Asset and Vulnerability Management.

Asset Management

Sources of Asset Data

  • ARP Cache - Contains IP and MAC addresses
  • DHCP logs - IP addresses and Hostnames
  • NMAP Scans - IP Addresses, Open Ports, Running Services, Possibly operating system
  • Powershell commands - Just about everything
  • SNMP - Many things
  • Vulnerability Management Software
  • Windows Management Interface
  • EDR/IR Tools (Velociraptor)

Tools

  • ​http://netdisco.org/ - Netdisco is a web-based network management tool suitable for small to very large networks. IP and MAC address data is collected into a PostgreSQL database using SNMP, CLI, or device APIs.
  • ​https://www.rumble.run/product/overview/ - Simple, fast, and accurate asset inventory tracking utility.

References

  • Defensive Security Handbook - pg. 13

Vulnerability Management

For Vulnerability Scanning Tools, please refer to:
Scanning/Active-Recon
s0cm0nkey's Security Reference Guide
Contains Vulnerability Scanning tools used for both Offensive and Defensive purposes.
  • ​Rapid7 Vulnerability & Exploit Database is a curated repository of vetted computer software exploits and exploitable vulnerabilities. Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. These vulnerabilities are utilized by our vulnerability management tool InsightVM.
  • ​InsightVM is a data-rich resource that can amplify the other solutions in your tech stack, from SIEMs and firewalls to ticketing systems. Only InsightVM integrates with 40+ other leading technologies, and with an open RESTful API, your vulnerability data makes your other tools more valuable.
  • Defensive Securit Handbook: Vulnerability Management - pg. 169

OpenScap

The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselines. The tool is charecterized for its great flexibility and interoperability, reducing the costs of performing security audits.
GitHub - HASecuritySolutions/VulnWhisperer: Create actionable data from your Vulnerability Scