28,0:05:57.36,Default,,0000,0000,0000,,for the installer we're going to say
Dialogue: 0,0:05:57.36,0:05:59.52,Default,,0000,0000,0000,,browse, and then we'll just browse to
Dialogue: 0,0:05:59.52,0:06:01.12,Default,,0000,0000,0000,,wherever you downloaded the Windows 10
Dialogue: 0,0:06:01.12,0:06:03.12,Default,,0000,0000,0000,,ISO. So this could probably be named
Dialogue: 0,0:06:03.12,0:06:05.28,Default,,0000,0000,0000,,something better, but that's okay. So
Dialogue: 0,0:06:05.28,0:06:06.96,Default,,0000,0000,0000,,we'll say next, and just name this
Dialogue: 0,0:06:06.96,0:06:09.04,Default,,0000,0000,0000,,something appropriate. This is fine. This
Dialogue: 0,0:06:09.04,0:06:11.04,Default,,0000,0000,0000,,location's fine. I guess you can change
Dialogue: 0,0:06:11.04,0:06:13.04,Default,,0000,0000,0000,,it if you want. So we'll say next. Maximum
Dialogue: 0,0:06:13.04,0:06:15.92,Default,,0000,0000,0000,,disk size, this is fine. We're not
Dialogue: 0,0:06:15.92,0:06:17.44,Default,,0000,0000,0000,,gonna really put anything on it, I'm just
Dialogue: 0,0:06:17.44,0:06:19.52,Default,,0000,0000,0000,,gonna set mine at 50. And then we'll
Dialogue: 0,0:06:19.52,0:06:21.60,Default,,0000,0000,0000,,go to customize hardware, and for memory
Dialogue: 0,0:06:21.60,0:06:24.08,Default,,0000,0000,0000,,like if you don't know how much RAM you
Dialogue: 0,0:06:24.08,0:06:26.88,Default,,0000,0000,0000,,have, maybe just like leave this as it is.
Dialogue: 0,0:06:26.88,0:06:28.48,Default,,0000,0000,0000,,I'm going to increase mine a little bit.
Dialogue: 0,0:06:28.48,0:06:30.08,Default,,0000,0000,0000,,I'll increase this a little bit. If you
Dialogue: 0,0:06:30.08,0:06:32.48,Default,,0000,0000,0000,,don't know about your CPU, just leave it
Dialogue: 0,0:06:32.48,0:06:34.48,Default,,0000,0000,0000,,as is. But we do have to change the
Dialogue: 0,0:06:34.48,0:06:36.40,Default,,0000,0000,0000,,network adapter. We should change it to
Dialogue: 0,0:06:36.40,0:06:38.32,Default,,0000,0000,0000,,bridged. Without explaining too deeply,
Dialogue: 0,0:06:38.32,0:06:40.40,Default,,0000,0000,0000,,bridged kind of puts this virtual machine
Dialogue: 0,0:06:40.40,0:06:42.24,Default,,0000,0000,0000,,on the same network as your actual
Dialogue: 0,0:06:42.24,0:06:45.12,Default,,0000,0000,0000,,physical computer, so your nessus
Dialogue: 0,0:06:45.12,0:06:47.28,Default,,0000,0000,0000,,implementation can talk to the
Dialogue: 0,0:06:47.28,0:06:48.40,Default,,0000,0000,0000,,virtual machine
Dialogue: 0,0:06:48.40,0:06:51.52,Default,,0000,0000,0000,,more easily. This looks good. We'll close
Dialogue: 0,0:06:51.52,0:06:53.60,Default,,0000,0000,0000,,this. And this is good, power on after
Dialogue: 0,0:06:53.60,0:06:55.76,Default,,0000,0000,0000,,creation, we'll just say finish. Kind of move
Dialogue: 0,0:06:55.76,0:06:57.04,Default,,0000,0000,0000,,Tenable
Dialogue: 0,0:06:57.04,0:06:58.48,Default,,0000,0000,0000,,to the side.
Dialogue: 0,0:06:58.48,0:07:01.04,Default,,0000,0000,0000,,And then after the VM finishes getting
Dialogue: 0,0:07:01.04,0:07:03.36,Default,,0000,0000,0000,,kind of created, it's going to launch and
Dialogue: 0,0:07:03.36,0:07:04.88,Default,,0000,0000,0000,,then we're going to have a chance to
Dialogue: 0,0:07:04.88,0:07:06.72,Default,,0000,0000,0000,,install Windows. Be sure to press any key
Dialogue: 0,0:07:06.72,0:07:08.96,Default,,0000,0000,0000,,to boot into the ISO when it asks. And if
Dialogue: 0,0:07:08.96,0:07:11.04,Default,,0000,0000,0000,,your cursor is gone, you can see
Dialogue: 0,0:07:11.04,0:07:12.64,Default,,0000,0000,0000,,in the lower left it says like press
Dialogue: 0,0:07:12.64,0:07:14.56,Default,,0000,0000,0000,,control alt to release your cursor, and
Dialogue: 0,0:07:14.56,0:07:16.08,Default,,0000,0000,0000,,then you can get your cursor back. So
Dialogue: 0,0:07:16.08,0:07:18.80,Default,,0000,0000,0000,,we're just going to install Windows 10.
Dialogue: 0,0:07:18.80,0:07:21.36,Default,,0000,0000,0000,,So we'll just say next, install, and say I
Dialogue: 0,0:07:21.36,0:07:23.20,Default,,0000,0000,0000,,don't have a product key. You can close
Dialogue: 0,0:07:23.20,0:07:24.96,Default,,0000,0000,0000,,this message down here. And just pick
Dialogue: 0,0:07:24.96,0:07:27.44,Default,,0000,0000,0000,,Windows 10 Pro and say next, and we'll
Dialogue: 0,0:07:27.44,0:07:30.32,Default,,0000,0000,0000,,say accept, say next, and say custom, and
Dialogue: 0,0:07:30.32,0:07:32.56,Default,,0000,0000,0000,,then this is our blank hard drive, so
Dialogue: 0,0:07:32.56,0:07:34.16,Default,,0000,0000,0000,,click on that. It's the only one you can click
Dialogue: 0,0:07:34.16,0:07:35.60,Default,,0000,0000,0000,,and just say next. And then this will
Dialogue: 0,0:07:35.60,0:07:37.28,Default,,0000,0000,0000,,take some time to install too, so I'll
Dialogue: 0,0:07:37.28,0:07:38.64,Default,,0000,0000,0000,,kind of come back when one of these
Dialogue: 0,0:07:38.64,0:07:40.24,Default,,0000,0000,0000,,finishes. Cool, so it looks like both
Dialogue: 0,0:07:40.24,0:07:42.16,Default,,0000,0000,0000,,finished now. I'll just finish setting up
Dialogue: 0,0:07:42.16,0:07:46.16,Default,,0000,0000,0000,,the VM. I will say yes and US and skip.
Dialogue: 0,0:07:46.16,0:07:47.92,Default,,0000,0000,0000,,And for Nessus we'll just kind of,
Dialogue: 0,0:07:47.92,0:07:49.44,Default,,0000,0000,0000,,we'll close this thing here, and then
Dialogue: 0,0:07:49.44,0:07:50.96,Default,,0000,0000,0000,,we'll just kind of wait on this
Dialogue: 0,0:07:50.96,0:07:53.12,Default,,0000,0000,0000,,until we finish setting up the virtual
Dialogue: 0,0:07:53.12,0:07:54.16,Default,,0000,0000,0000,,machine.
Dialogue: 0,0:07:54.16,0:07:56.96,Default,,0000,0000,0000,,And we'll say set up for personal use,
Dialogue: 0,0:07:56.96,0:07:59.60,Default,,0000,0000,0000,,and next, and then we'll say offline account,
Dialogue: 0,0:07:59.60,0:08:02.64,Default,,0000,0000,0000,,limited experience, and then just name,
Dialogue: 0,0:08:02.64,0:08:05.52,Default,,0000,0000,0000,,I don't know, just name it like admin, and
Dialogue: 0,0:08:05.52,0:08:07.52,Default,,0000,0000,0000,,make a password, but just remember
Dialogue: 0,0:08:07.52,0:08:09.52,Default,,0000,0000,0000,,what it is. Make it like something simple
Dialogue: 0,0:08:09.52,0:08:10.72,Default,,0000,0000,0000,,because we're going to use this later
Dialogue: 0,0:08:10.72,0:08:12.24,Default,,0000,0000,0000,,for the credentialed scans, so just
Dialogue: 0,0:08:12.24,0:08:14.16,Default,,0000,0000,0000,,remember what it is. It's troublesome, you
Dialogue: 0,0:08:14.16,0:08:15.76,Default,,0000,0000,0000,,know, if you forget it.
Dialogue: 0,0:08:15.76,0:08:17.60,Default,,0000,0000,0000,,Just make up something for these
Dialogue: 0,0:08:17.60,0:08:19.52,Default,,0000,0000,0000,,if it asks you. This is just like, you
Dialogue: 0,0:08:19.52,0:08:22.64,Default,,0000,0000,0000,,know, a junk VM, no one cares. Say no for
Dialogue: 0,0:08:22.64,0:08:25.28,Default,,0000,0000,0000,,all of these things. Not now. Cool, okay.
Dialogue: 0,0:08:25.28,0:08:27.20,Default,,0000,0000,0000,,Now everything is totally set up. We have
Dialogue: 0,0:08:27.20,0:08:29.76,Default,,0000,0000,0000,,our VM here and then we have our Nessus
Dialogue: 0,0:08:29.76,0:08:33.04,Default,,0000,0000,0000,,Essentials set up and ready to go. So for
Dialogue: 0,0:08:33.04,0:08:34.80,Default,,0000,0000,0000,,now we're just going to do a kind of
Dialogue: 0,0:08:34.80,0:08:37.04,Default,,0000,0000,0000,,basic scan against the virtual machine.
Dialogue: 0,0:08:37.04,0:08:38.88,Default,,0000,0000,0000,,There's, we're going to do a credentialed
Dialogue: 0,0:08:38.88,0:08:40.72,Default,,0000,0000,0000,,scan later which I'll kind of explain,
Dialogue: 0,0:08:40.72,0:08:42.32,Default,,0000,0000,0000,,but I just want to make sure we can scan
Dialogue: 0,0:08:42.32,0:08:44.24,Default,,0000,0000,0000,,it and make sure we can kind of get some
Dialogue: 0,0:08:44.24,0:08:46.24,Default,,0000,0000,0000,,kind of result back. So before we do that,
Dialogue: 0,0:08:46.24,0:08:48.48,Default,,0000,0000,0000,,I'm going to go to the VM and like get
Dialogue: 0,0:08:48.48,0:08:50.56,Default,,0000,0000,0000,,the IP address from it. So go, make sure
Dialogue: 0,0:08:50.56,0:08:52.64,Default,,0000,0000,0000,,to go to the VM, not your actual computer,
Dialogue: 0,0:08:52.64,0:08:54.72,Default,,0000,0000,0000,,but go to the VM. Click start, open up
Dialogue: 0,0:08:54.72,0:08:56.72,Default,,0000,0000,0000,,command line, and then we will type
Dialogue: 0,0:08:56.72,0:09:00.08,Default,,0000,0000,0000,,ipconfig just to get the IPv4 IP address.
Dialogue: 0,0:09:00.08,0:09:02.00,Default,,0000,0000,0000,,And we're going to ping this from our
Dialogue: 0,0:09:02.00,0:09:03.84,Default,,0000,0000,0000,,local machine just to make sure that we
Dialogue: 0,0:09:03.84,0:09:06.40,Default,,0000,0000,0000,,can reach it, I guess, essentially. So open
Dialogue: 0,0:09:06.40,0:09:08.24,Default,,0000,0000,0000,,up the command line on your
Dialogue: 0,0:09:08.24,0:09:10.72,Default,,0000,0000,0000,,PC, and we will just say, we'll just ping
Dialogue: 0,0:09:10.72,0:09:14.52,Default,,0000,0000,0000,,this IP address. So we'll just say ping
Dialogue: 0,0:09:14.52,0:09:16.88,Default,,0000,0000,0000,,10.0.0.189 and then we'll do -t
Dialogue: 0,0:09:16.88,0:09:18.64,Default,,0000,0000,0000,,which means like perpetual ping, like
Dialogue: 0,0:09:18.64,0:09:20.80,Default,,0000,0000,0000,,keep going forever until we cancel it.
Dialogue: 0,0:09:20.80,0:09:23.20,Default,,0000,0000,0000,,And we see like it's timing out, so
Dialogue: 0,0:09:23.20,0:09:25.84,Default,,0000,0000,0000,,we just have to disable the firewall on
Dialogue: 0,0:09:25.84,0:09:27.60,Default,,0000,0000,0000,,our virtual machine here. You might not
Dialogue: 0,0:09:27.60,0:09:28.80,Default,,0000,0000,0000,,want to do this in production, it just
Dialogue: 0,0:09:28.80,0:09:30.32,Default,,0000,0000,0000,,depends on like what other controls you
Dialogue: 0,0:09:30.32,0:09:32.56,Default,,0000,0000,0000,,have in place. So we will minimize this,
Dialogue: 0,0:09:32.56,0:09:35.28,Default,,0000,0000,0000,,we'll go to our VM here, and then we will
Dialogue: 0,0:09:35.28,0:09:36.20,Default,,0000,0000,0000,,type
Dialogue: 0,0:09:36.20,0:09:38.72,Default,,0000,0000,0000,,wf.msc, it's this Windows firewall
Dialogue: 0,0:09:38.72,0:09:40.32,Default,,0000,0000,0000,,microsoft something console, can't
Dialogue: 0,0:09:40.32,0:09:42.00,Default,,0000,0000,0000,,remember. So we'll open the firewall and
Dialogue: 0,0:09:42.00,0:09:43.20,Default,,0000,0000,0000,,we're just going to do a lot of this
Dialogue: 0,0:09:43.20,0:09:44.88,Default,,0000,0000,0000,,stuff for our lab. So we'll go to
Dialogue: 0,0:09:44.88,0:09:47.12,Default,,0000,0000,0000,,defender firewall properties, and just on
Dialogue: 0,0:09:47.12,0:09:48.64,Default,,0000,0000,0000,,these first three tabs, we'll just turn
Dialogue: 0,0:09:48.64,0:09:50.16,Default,,0000,0000,0000,,all three of them off. Like domain
Dialogue: 0,0:09:50.16,0:09:52.08,Default,,0000,0000,0000,,profile off, private profile off, public
Dialogue: 0,0:09:52.08,0:09:54.08,Default,,0000,0000,0000,,profile off, and we'll just say okay here.
Dialogue: 0,0:09:54.08,0:09:55.60,Default,,0000,0000,0000,,The firewall is off. And then we notice
Dialogue: 0,0:09:55.60,0:09:57.68,Default,,0000,0000,0000,,that the ping is kind of going through
Dialogue: 0,0:09:57.68,0:09:59.76,Default,,0000,0000,0000,,on our local computer here. So we can
Dialogue: 0,0:09:59.76,0:10:01.92,Default,,0000,0000,0000,,press ctrl c to cancel this. And we'll
Dialogue: 0,0:10:01.92,0:10:03.68,Default,,0000,0000,0000,,just copy this IP address. This is the IP
Dialogue: 0,0:10:03.68,0:10:05.84,Default,,0000,0000,0000,,address of our VM. We will close this. And
Dialogue: 0,0:10:05.84,0:10:09.20,Default,,0000,0000,0000,,then this is our Nessus Essentials.
Dialogue: 0,0:10:09.20,0:10:11.04,Default,,0000,0000,0000,,Essentially it's like a web app
Dialogue: 0,0:10:11.04,0:10:12.72,Default,,0000,0000,0000,,essentially, so we'll go back to this and
Dialogue: 0,0:10:12.72,0:10:14.72,Default,,0000,0000,0000,,then we're going to create a new scan. So
Dialogue: 0,0:10:14.72,0:10:17.36,Default,,0000,0000,0000,,we'll just do a basic network scan here.
Dialogue: 0,0:10:17.36,0:10:19.04,Default,,0000,0000,0000,,And so we'll just name it like, I don't
Dialogue: 0,0:10:19.04,0:10:21.68,Default,,0000,0000,0000,,know, Windows 10 single host, something
Dialogue: 0,0:10:21.68,0:10:23.36,Default,,0000,0000,0000,,like this. And then for targets we'll
Dialogue: 0,0:10:23.36,0:10:25.44,Default,,0000,0000,0000,,just paste, this is our virtual
Dialogue: 0,0:10:25.44,0:10:26.88,Default,,0000,0000,0000,,machine's IP address, so we'll just kind
Dialogue: 0,0:10:26.88,0:10:28.32,Default,,0000,0000,0000,,of paste it in here. We don't really need
Dialogue: 0,0:10:28.32,0:10:30.16,Default,,0000,0000,0000,,to change anything else on here. We're
Dialogue: 0,0:10:30.16,0:10:31.68,Default,,0000,0000,0000,,just going to do like a manual scan, but
Dialogue: 0,0:10:31.68,0:10:33.20,Default,,0000,0000,0000,,you know, take note that you can do
Dialogue: 0,0:10:33.20,0:10:34.72,Default,,0000,0000,0000,,like a scheduled scan if you're working
Dialogue: 0,0:10:34.72,0:10:36.32,Default,,0000,0000,0000,,in an organization, you want to scan like
Dialogue: 0,0:10:36.32,0:10:38.32,Default,,0000,0000,0000,,every x days or like every Tuesday or
Dialogue: 0,0:10:38.32,0:10:40.16,Default,,0000,0000,0000,,something like this. Port scan common ports,
Dialogue: 0,0:10:40.16,0:10:41.92,Default,,0000,0000,0000,,port scan all ports, obviously all
Dialogue: 0,0:10:41.92,0:10:43.28,Default,,0000,0000,0000,,ports going to take longer, you can
Dialogue: 0,0:10:43.28,0:10:44.80,Default,,0000,0000,0000,,customize it. There's a bunch of settings
Dialogue: 0,0:10:44.80,0:10:46.40,Default,,0000,0000,0000,,that you can kind of explore in here on
Dialogue: 0,0:10:46.40,0:10:48.64,Default,,0000,0000,0000,,your own. And there is, there's also
Dialogue: 0,0:10:48.64,0:10:51.12,Default,,0000,0000,0000,,this credentials page which we'll get
Dialogue: 0,0:10:51.12,0:10:52.96,Default,,0000,0000,0000,,into in a little bit, but basically you
Dialogue: 0,0:10:52.96,0:10:54.48,Default,,0000,0000,0000,,can, we won't do this yet, but you can
Dialogue: 0,0:10:54.48,0:10:56.48,Default,,0000,0000,0000,,enter credentials in here like the
Dialogue: 0,0:10:56.48,0:10:58.16,Default,,0000,0000,0000,,username and password that we made when
Dialogue: 0,0:10:58.16,0:10:59.68,Default,,0000,0000,0000,,we created the virtual machine, and then
Dialogue: 0,0:10:59.68,0:11:02.24,Default,,0000,0000,0000,,the scanner will kind of go into the
Dialogue: 0,0:11:02.24,0:11:03.92,Default,,0000,0000,0000,,machine more deeply and like look
Dialogue: 0,0:11:03.92,0:11:05.44,Default,,0000,0000,0000,,through the registry and the file system
Dialogue: 0,0:11:05.44,0:11:07.44,Default,,0000,0000,0000,,and like more things. And the reason for
Dialogue: 0,0:11:07.44,0:11:09.44,Default,,0000,0000,0000,,this is you can kind of discover more
Dialogue: 0,0:11:09.44,0:11:10.72,Default,,0000,0000,0000,,vulnerabilities if you have like
Dialogue: 0,0:11:10.72,0:11:12.96,Default,,0000,0000,0000,,deprecated software or insecure services
Dialogue: 0,0:11:12.96,0:11:14.48,Default,,0000,0000,0000,,or something like this running.
Dialogue: 0,0:11:14.48,0:11:17.04,Default,,0000,0000,0000,,This is what this kind of credentialed, the
Dialogue: 0,0:11:17.04,0:11:19.12,Default,,0000,0000,0000,,credentials page, is for. But right now
Dialogue: 0,0:11:19.12,0:11:20.56,Default,,0000,0000,0000,,we're just going to do like a basic
Dialogue: 0,0:11:20.56,0:11:22.32,Default,,0000,0000,0000,,network kind of port scan. It's not going
Dialogue: 0,0:11:22.32,0:11:23.92,Default,,0000,0000,0000,,to be too deep. Just want to make sure we
Dialogue: 0,0:11:23.92,0:11:25.44,Default,,0000,0000,0000,,can scan it and get some kind of
Dialogue: 0,0:11:25.44,0:11:27.36,Default,,0000,0000,0000,,information back. So we have our IP
Dialogue: 0,0:11:27.36,0:11:31.04,Default,,0000,0000,0000,,address and we will just say save. We'll, oh,
Dialogue: 0,0:11:31.04,0:11:33.28,Default,,0000,0000,0000,,remove this credentials, oops. And then
Dialogue: 0,0:11:33.28,0:11:35.52,Default,,0000,0000,0000,,just say save. And then this is our, this
Dialogue: 0,0:11:35.52,0:11:37.60,Default,,0000,0000,0000,,is our scan. It's not running, it's
Dialogue: 0,0:11:37.60,0:11:38.80,Default,,0000,0000,0000,,just kind of like a scan that's
Dialogue: 0,0:11:38.80,0:11:40.56,Default,,0000,0000,0000,,configured that we can run in the future,
Dialogue: 0,0:11:40.56,0:11:42.48,Default,,0000,0000,0000,,so we'll just go ahead and click launch
Dialogue: 0,0:11:42.48,0:11:44.48,Default,,0000,0000,0000,,now and launch the scan. And I believe
Dialogue: 0,0:11:44.48,0:11:46.48,Default,,0000,0000,0000,,you can kind of sometimes see
Dialogue: 0,0:11:46.48,0:11:48.24,Default,,0000,0000,0000,,the progress of it like if you click it,
Dialogue: 0,0:11:48.24,0:11:50.96,Default,,0000,0000,0000,,you can see, you know, what it has done so
Dialogue: 0,0:11:50.96,0:11:53.36,Default,,0000,0000,0000,,far. It makes like little logs and then
Dialogue: 0,0:11:53.36,0:11:54.80,Default,,0000,0000,0000,,the findings will kind of be on this
Dialogue: 0,0:11:54.80,0:11:56.40,Default,,0000,0000,0000,,page, but we can just go back. Click back
Dialogue: 0,0:11:56.40,0:11:58.16,Default,,0000,0000,0000,,to my host and then back to my scans, and
Dialogue: 0,0:11:58.16,0:11:59.84,Default,,0000,0000,0000,,we'll just kind of wait for this to
Dialogue: 0,0:11:59.84,0:12:01.76,Default,,0000,0000,0000,,finish. Cool, so we can now see that our
Dialogue: 0,0:12:01.76,0:12:04.48,Default,,0000,0000,0000,,scan has finished over here. It says like
Dialogue: 0,0:12:04.48,0:12:05.84,Default,,0000,0000,0000,,today and there's like a check mark. So
Dialogue: 0,0:12:05.84,0:12:07.60,Default,,0000,0000,0000,,we can just kind of click this to look
Dialogue: 0,0:12:07.60,0:12:10.08,Default,,0000,0000,0000,,at the individual results for it, and you
Dialogue: 0,0:12:10.08,0:12:12.48,Default,,0000,0000,0000,,can see like down here like blue is info,
Dialogue: 0,0:12:12.48,0:12:14.80,Default,,0000,0000,0000,,green is low, medium it's yellow, etc. And
Dialogue: 0,0:12:14.80,0:12:16.40,Default,,0000,0000,0000,,depending on the organization you work
Dialogue: 0,0:12:16.40,0:12:18.32,Default,,0000,0000,0000,,for, like a lot of people, a lot of orgs
Dialogue: 0,0:12:18.32,0:12:20.16,Default,,0000,0000,0000,,like won't even, depending on what they
Dialogue: 0,0:12:20.16,0:12:21.92,Default,,0000,0000,0000,,are, a lot of orgs won't even like really
Dialogue: 0,0:12:21.92,0:12:23.60,Default,,0000,0000,0000,,touch medium or lows because they have
Dialogue: 0,0:12:23.60,0:12:25.12,Default,,0000,0000,0000,,like so many criticals and highs that
Dialogue: 0,0:12:25.12,0:12:26.88,Default,,0000,0000,0000,,kind of take precedence. And because we
Dialogue: 0,0:12:26.88,0:12:28.96,Default,,0000,0000,0000,,didn't use any credentials for our scan,
Dialogue: 0,0:12:28.96,0:12:31.60,Default,,0000,0000,0000,,we don't really see that much of what
Dialogue: 0,0:12:31.60,0:12:33.52,Default,,0000,0000,0000,,might be actually vulnerable inside the
Dialogue: 0,0:12:33.52,0:12:35.36,Default,,0000,0000,0000,,VM, but we do see like some things here.
Dialogue: 0,0:12:35.36,0:12:36.48,Default,,0000,0000,0000,,So we can click
Dialogue: 0,0:12:36.48,0:12:38.32,Default,,0000,0000,0000,,vulnerabilities up here and just kind of
Dialogue: 0,0:12:38.32,0:12:40.32,Default,,0000,0000,0000,,look through these a tiny bit. We can see
Dialogue: 0,0:12:40.32,0:12:42.24,Default,,0000,0000,0000,,like SMB signing is not required. If
Dialogue: 0,0:12:42.24,0:12:44.08,Default,,0000,0000,0000,,that's something that your org cares
Dialogue: 0,0:12:44.08,0:12:45.68,Default,,0000,0000,0000,,about, you can kind of read about it here
Dialogue: 0,0:12:45.68,0:12:48.00,Default,,0000,0000,0000,,more, and consider like implementing
Dialogue: 0,0:12:48.00,0:12:49.84,Default,,0000,0000,0000,,implementing the solution to
Dialogue: 0,0:12:49.84,0:12:52.08,Default,,0000,0000,0000,,kind of remediate this vulnerability.
Dialogue: 0,0:12:52.08,0:12:54.08,Default,,0000,0000,0000,,There's other kind of interesting things
Dialogue: 0,0:12:54.08,0:12:56.40,Default,,0000,0000,0000,,in here. Traceroute information, it's
Dialogue: 0,0:12:56.40,0:12:58.40,Default,,0000,0000,0000,,listed as info, means it's not
Dialogue: 0,0:12:58.40,0:13:00.32,Default,,0000,0000,0000,,could not necessarily be a vulnerability,
Dialogue: 0,0:13:00.32,0:13:02.08,Default,,0000,0000,0000,,but just something you should be aware
Dialogue: 0,0:13:02.08,0:13:04.08,Default,,0000,0000,0000,,of, that you can see traceroute information
Dialogue: 0,0:13:04.08,0:13:06.48,Default,,0000,0000,0000,,which means like ICMP is
Dialogue: 0,0:13:06.48,0:13:08.96,Default,,0000,0000,0000,,accepted on this particular host.
Dialogue: 0,0:13:08.96,0:13:10.64,Default,,0000,0000,0000,,And down here we can see
Dialogue: 0,0:13:10.64,0:13:12.56,Default,,0000,0000,0000,,target credential status by
Dialogue: 0,0:13:12.56,0:13:14.72,Default,,0000,0000,0000,,authentication protocol, and it says like
Dialogue: 0,0:13:14.72,0:13:16.40,Default,,0000,0000,0000,,Nessus was not able to successfully
Dialogue: 0,0:13:16.40,0:13:17.84,Default,,0000,0000,0000,,authenticate to the remote target
Dialogue: 0,0:13:17.84,0:13:19.28,Default,,0000,0000,0000,,because we didn't actually provide any
Dialogue: 0,0:13:19.28,0:13:20.72,Default,,0000,0000,0000,,credentials, and we can see that down
Dialogue: 0,0:13:20.72,0:13:23.68,Default,,0000,0000,0000,,here. SMB was detected on port 445,
Dialogue: 0,0:13:23.68,0:13:26.24,Default,,0000,0000,0000,,means it's listening on 445, but we
Dialogue: 0,0:13:26.24,0:13:28.00,Default,,0000,0000,0000,,didn't provide any credentials. That's a
Dialogue: 0,0:13:28.00,0:13:29.36,Default,,0000,0000,0000,,kind of vulnerability, that's a
Dialogue: 0,0:13:29.36,0:13:31.44,Default,,0000,0000,0000,,vulnerability scan, some basic results. So
Dialogue: 0,0:13:31.44,0:13:32.64,Default,,0000,0000,0000,,the next thing we're going to do is
Dialogue: 0,0:13:32.64,0:13:34.72,Default,,0000,0000,0000,,we're going to, we're going to set up the
Dialogue: 0,0:13:34.72,0:13:36.72,Default,,0000,0000,0000,,virtual machine to be able to accept
Dialogue: 0,0:13:36.72,0:13:38.56,Default,,0000,0000,0000,,authenticated scans, and then we're going
Dialogue: 0,0:13:38.56,0:13:40.48,Default,,0000,0000,0000,,to provide some credentials to Nessus,
Dialogue: 0,0:13:40.48,0:13:41.92,Default,,0000,0000,0000,,and then we're going to try to rescan
Dialogue: 0,0:13:41.92,0:13:43.68,Default,,0000,0000,0000,,the virtual machine with credentials, and
Dialogue: 0,0:13:43.68,0:13:45.84,Default,,0000,0000,0000,,then kind of compare the results of the
Dialogue: 0,0:13:45.84,0:13:47.44,Default,,0000,0000,0000,,new scan which with these ones that
Dialogue: 0,0:13:47.44,0:13:49.36,Default,,0000,0000,0000,,we're looking at here. So we'll go back
Dialogue: 0,0:13:49.36,0:13:51.68,Default,,0000,0000,0000,,to my scans. Actually we'll go back to
Dialogue: 0,0:13:51.68,0:13:53.76,Default,,0000,0000,0000,,the virtual machine here, and then we'll
Dialogue: 0,0:13:53.76,0:13:54.68,Default,,0000,0000,0000,,open up
Dialogue: 0,0:13:54.68,0:13:56.72,Default,,0000,0000,0000,,services.msc. And there may be better
Dialogue: 0,0:13:56.72,0:13:57.92,Default,,0000,0000,0000,,ways to do what I'm doing like
Dialogue: 0,0:13:57.92,0:13:59.52,Default,,0000,0000,0000,,especially if you're in like a corporate
Dialogue: 0,0:13:59.52,0:14:01.84,Default,,0000,0000,0000,,environment. I got these steps from
Dialogue: 0,0:14:01.84,0:14:04.32,Default,,0000,0000,0000,,Nessus, the things that they recommend to
Dialogue: 0,0:14:04.32,0:14:06.32,Default,,0000,0000,0000,,actually do credentialed scans against
Dialogue: 0,0:14:06.32,0:14:08.56,Default,,0000,0000,0000,,Windows hosts that are not on the domain.
Dialogue: 0,0:14:08.56,0:14:09.84,Default,,0000,0000,0000,,So that's kind of what we're
Dialogue: 0,0:14:09.84,0:14:11.60,Default,,0000,0000,0000,,using here, so I'm just going to first
Dialogue: 0,0:14:11.60,0:14:13.76,Default,,0000,0000,0000,,I'm going to enable the remote registry.
Dialogue: 0,0:14:13.76,0:14:16.48,Default,,0000,0000,0000,,The remote registry which will allow the
Dialogue: 0,0:14:16.48,0:14:17.92,Default,,0000,0000,0000,,scanner to connect to this computer's
Dialogue: 0,0:14:17.92,0:14:19.44,Default,,0000,0000,0000,,registry, and like kind of crawl through
Dialogue: 0,0:14:19.44,0:14:20.96,Default,,0000,0000,0000,,the registry and look for insecure
Dialogue: 0,0:14:20.96,0:14:23.20,Default,,0000,0000,0000,,configurations like maybe deprecated
Dialogue: 0,0:14:23.20,0:14:24.96,Default,,0000,0000,0000,,cypher suites that might be enabled. You
Dialogue: 0,0:14:24.96,0:14:26.48,Default,,0000,0000,0000,,can enable and disable those in the
Dialogue: 0,0:14:26.48,0:14:28.16,Default,,0000,0000,0000,,registry, so I'm just going to enable
Dialogue: 0,0:14:28.16,0:14:30.64,Default,,0000,0000,0000,,remote registry so our scanner can
Dialogue: 0,0:14:30.64,0:14:32.72,Default,,0000,0000,0000,,connect to the registry. So I enabled it
Dialogue: 0,0:14:32.72,0:14:34.56,Default,,0000,0000,0000,,and I turned it on, and then next we're
Dialogue: 0,0:14:34.56,0:14:36.48,Default,,0000,0000,0000,,going to, be careful when you close this so
Dialogue: 0,0:14:36.48,0:14:38.24,Default,,0000,0000,0000,,you don't close the actual VM. I'm just
Dialogue: 0,0:14:38.24,0:14:40.00,Default,,0000,0000,0000,,closing like the window inside. I'll
Dialogue: 0,0:14:40.00,0:14:41.60,Default,,0000,0000,0000,,close the firewall. And the next thing, I'll
Dialogue: 0,0:14:41.60,0:14:44.88,Default,,0000,0000,0000,,enable file and printer sharing so, oh it
Dialogue: 0,0:14:44.88,0:14:47.28,Default,,0000,0000,0000,,looks like it's possibly already on. Turn
Dialogue: 0,0:14:47.28,0:14:49.12,Default,,0000,0000,0000,,on sharing so anyone with network, I
Dialogue: 0,0:14:49.12,0:14:50.88,Default,,0000,0000,0000,,don't think public folder sharing needs
Dialogue: 0,0:14:50.88,0:14:52.64,Default,,0000,0000,0000,,to be on. I was going to turn this on but
Dialogue: 0,0:14:52.64,0:14:54.16,Default,,0000,0000,0000,,it looks like it's on already. Turn on
Dialogue: 0,0:14:54.16,0:14:55.84,Default,,0000,0000,0000,,network discovery, file, and printer
Dialogue: 0,0:14:55.84,0:14:57.36,Default,,0000,0000,0000,,sharing, oh, looks like it's already on. If
Dialogue: 0,0:14:57.36,0:14:58.96,Default,,0000,0000,0000,,yours are not on, just make sure to turn
Dialogue: 0,0:14:58.96,0:15:00.88,Default,,0000,0000,0000,,the file and printer sharing on.
Dialogue: 0,0:15:00.88,0:15:03.20,Default,,0000,0000,0000,,And then we will go to user account
Dialogue: 0,0:15:03.20,0:15:05.84,Default,,0000,0000,0000,,control, and this is not good to do,
Dialogue: 0,0:15:05.84,0:15:07.84,Default,,0000,0000,0000,,but our computer is not on the domain so
Dialogue: 0,0:15:07.84,0:15:09.76,Default,,0000,0000,0000,,we have to do these kind of hack things
Dialogue: 0,0:15:09.76,0:15:11.76,Default,,0000,0000,0000,,to be able to scan it. So I'll disable
Dialogue: 0,0:15:11.76,0:15:13.92,Default,,0000,0000,0000,,this, say okay, say yes. And then we're
Dialogue: 0,0:15:13.92,0:15:16.24,Default,,0000,0000,0000,,going to open the registry and then
Dialogue: 0,0:15:16.24,0:15:18.48,Default,,0000,0000,0000,,add a key that's supposed to allow the
Dialogue: 0,0:15:18.48,0:15:20.56,Default,,0000,0000,0000,,remote account to like connect in. And
Dialogue: 0,0:15:20.56,0:15:21.60,Default,,0000,0000,0000,,next we're going to connect to the
Dialogue: 0,0:15:21.60,0:15:23.28,Default,,0000,0000,0000,,registry and add a key that's supposed
Dialogue: 0,0:15:23.28,0:15:25.84,Default,,0000,0000,0000,,to I guess further disable user account
Dialogue: 0,0:15:25.84,0:15:27.60,Default,,0000,0000,0000,,control for the remote account we're
Dialogue: 0,0:15:27.60,0:15:29.28,Default,,0000,0000,0000,,going to use to connect to this
Dialogue: 0,0:15:29.28,0:15:31.52,Default,,0000,0000,0000,,computer during our scan. So just go to
Dialogue: 0,0:15:31.52,0:15:33.44,Default,,0000,0000,0000,,start and type regedit. Again, I got this
Dialogue: 0,0:15:33.44,0:15:35.52,Default,,0000,0000,0000,,documentation from Nessus, I'll put a
Dialogue: 0,0:15:35.52,0:15:37.12,Default,,0000,0000,0000,,link to it in the description. So we will
Dialogue: 0,0:15:37.12,0:15:40.56,Default,,0000,0000,0000,,browse to a local machine here, so we'll
Dialogue: 0,0:15:40.56,0:15:44.40,Default,,0000,0000,0000,,go to local machine, software, Microsoft,
Dialogue: 0,0:15:44.40,0:15:48.24,Default,,0000,0000,0000,,Windows, current version, policies, system,
Dialogue: 0,0:15:48.24,0:15:50.96,Default,,0000,0000,0000,,and then inside here we'll create a
Dialogue: 0,0:15:50.96,0:15:53.92,Default,,0000,0000,0000,,DWORD called local account token filter
Dialogue: 0,0:15:53.92,0:15:55.52,Default,,0000,0000,0000,,policy, so
Dialogue: 0,0:15:55.52,0:15:59.60,Default,,0000,0000,0000,,local account token filter policy, local
Dialogue: 0,0:15:59.60,0:16:02.48,Default,,0000,0000,0000,,account token filter policy. We'll say enter
Dialogue: 0,0:16:02.48,0:16:04.88,Default,,0000,0000,0000,,and then we'll set this value to 1, and
Dialogue: 0,0:16:04.88,0:16:06.08,Default,,0000,0000,0000,,we'll close this. And we'll go ahead and
Dialogue: 0,0:16:06.08,0:16:07.68,Default,,0000,0000,0000,,restart our virtual machine at this
Dialogue: 0,0:16:07.68,0:16:09.20,Default,,0000,0000,0000,,point. Cool, and then we'll log in,
Dialogue: 0,0:16:09.20,0:16:11.44,Default,,0000,0000,0000,,remember our username, I made mine admin,
Dialogue: 0,0:16:11.44,0:16:13.12,Default,,0000,0000,0000,,and then whatever your password is, just
Dialogue: 0,0:16:13.12,0:16:14.72,Default,,0000,0000,0000,,make sure you don't forget it. And we
Dialogue: 0,0:16:14.72,0:16:18.16,Default,,0000,0000,0000,,should be ready to scan our computer now.
Dialogue: 0,0:16:18.16,0:16:19.44,Default,,0000,0000,0000,,We're going to edit this scan that we
Dialogue: 0,0:16:19.44,0:16:22.00,Default,,0000,0000,0000,,made, so go back to Nessus Essentials, and
Dialogue: 0,0:16:22.00,0:16:24.96,Default,,0000,0000,0000,,then we will, oh, so check this box next
Dialogue: 0,0:16:24.96,0:16:27.04,Default,,0000,0000,0000,,to the scan, and then go to more, and then go
Dialogue: 0,0:16:27.04,0:16:28.56,Default,,0000,0000,0000,,to configure, and then we're going to add
Dialogue: 0,0:16:28.56,0:16:30.08,Default,,0000,0000,0000,,a set of credentials to this, and we're
Dialogue: 0,0:16:30.08,0:16:32.08,Default,,0000,0000,0000,,going to add Windows credentials. So
Dialogue: 0,0:16:32.08,0:16:33.68,Default,,0000,0000,0000,,we're going to use password, and remember,
Dialogue: 0,0:16:33.68,0:16:35.68,Default,,0000,0000,0000,,our username is admin, so if you go to
Dialogue: 0,0:16:35.68,0:16:38.88,Default,,0000,0000,0000,,the VM and go to cmd and type like
Dialogue: 0,0:16:38.88,0:16:41.36,Default,,0000,0000,0000,,whoami, the name is
Dialogue: 0,0:16:41.36,0:16:43.68,Default,,0000,0000,0000,,admin right, so we'll say admin, and then
Dialogue: 0,0:16:43.68,0:16:45.60,Default,,0000,0000,0000,,whatever you made the password. And I
Dialogue: 0,0:16:45.60,0:16:46.64,Default,,0000,0000,0000,,believe,
Dialogue: 0,0:16:46.64,0:16:48.16,Default,,0000,0000,0000,,I believe we can like leave all these
Dialogue: 0,0:16:48.16,0:16:50.08,Default,,0000,0000,0000,,things as default, if it breaks, I mean
Dialogue: 0,0:16:50.08,0:16:51.76,Default,,0000,0000,0000,,maybe we can come back and configure it, or
Dialogue: 0,0:16:51.76,0:16:53.28,Default,,0000,0000,0000,,if it doesn't work, we can check it. So
Dialogue: 0,0:16:53.28,0:16:56.24,Default,,0000,0000,0000,,we'll save this as it is. So it saved, and then
Dialogue: 0,0:16:56.24,0:16:58.64,Default,,0000,0000,0000,,we'll go back, and back to scans, and then
Dialogue: 0,0:16:58.64,0:17:00.88,Default,,0000,0000,0000,,we'll run this scan one more time.
Dialogue: 0,0:17:00.88,0:17:02.64,Default,,0000,0000,0000,,When this finishes, we'll compare the
Dialogue: 0,0:17:02.64,0:17:04.56,Default,,0000,0000,0000,,results with the first scan, and
Dialogue: 0,0:17:04.56,0:17:06.24,Default,,0000,0000,0000,,technically we should see more results
Dialogue: 0,0:17:06.24,0:17:07.76,Default,,0000,0000,0000,,with this one because we enabled
Dialogue: 0,0:17:07.76,0:17:09.36,Default,,0000,0000,0000,,credentialed scanning and we kind of
Dialogue: 0,0:17:09.36,0:17:12.08,Default,,0000,0000,0000,,configured the VM to accept remote scans.
Dialogue: 0,0:17:12.08,0:17:13.76,Default,,0000,0000,0000,,So we'll see what happens, so I'll just
Dialogue: 0,0:17:13.76,0:17:15.52,Default,,0000,0000,0000,,pause this and I'll come back, I'll pause
Dialogue: 0,0:17:15.52,0:17:17.12,Default,,0000,0000,0000,,the video and come back when it finishes.
Dialogue: 0,0:17:17.12,0:17:18.88,Default,,0000,0000,0000,,Okay, it's been a few minutes and it
Dialogue: 0,0:17:18.88,0:17:20.80,Default,,0000,0000,0000,,looks like our scan is finished here. So
Dialogue: 0,0:17:20.80,0:17:23.28,Default,,0000,0000,0000,,we will click on this, and we can see
Dialogue: 0,0:17:23.28,0:17:25.28,Default,,0000,0000,0000,,like immediately, remember last time we
Dialogue: 0,0:17:25.28,0:17:27.12,Default,,0000,0000,0000,,we had like one medium and a bunch of
Dialogue: 0,0:17:27.12,0:17:29.04,Default,,0000,0000,0000,,infos. Now we have like seven criticals,
Dialogue: 0,0:17:29.04,0:17:31.92,Default,,0000,0000,0000,,38 highs, and, you know, four mediums, and a
Dialogue: 0,0:17:31.92,0:17:33.84,Default,,0000,0000,0000,,whole bunch more infos. It's pretty
Dialogue: 0,0:17:33.84,0:17:35.52,Default,,0000,0000,0000,,interesting, so before we like really
Dialogue: 0,0:17:35.52,0:17:37.04,Default,,0000,0000,0000,,dive into the vulnerabilities and all
Dialogue: 0,0:17:37.04,0:17:39.20,Default,,0000,0000,0000,,this. I'll just click on history over
Dialogue: 0,0:17:39.20,0:17:40.56,Default,,0000,0000,0000,,here really quick. And this is the
Dialogue: 0,0:17:40.56,0:17:41.76,Default,,0000,0000,0000,,current one and you can see the
Dialogue: 0,0:17:41.76,0:17:43.76,Default,,0000,0000,0000,,vulnerabilities down here. You can see,
Dialogue: 0,0:17:43.76,0:17:45.60,Default,,0000,0000,0000,,you know, five percent criticals, etc. And
Dialogue: 0,0:17:45.60,0:17:47.36,Default,,0000,0000,0000,,then if we click on our first scan, we
Dialogue: 0,0:17:47.36,0:17:49.28,Default,,0000,0000,0000,,can see like we didn't use credentials
Dialogue: 0,0:17:49.28,0:17:50.88,Default,,0000,0000,0000,,for this, so we couldn't look at the file
Dialogue: 0,0:17:50.88,0:17:52.56,Default,,0000,0000,0000,,system or the registry or any other
Dialogue: 0,0:17:52.56,0:17:54.96,Default,,0000,0000,0000,,running services or any of that, so
Dialogue: 0,0:17:54.96,0:17:56.48,Default,,0000,0000,0000,,you can see there's like a big
Dialogue: 0,0:17:56.48,0:17:58.16,Default,,0000,0000,0000,,difference in doing credentialed scan
Dialogue: 0,0:17:58.16,0:18:00.24,Default,,0000,0000,0000,,versus like uncredentialed scans. So this
Dialogue: 0,0:18:00.24,0:18:02.32,Default,,0000,0000,0000,,kind of like solidifies the importance
Dialogue: 0,0:18:02.32,0:18:04.24,Default,,0000,0000,0000,,of running credentialed scans whether or
Dialogue: 0,0:18:04.24,0:18:06.00,Default,,0000,0000,0000,,not you're like scanning Cisco devices
Dialogue: 0,0:18:06.00,0:18:07.92,Default,,0000,0000,0000,,or like Linux machines or like Windows
Dialogue: 0,0:18:07.92,0:18:10.48,Default,,0000,0000,0000,,machines or Macs or whatever. If you can
Dialogue: 0,0:18:10.48,0:18:12.56,Default,,0000,0000,0000,,use credentials, you can really like
Dialogue: 0,0:18:12.56,0:18:14.72,Default,,0000,0000,0000,,discover more vulnerabilities. So I'll
Dialogue: 0,0:18:14.72,0:18:16.40,Default,,0000,0000,0000,,just click on the vulnerabilities tab
Dialogue: 0,0:18:16.40,0:18:17.92,Default,,0000,0000,0000,,here first, and we'll just kind of like
Dialogue: 0,0:18:17.92,0:18:19.52,Default,,0000,0000,0000,,look at these a little bit. We can see
Dialogue: 0,0:18:19.52,0:18:21.60,Default,,0000,0000,0000,,like this is essentially the
Dialogue: 0,0:18:21.60,0:18:23.92,Default,,0000,0000,0000,,list of findings, and some of these
Dialogue: 0,0:18:23.92,0:18:25.60,Default,,0000,0000,0000,,are mixed, so if we click on this, for
Dialogue: 0,0:18:25.60,0:18:27.52,Default,,0000,0000,0000,,example, we can see it's like a
Dialogue: 0,0:18:27.52,0:18:29.52,Default,,0000,0000,0000,,combination of like mostly criticals and
Dialogue: 0,0:18:29.52,0:18:31.28,Default,,0000,0000,0000,,highs, and you can see it's like mostly
Dialogue: 0,0:18:31.28,0:18:33.92,Default,,0000,0000,0000,,Edge, mostly Edge which can probably be
Dialogue: 0,0:18:33.92,0:18:35.68,Default,,0000,0000,0000,,remediated from like updating, running
Dialogue: 0,0:18:35.68,0:18:37.28,Default,,0000,0000,0000,,Windows updates essentially. And you can
Dialogue: 0,0:18:37.28,0:18:38.96,Default,,0000,0000,0000,,kind of look at these individual ones
Dialogue: 0,0:18:38.96,0:18:41.60,Default,,0000,0000,0000,,and dive more deep into them to
Dialogue: 0,0:18:41.60,0:18:43.44,Default,,0000,0000,0000,,see like what the actual thing is and
Dialogue: 0,0:18:43.44,0:18:45.04,Default,,0000,0000,0000,,like how to fix it.
Dialogue: 0,0:18:45.04,0:18:46.72,Default,,0000,0000,0000,,So we can go back a little bit. We'll
Dialogue: 0,0:18:46.72,0:18:48.00,Default,,0000,0000,0000,,back up a little bit more. So
Dialogue: 0,0:18:48.00,0:18:49.76,Default,,0000,0000,0000,,vulnerabilities around Edge, around
Dialogue: 0,0:18:49.76,0:18:52.16,Default,,0000,0000,0000,,Windows, around a bunch of other stuff.
Dialogue: 0,0:18:52.16,0:18:54.00,Default,,0000,0000,0000,,If we click on remediations, this tab
Dialogue: 0,0:18:54.00,0:18:56.08,Default,,0000,0000,0000,,kind of gives us like a high level like
Dialogue: 0,0:18:56.08,0:18:58.40,Default,,0000,0000,0000,,instructions on how to like remediate
Dialogue: 0,0:18:58.40,0:18:59.68,Default,,0000,0000,0000,,most of the findings from like a really
Dialogue: 0,0:18:59.68,0:19:01.52,Default,,0000,0000,0000,,high level, basically just like run
Dialogue: 0,0:19:01.52,0:19:03.20,Default,,0000,0000,0000,,Windows updates is what I'm
Dialogue: 0,0:19:03.20,0:19:05.12,Default,,0000,0000,0000,,seeing here. So security updates,
Dialogue: 0,0:19:05.12,0:19:07.04,Default,,0000,0000,0000,,install this KB to fix a bunch of other
Dialogue: 0,0:19:07.04,0:19:09.04,Default,,0000,0000,0000,,ones, and then all this is pretty much
Dialogue: 0,0:19:09.04,0:19:11.36,Default,,0000,0000,0000,,Windows updates. And this VPR top threats,
Dialogue: 0,0:19:11.36,0:19:14.32,Default,,0000,0000,0000,,these VPR top threats is essentially
Dialogue: 0,0:19:14.32,0:19:16.08,Default,,0000,0000,0000,,what Tenable is like recommending we
Dialogue: 0,0:19:16.08,0:19:18.08,Default,,0000,0000,0000,,prioritize to remediate probably based
Dialogue: 0,0:19:18.08,0:19:21.36,Default,,0000,0000,0000,,on CVSS score and like whatever other
Dialogue: 0,0:19:21.36,0:19:24.56,Default,,0000,0000,0000,,metrics they use. So like I would say
Dialogue: 0,0:19:24.56,0:19:26.40,Default,,0000,0000,0000,,before like, if I were
Dialogue: 0,0:19:26.40,0:19:28.24,Default,,0000,0000,0000,,doing this in like an organization,
Dialogue: 0,0:19:28.24,0:19:29.52,Default,,0000,0000,0000,,like the first thing you want to do is
Dialogue: 0,0:19:29.52,0:19:31.12,Default,,0000,0000,0000,,like make sure you have third-party
Dialogue: 0,0:19:31.12,0:19:33.76,Default,,0000,0000,0000,,patching and like Windows OS patching
Dialogue: 0,0:19:33.76,0:19:35.76,Default,,0000,0000,0000,,like set up properly and like properly
Dialogue: 0,0:19:35.76,0:19:37.44,Default,,0000,0000,0000,,being like tested and deployed on
Dialogue: 0,0:19:37.44,0:19:38.80,Default,,0000,0000,0000,,regular intervals, so you don't have to
Dialogue: 0,0:19:38.80,0:19:40.88,Default,,0000,0000,0000,,like kind of go through and deal with
Dialogue: 0,0:19:40.88,0:19:43.20,Default,,0000,0000,0000,,these like individual vulnerabilities
Dialogue: 0,0:19:43.20,0:19:44.96,Default,,0000,0000,0000,,that are related to things
Dialogue: 0,0:19:44.96,0:19:46.96,Default,,0000,0000,0000,,that can be easily fixed by like
Dialogue: 0,0:19:46.96,0:19:48.80,Default,,0000,0000,0000,,automated patching and stuff like this.
Dialogue: 0,0:19:48.80,0:19:51.52,Default,,0000,0000,0000,,So before I start like
Dialogue: 0,0:19:51.52,0:19:53.84,Default,,0000,0000,0000,,remediating these and fixing them, I'm
Dialogue: 0,0:19:53.84,0:19:55.60,Default,,0000,0000,0000,,gonna install some like deprecated
Dialogue: 0,0:19:55.60,0:19:57.92,Default,,0000,0000,0000,,software on this computer like a really
Dialogue: 0,0:19:57.92,0:19:59.60,Default,,0000,0000,0000,,old version of Firefox, and then we're
Dialogue: 0,0:19:59.60,0:20:01.76,Default,,0000,0000,0000,,gonna kind of run another scan, and then
Dialogue: 0,0:20:01.76,0:20:03.92,Default,,0000,0000,0000,,observe the results from that as well. So
Dialogue: 0,0:20:03.92,0:20:05.20,Default,,0000,0000,0000,,I'm gonna get this old version of
Dialogue: 0,0:20:05.20,0:20:07.36,Default,,0000,0000,0000,,Firefox. I'll put a link to it
Dialogue: 0,0:20:07.36,0:20:09.20,Default,,0000,0000,0000,,in the description, I was gonna say I'm
Dialogue: 0,0:20:09.20,0:20:10.80,Default,,0000,0000,0000,,worried about doing that, but I'll put a
Dialogue: 0,0:20:10.80,0:20:12.08,Default,,0000,0000,0000,,link to it in the description. It's
Dialogue: 0,0:20:12.08,0:20:14.40,Default,,0000,0000,0000,,really old, from six years ago apparently.
Dialogue: 0,0:20:14.40,0:20:16.72,Default,,0000,0000,0000,,So we'll just download this Firefox
Dialogue: 0,0:20:16.72,0:20:18.96,Default,,0000,0000,0000,,3612. And make sure to do this, make sure
Dialogue: 0,0:20:18.96,0:20:20.40,Default,,0000,0000,0000,,you're doing this in the virtual machine.
Dialogue: 0,0:20:20.40,0:20:22.16,Default,,0000,0000,0000,,Don't accidentally do it on your
Dialogue: 0,0:20:22.16,0:20:24.80,Default,,0000,0000,0000,,computer, and that's
Dialogue: 0,0:20:24.80,0:20:26.88,Default,,0000,0000,0000,,what I'm actually doing, so make sure
Dialogue: 0,0:20:26.88,0:20:29.12,Default,,0000,0000,0000,,go to the virtual machine. So we'll open
Dialogue: 0,0:20:29.12,0:20:31.28,Default,,0000,0000,0000,,up Edge in our virtual machine, and then
Dialogue: 0,0:20:31.28,0:20:33.52,Default,,0000,0000,0000,,we'll paste, oh no, I can't paste it? I'm
Dialogue: 0,0:20:33.52,0:20:34.96,Default,,0000,0000,0000,,just gonna search like download
Dialogue: 0,0:20:34.96,0:20:36.96,Default,,0000,0000,0000,,deprecated Firefox. I shouldn't
Dialogue: 0,0:20:36.96,0:20:38.56,Default,,0000,0000,0000,,use the word deprecated. I'll
Dialogue: 0,0:20:38.56,0:20:42.24,Default,,0000,0000,0000,,say download old Firefox, and
Dialogue: 0,0:20:42.24,0:20:44.16,Default,,0000,0000,0000,,I think I can click here and do it.
Dialogue: 0,0:20:44.16,0:20:46.08,Default,,0000,0000,0000,,Still want to downgrade directory, I'll go
Dialogue: 0,0:20:46.08,0:20:48.08,Default,,0000,0000,0000,,to directory of all old ones and then
Dialogue: 0,0:20:48.08,0:20:50.48,Default,,0000,0000,0000,,I'll get 3612. This is random by the way,
Dialogue: 0,0:20:50.48,0:20:51.84,Default,,0000,0000,0000,,you can get any old version that you
Dialogue: 0,0:20:51.84,0:20:53.52,Default,,0000,0000,0000,,want. I'm just using this one because I
Dialogue: 0,0:20:53.52,0:20:58.08,Default,,0000,0000,0000,,did it already. win32, en-US, and
Dialogue: 0,0:20:58.08,0:20:59.92,Default,,0000,0000,0000,,I'll get this. So we'll open this, and
Dialogue: 0,0:20:59.92,0:21:02.40,Default,,0000,0000,0000,,then install this super old version of
Dialogue: 0,0:21:02.40,0:21:05.60,Default,,0000,0000,0000,,Firefox. We'll say next, standard, sure, and
Dialogue: 0,0:21:05.60,0:21:07.84,Default,,0000,0000,0000,,then sure, we can launch it, I guess,
Dialogue: 0,0:21:07.84,0:21:10.56,Default,,0000,0000,0000,,yeah why not. Cool, so this is old, old
Dialogue: 0,0:21:10.56,0:21:13.52,Default,,0000,0000,0000,,Firefox, so now we have an old Firefox on
Dialogue: 0,0:21:13.52,0:21:15.12,Default,,0000,0000,0000,,our computer, so we'll close this. This is
Dialogue: 0,0:21:15.12,0:21:16.56,Default,,0000,0000,0000,,our virtual machine remember. Here's
Dialogue: 0,0:21:16.56,0:21:18.72,Default,,0000,0000,0000,,Firefox. And then so we will go back to
Dialogue: 0,0:21:18.72,0:21:21.04,Default,,0000,0000,0000,,our scans here. This is on our host
Dialogue: 0,0:21:21.04,0:21:22.72,Default,,0000,0000,0000,,machine, and this is Nessus so we'll go
Dialogue: 0,0:21:22.72,0:21:24.24,Default,,0000,0000,0000,,back to our scans, and we don't need to
Dialogue: 0,0:21:24.24,0:21:26.40,Default,,0000,0000,0000,,change our scan anymore. We'll just click
Dialogue: 0,0:21:26.40,0:21:28.56,Default,,0000,0000,0000,,launch and it will just run another scan.
Dialogue: 0,0:21:28.56,0:21:30.64,Default,,0000,0000,0000,,It will do the same thing scan all, scan
Dialogue: 0,0:21:30.64,0:21:32.32,Default,,0000,0000,0000,,the common open ports, inspect the
Dialogue: 0,0:21:32.32,0:21:35.36,Default,,0000,0000,0000,,registry, inspect the services, and then
Dialogue: 0,0:21:35.36,0:21:36.96,Default,,0000,0000,0000,,inspect the file system. It's going to
Dialogue: 0,0:21:36.96,0:21:39.36,Default,,0000,0000,0000,,discover this old deprecated version of
Dialogue: 0,0:21:39.36,0:21:40.88,Default,,0000,0000,0000,,Firefox. There's like a million
Dialogue: 0,0:21:40.88,0:21:42.56,Default,,0000,0000,0000,,vulnerabilities in it probably, so
Dialogue: 0,0:21:42.56,0:21:44.48,Default,,0000,0000,0000,,hopefully we'll see that reflected
Dialogue: 0,0:21:44.48,0:21:46.16,Default,,0000,0000,0000,,in the scan results when this finishes
Dialogue: 0,0:21:46.16,0:21:47.76,Default,,0000,0000,0000,,here in a couple of minutes. Okay, it's
Dialogue: 0,0:21:47.76,0:21:49.52,Default,,0000,0000,0000,,been a couple more minutes and our scan
Dialogue: 0,0:21:49.52,0:21:51.20,Default,,0000,0000,0000,,is finished, so we can click on this
Dialogue: 0,0:21:51.20,0:21:53.04,Default,,0000,0000,0000,,again, and we'll see like our
Dialogue: 0,0:21:53.04,0:21:55.52,Default,,0000,0000,0000,,vulnerabilities like went up to 68
Dialogue: 0,0:21:55.52,0:21:57.04,Default,,0000,0000,0000,,critical now. So before we kind of dive
Dialogue: 0,0:21:57.04,0:21:58.48,Default,,0000,0000,0000,,into these, again, we'll check out the
Dialogue: 0,0:21:58.48,0:22:00.16,Default,,0000,0000,0000,,history just so we can see like a trend
Dialogue: 0,0:22:00.16,0:22:02.16,Default,,0000,0000,0000,,in these. So this is the first one in the
Dialogue: 0,0:22:02.16,0:22:04.40,Default,,0000,0000,0000,,bottom here we can see only info, no
Dialogue: 0,0:22:04.40,0:22:06.32,Default,,0000,0000,0000,,credentials provided. Second one is our
Dialogue: 0,0:22:06.32,0:22:08.40,Default,,0000,0000,0000,,credentials provided, and we, you know, we
Dialogue: 0,0:22:08.40,0:22:10.00,Default,,0000,0000,0000,,have a little bit more, we have some
Dialogue: 0,0:22:10.00,0:22:12.00,Default,,0000,0000,0000,,criticals discovered and some highs. And
Dialogue: 0,0:22:12.00,0:22:14.48,Default,,0000,0000,0000,,then we installed Firefox, like a really
Dialogue: 0,0:22:14.48,0:22:16.32,Default,,0000,0000,0000,,old one, and then this is our current
Dialogue: 0,0:22:16.32,0:22:18.64,Default,,0000,0000,0000,,scan. There's like a bunch more criticals,
Dialogue: 0,0:22:18.64,0:22:21.04,Default,,0000,0000,0000,,whole bunch of criticals, so we'll go to
Dialogue: 0,0:22:21.04,0:22:23.92,Default,,0000,0000,0000,,the vulnerabilities tab here.
Dialogue: 0,0:22:23.92,0:22:26.16,Default,,0000,0000,0000,,And then we can kind of see this one at
Dialogue: 0,0:22:26.16,0:22:28.24,Default,,0000,0000,0000,,the very top mixed with Firefox and
Dialogue: 0,0:22:28.24,0:22:30.88,Default,,0000,0000,0000,,total count of like 141, so if we click
Dialogue: 0,0:22:30.88,0:22:33.44,Default,,0000,0000,0000,,on this, it's just absolute chuck full
Dialogue: 0,0:22:33.44,0:22:35.04,Default,,0000,0000,0000,,of criticals just because that version
Dialogue: 0,0:22:35.04,0:22:37.04,Default,,0000,0000,0000,,of Firefox is like so old, it has so many
Dialogue: 0,0:22:37.04,0:22:38.48,Default,,0000,0000,0000,,vulnerabilities. And it's not like you
Dialogue: 0,0:22:38.48,0:22:39.92,Default,,0000,0000,0000,,have to like go through like fix each
Dialogue: 0,0:22:39.92,0:22:41.28,Default,,0000,0000,0000,,one of these one at a time, you can
Dialogue: 0,0:22:41.28,0:22:43.12,Default,,0000,0000,0000,,either just like upgrade Firefox to the
Dialogue: 0,0:22:43.12,0:22:44.80,Default,,0000,0000,0000,,latest one or just like completely
Dialogue: 0,0:22:44.80,0:22:46.40,Default,,0000,0000,0000,,uninstall it and it will remediate the
Dialogue: 0,0:22:46.40,0:22:47.60,Default,,0000,0000,0000,,vulnerabilities. So we can click
Dialogue: 0,0:22:47.60,0:22:49.44,Default,,0000,0000,0000,,remediations, we pretty much see the same
Dialogue: 0,0:22:49.44,0:22:51.60,Default,,0000,0000,0000,,thing as last time except for at the
Dialogue: 0,0:22:51.60,0:22:54.08,Default,,0000,0000,0000,,very top now we have a recommendation to
Dialogue: 0,0:22:54.08,0:22:56.64,Default,,0000,0000,0000,,upgrade Firefox. And then again this VPR
Dialogue: 0,0:22:56.64,0:22:59.04,Default,,0000,0000,0000,,top threats, we have this kind of
Dialogue: 0,0:22:59.04,0:23:01.84,Default,,0000,0000,0000,,Firefox in here. Again, history, first scan,
Dialogue: 0,0:23:01.84,0:23:03.76,Default,,0000,0000,0000,,no credentials. Second, credentials,
Dialogue: 0,0:23:03.76,0:23:05.68,Default,,0000,0000,0000,,default Windows install. Third scan,
Dialogue: 0,0:23:05.68,0:23:08.48,Default,,0000,0000,0000,,Firefox, old Firefox, whole
Dialogue: 0,0:23:08.48,0:23:10.08,Default,,0000,0000,0000,,bunch of vulnerabilities that need to be
Dialogue: 0,0:23:10.08,0:23:12.24,Default,,0000,0000,0000,,remediated. So the next step we're going
Dialogue: 0,0:23:12.24,0:23:14.40,Default,,0000,0000,0000,,to, we're just going to try to remediate
Dialogue: 0,0:23:14.40,0:23:16.00,Default,,0000,0000,0000,,as many of these vulnerabilities as we
Dialogue: 0,0:23:16.00,0:23:17.84,Default,,0000,0000,0000,,can by doing like really simple things,
Dialogue: 0,0:23:17.84,0:23:19.20,Default,,0000,0000,0000,,like we're just going to uninstall
Dialogue: 0,0:23:19.20,0:23:21.12,Default,,0000,0000,0000,,Firefox totally, and then we're going to
Dialogue: 0,0:23:21.12,0:23:22.80,Default,,0000,0000,0000,,just essentially like run Windows
Dialogue: 0,0:23:22.80,0:23:25.28,Default,,0000,0000,0000,,updates until there's no more updates
Dialogue: 0,0:23:25.28,0:23:27.36,Default,,0000,0000,0000,,that need to happen essentially. So we'll
Dialogue: 0,0:23:27.36,0:23:29.36,Default,,0000,0000,0000,,go to our virtual machine here, and then
Dialogue: 0,0:23:29.36,0:23:32.00,Default,,0000,0000,0000,,we can go to appwiz.cpl, that's like a
Dialogue: 0,0:23:32.00,0:23:34.16,Default,,0000,0000,0000,,kind of shortcut to go to this thing.
Dialogue: 0,0:23:34.16,0:23:36.08,Default,,0000,0000,0000,,So we can go to Firefox, I'm just going
Dialogue: 0,0:23:36.08,0:23:38.00,Default,,0000,0000,0000,,to uninstall it to be honest. So uninstall
Dialogue: 0,0:23:38.00,0:23:40.32,Default,,0000,0000,0000,,Firefox, and then I'll go to Windows
Dialogue: 0,0:23:40.32,0:23:42.48,Default,,0000,0000,0000,,update, and let's see
Dialogue: 0,0:23:42.48,0:23:44.24,Default,,0000,0000,0000,,I guess I'll just manually check for
Dialogue: 0,0:23:44.24,0:23:45.68,Default,,0000,0000,0000,,updates, I'll leave the settings to like
Dialogue: 0,0:23:45.68,0:23:47.04,Default,,0000,0000,0000,,whatever they are. And then you can do
Dialogue: 0,0:23:47.04,0:23:48.72,Default,,0000,0000,0000,,this too just keep like running Windows
Dialogue: 0,0:23:48.72,0:23:50.08,Default,,0000,0000,0000,,updates, and you might have to like
Dialogue: 0,0:23:50.08,0:23:51.44,Default,,0000,0000,0000,,restart and then run it again then
Dialogue: 0,0:23:51.44,0:23:53.68,Default,,0000,0000,0000,,restart and run it again. I'll pause this
Dialogue: 0,0:23:53.68,0:23:55.20,Default,,0000,0000,0000,,and I'll just kind of like let the
Dialogue: 0,0:23:55.20,0:23:57.04,Default,,0000,0000,0000,,updates happen, then I'll come back to it
Dialogue: 0,0:23:57.04,0:23:59.04,Default,,0000,0000,0000,,again. Okay, it updated for a while and
Dialogue: 0,0:23:59.04,0:24:00.48,Default,,0000,0000,0000,,it's asking for a restart, so I'll just go
Dialogue: 0,0:24:00.48,0:24:03.44,Default,,0000,0000,0000,,ahead and restart and repeat the process.
Dialogue: 0,0:24:03.44,0:24:05.52,Default,,0000,0000,0000,,Okay when it comes back up, just go ahead
Dialogue: 0,0:24:05.52,0:24:08.00,Default,,0000,0000,0000,,and log in again, and go to Windows
Dialogue: 0,0:24:08.00,0:24:10.16,Default,,0000,0000,0000,,updates again, and just click check for
Dialogue: 0,0:24:10.16,0:24:12.80,Default,,0000,0000,0000,,updates one more time just to make sure.
Dialogue: 0,0:24:12.80,0:24:14.40,Default,,0000,0000,0000,,Okay, it looks like it's installing some
Dialogue: 0,0:24:14.40,0:24:15.68,Default,,0000,0000,0000,,more, so I'll go ahead and pause this and
Dialogue: 0,0:24:15.68,0:24:18.16,Default,,0000,0000,0000,,kind of let this continue. So it actually
Dialogue: 0,0:24:18.16,0:24:19.84,Default,,0000,0000,0000,,looks like the updates are done, so we'll
Dialogue: 0,0:24:19.84,0:24:22.40,Default,,0000,0000,0000,,go back to Nessus, go back to my scans,
Dialogue: 0,0:24:22.40,0:24:24.88,Default,,0000,0000,0000,,and we'll run our scan one more time. So
Dialogue: 0,0:24:24.88,0:24:26.72,Default,,0000,0000,0000,,we should expect to see a lot of the
Dialogue: 0,0:24:26.72,0:24:28.56,Default,,0000,0000,0000,,remediations done, there should be a lot
Dialogue: 0,0:24:28.56,0:24:30.48,Default,,0000,0000,0000,,less highs and criticals like Firefox
Dialogue: 0,0:24:30.48,0:24:32.00,Default,,0000,0000,0000,,should be gone, like all the Windows
Dialogue: 0,0:24:32.00,0:24:34.08,Default,,0000,0000,0000,,updates should be no longer required, but
Dialogue: 0,0:24:34.08,0:24:36.08,Default,,0000,0000,0000,,we will let this finish, and then check
Dialogue: 0,0:24:36.08,0:24:37.76,Default,,0000,0000,0000,,it out in a couple of minutes, or for you
Dialogue: 0,0:24:37.76,0:24:39.20,Default,,0000,0000,0000,,it will be instantly because I'll edit
Dialogue: 0,0:24:39.20,0:24:40.96,Default,,0000,0000,0000,,this out. So our last scan has finally
Dialogue: 0,0:24:40.96,0:24:43.60,Default,,0000,0000,0000,,finished, so let's check this out. So
Dialogue: 0,0:24:43.60,0:24:45.28,Default,,0000,0000,0000,,we'll click on this and before we like
Dialogue: 0,0:24:45.28,0:24:46.72,Default,,0000,0000,0000,,really dive in deep, we can kind of see
Dialogue: 0,0:24:46.72,0:24:48.32,Default,,0000,0000,0000,,there's some highs and some
Dialogue: 0,0:24:48.32,0:24:49.52,Default,,0000,0000,0000,,criticals and highs, but we'll go to
Dialogue: 0,0:24:49.52,0:24:51.84,Default,,0000,0000,0000,,history over here, and this is our
Dialogue: 0,0:24:51.84,0:24:53.76,Default,,0000,0000,0000,,current scan, and this is the last scan
Dialogue: 0,0:24:53.76,0:24:56.48,Default,,0000,0000,0000,,right here before we uninstalled Firefox
Dialogue: 0,0:24:56.48,0:24:58.64,Default,,0000,0000,0000,,and before we updated Windows, so we can
Dialogue: 0,0:24:58.64,0:25:00.16,Default,,0000,0000,0000,,see there's quite a bit more mediums,
Dialogue: 0,0:25:00.16,0:25:01.84,Default,,0000,0000,0000,,quite a bit more, sorry, there's quite a
Dialogue: 0,0:25:01.84,0:25:03.28,Default,,0000,0000,0000,,bit more criticals, quite a bit more
Dialogue: 0,0:25:03.28,0:25:05.84,Default,,0000,0000,0000,,highs. So current, after removing
Dialogue: 0,0:25:05.84,0:25:07.44,Default,,0000,0000,0000,,Firefox and running Windows updates, and
Dialogue: 0,0:25:07.44,0:25:09.84,Default,,0000,0000,0000,,then before. So there's quite a bit less, and
Dialogue: 0,0:25:09.84,0:25:12.72,Default,,0000,0000,0000,,this scan right here, this is the
Dialogue: 0,0:25:12.72,0:25:14.80,Default,,0000,0000,0000,,default install of Windows and then this
Dialogue: 0,0:25:14.80,0:25:16.96,Default,,0000,0000,0000,,is the current one after updating
Dialogue: 0,0:25:16.96,0:25:19.12,Default,,0000,0000,0000,,Windows. So current or default and then
Dialogue: 0,0:25:19.12,0:25:20.40,Default,,0000,0000,0000,,current. So we can kind of dive into
Dialogue: 0,0:25:20.40,0:25:22.00,Default,,0000,0000,0000,,these like a little bit, it looks like
Dialogue: 0,0:25:22.00,0:25:24.56,Default,,0000,0000,0000,,the remaining vulnerabilities, most of
Dialogue: 0,0:25:24.56,0:25:26.64,Default,,0000,0000,0000,,them are around Microsoft Edge. It looks
Dialogue: 0,0:25:26.64,0:25:28.72,Default,,0000,0000,0000,,like maybe Windows update didn't update
Dialogue: 0,0:25:28.72,0:25:30.80,Default,,0000,0000,0000,,Edge for some reason. We can check
Dialogue: 0,0:25:30.80,0:25:33.52,Default,,0000,0000,0000,,this one, a bunch of highs, I can't
Dialogue: 0,0:25:33.52,0:25:36.32,Default,,0000,0000,0000,,read these. Microsoft 3D Viewer Base 3D
Dialogue: 0,0:25:36.32,0:25:38.40,Default,,0000,0000,0000,,Code something. Maybe this is some like
Dialogue: 0,0:25:38.40,0:25:40.48,Default,,0000,0000,0000,,native app that's installed, oh yeah, it
Dialogue: 0,0:25:40.48,0:25:42.08,Default,,0000,0000,0000,,is. So it looks like there's some like
Dialogue: 0,0:25:42.08,0:25:44.16,Default,,0000,0000,0000,,random stuff that's still on this
Dialogue: 0,0:25:44.16,0:25:45.68,Default,,0000,0000,0000,,virtual machine that maybe it's like out
Dialogue: 0,0:25:45.68,0:25:47.76,Default,,0000,0000,0000,,of date or something like this, and
Dialogue: 0,0:25:47.76,0:25:49.44,Default,,0000,0000,0000,,you can just kind of look through this. I
Dialogue: 0,0:25:49.44,0:25:51.44,Default,,0000,0000,0000,,won't like do any further remediations
Dialogue: 0,0:25:51.44,0:25:52.56,Default,,0000,0000,0000,,because this video is getting kind of
Dialogue: 0,0:25:52.56,0:25:54.96,Default,,0000,0000,0000,,long so, but maybe you could consider,
Dialogue: 0,0:25:54.96,0:25:57.44,Default,,0000,0000,0000,,you know, figuring out exactly like how
Dialogue: 0,0:25:57.44,0:25:59.12,Default,,0000,0000,0000,,to update Microsoft Edge or like
Dialogue: 0,0:25:59.12,0:26:00.56,Default,,0000,0000,0000,,uninstall it if you're allowed to do
Dialogue: 0,0:26:00.56,0:26:02.00,Default,,0000,0000,0000,,that like, I don't know. But yeah, it's
Dialogue: 0,0:26:02.00,0:26:03.52,Default,,0000,0000,0000,,pretty interesting to kind of
Dialogue: 0,0:26:03.52,0:26:05.28,Default,,0000,0000,0000,,experiment with this and like install
Dialogue: 0,0:26:05.28,0:26:07.12,Default,,0000,0000,0000,,like really old stuff, or maybe even
Dialogue: 0,0:26:07.12,0:26:09.36,Default,,0000,0000,0000,,like get a hold of like a Windows XP ISO
Dialogue: 0,0:26:09.36,0:26:11.76,Default,,0000,0000,0000,,and install Windows XP, right, and scan
Dialogue: 0,0:26:11.76,0:26:13.76,Default,,0000,0000,0000,,that and see what kind of like swiss
Dialogue: 0,0:26:13.76,0:26:16.16,Default,,0000,0000,0000,,cheese scan results like come back. It's
Dialogue: 0,0:26:16.16,0:26:17.76,Default,,0000,0000,0000,,like going to be absolutely full of
Dialogue: 0,0:26:17.76,0:26:19.68,Default,,0000,0000,0000,,holes, but yeah that is vulnerability
Dialogue: 0,0:26:19.68,0:26:21.12,Default,,0000,0000,0000,,management. And those are kind of like the
Dialogue: 0,0:26:21.12,0:26:22.96,Default,,0000,0000,0000,,really kind of the core components of
Dialogue: 0,0:26:22.96,0:26:24.40,Default,,0000,0000,0000,,vulnerability management just like
Dialogue: 0,0:26:24.40,0:26:26.08,Default,,0000,0000,0000,,scanning and remediating, scanning and
Dialogue: 0,0:26:26.08,0:26:27.92,Default,,0000,0000,0000,,remediating, but, you know, a lot more goes
Dialogue: 0,0:26:27.92,0:26:29.20,Default,,0000,0000,0000,,into it because you have to have like,
Dialogue: 0,0:26:29.20,0:26:30.32,Default,,0000,0000,0000,,you know, when you work at a big
Dialogue: 0,0:26:30.32,0:26:32.08,Default,,0000,0000,0000,,organization, you usually will make some
Dialogue: 0,0:26:32.08,0:26:34.16,Default,,0000,0000,0000,,kind of standard and like policies and
Dialogue: 0,0:26:34.16,0:26:36.00,Default,,0000,0000,0000,,procedures, and you have to kind of bring
Dialogue: 0,0:26:36.00,0:26:37.52,Default,,0000,0000,0000,,all the departments in and work with the
Dialogue: 0,0:26:37.52,0:26:38.96,Default,,0000,0000,0000,,individual groups to like get
Dialogue: 0,0:26:38.96,0:26:41.04,Default,,0000,0000,0000,,credentials for all their individual
Dialogue: 0,0:26:41.04,0:26:42.96,Default,,0000,0000,0000,,resources, or maybe you use like a domain
Dialogue: 0,0:26:42.96,0:26:44.80,Default,,0000,0000,0000,,account to scan everything, and it
Dialogue: 0,0:26:44.80,0:26:46.32,Default,,0000,0000,0000,,gets a little bit more complicated when
Dialogue: 0,0:26:46.32,0:26:48.08,Default,,0000,0000,0000,,you're in a large organization, but this
Dialogue: 0,0:26:48.08,0:26:50.00,Default,,0000,0000,0000,,is pretty much the guts of it,
Dialogue: 0,0:26:50.00,0:26:51.36,Default,,0000,0000,0000,,just like scanning stuff, finding
Dialogue: 0,0:26:51.36,0:26:53.28,Default,,0000,0000,0000,,vulnerabilities, and then essentially
Dialogue: 0,0:26:53.28,0:26:55.20,Default,,0000,0000,0000,,remediating them. You want to automate it,
Dialogue: 0,0:26:55.20,0:26:57.12,Default,,0000,0000,0000,,as much of it as you can as possible
Dialogue: 0,0:26:57.12,0:26:58.96,Default,,0000,0000,0000,,like updating like the third-party
Dialogue: 0,0:26:58.96,0:27:00.96,Default,,0000,0000,0000,,apps and like Windows update and this
Dialogue: 0,0:27:00.96,0:27:02.56,Default,,0000,0000,0000,,kind of thing. And you want to have like
Dialogue: 0,0:27:02.56,0:27:04.48,Default,,0000,0000,0000,,a secure build standard, so like make
Dialogue: 0,0:27:04.48,0:27:06.16,Default,,0000,0000,0000,,sure the build is like already like
Dialogue: 0,0:27:06.16,0:27:08.72,Default,,0000,0000,0000,,remediated and like secure enough before
Dialogue: 0,0:27:08.72,0:27:10.08,Default,,0000,0000,0000,,it goes into production to kind of
Dialogue: 0,0:27:10.08,0:27:11.52,Default,,0000,0000,0000,,reduce the amount of vulnerabilities
Dialogue: 0,0:27:11.52,0:27:13.04,Default,,0000,0000,0000,,that get introduced, but now that you've
Dialogue: 0,0:27:13.04,0:27:14.08,Default,,0000,0000,0000,,kind of like watched this you have a
Dialogue: 0,0:27:14.08,0:27:15.76,Default,,0000,0000,0000,,pretty good idea, I would say, of how
Dialogue: 0,0:27:15.76,0:27:17.68,Default,,0000,0000,0000,,vulnerability management works, so you
Dialogue: 0,0:27:17.68,0:27:19.84,Default,,0000,0000,0000,,can, you know, practice this a bunch, and
Dialogue: 0,0:27:19.84,0:27:21.28,Default,,0000,0000,0000,,consider like reading up on how to
Dialogue: 0,0:27:21.28,0:27:22.72,Default,,0000,0000,0000,,implement vulnerability management on
Dialogue: 0,0:27:22.72,0:27:24.24,Default,,0000,0000,0000,,like a large organization, and then you can
Dialogue: 0,0:27:24.24,0:27:26.16,Default,,0000,0000,0000,,like put something on your resume that
Dialogue: 0,0:27:26.16,0:27:27.60,Default,,0000,0000,0000,,might look something like this, and then
Dialogue: 0,0:27:27.60,0:27:29.92,Default,,0000,0000,0000,,go ahead and start applying to jobs that
Dialogue: 0,0:27:29.92,0:27:31.28,Default,,0000,0000,0000,,are looking for like vulnerability
Dialogue: 0,0:27:31.28,0:27:33.04,Default,,0000,0000,0000,,management engineers or vulnerability
Dialogue: 0,0:27:33.04,0:27:34.64,Default,,0000,0000,0000,,management analysts or like whatever
Dialogue: 0,0:27:34.64,0:27:35.68,Default,,0000,0000,0000,,they're calling them because it's a
Dialogue: 0,0:27:35.68,0:27:37.36,Default,,0000,0000,0000,,relatively like straightforward process.
Dialogue: 0,0:27:37.36,0:27:39.04,Default,,0000,0000,0000,,It's pretty easy technically speaking.
Dialogue: 0,0:27:39.04,0:27:40.80,Default,,0000,0000,0000,,Like the hard part about
Dialogue: 0,0:27:40.80,0:27:42.56,Default,,0000,0000,0000,,vulnerability management usually comes
Dialogue: 0,0:27:42.56,0:27:44.00,Default,,0000,0000,0000,,from like dealing with the humans and
Dialogue: 0,0:27:44.00,0:27:45.60,Default,,0000,0000,0000,,like getting everyone to like coordinate,
Dialogue: 0,0:27:45.60,0:27:47.60,Default,,0000,0000,0000,,that's like really difficult. But yeah, I hope
Dialogue: 0,0:27:47.60,0:27:49.12,Default,,0000,0000,0000,,you enjoyed this. If you
Dialogue: 0,0:27:49.12,0:27:50.72,Default,,0000,0000,0000,,thought I was interesting, you know I'd
Dialogue: 0,0:27:50.72,0:27:52.64,Default,,0000,0000,0000,,appreciate if you liked and consider
Dialogue: 0,0:27:52.64,0:27:54.08,Default,,0000,0000,0000,,subscribing, and if you have any
Dialogue: 0,0:27:54.08,0:27:55.76,Default,,0000,0000,0000,,questions or comments, criticism, please
Dialogue: 0,0:27:55.76,0:27:57.12,Default,,0000,0000,0000,,like let me know in the comment section.
Dialogue: 0,0:27:57.12,0:27:59.44,Default,,0000,0000,0000,,I 100% read all the comments every time. I
Dialogue: 0,0:27:59.44,0:28:00.88,Default,,0000,0000,0000,,respond to everybody's comment. If you
Dialogue: 0,0:28:00.88,0:28:01.92,Default,,0000,0000,0000,,feel like supporting me, I do have a
Dialogue: 0,0:28:01.92,0:28:03.84,Default,,0000,0000,0000,,Patreon, but other than that, thank you so
Dialogue: 0,0:28:03.84,0:28:05.52,Default,,0000,0000,0000,,much for watching and we will see you in
Dialogue: 0,0:28:05.52,0:28:08.00,Default,,0000,0000,0000,,the next video, bye bye.
Dialogue: 0,0:28:08.00,0:28:20.48,Default,,0000,0000,0000,,[Music]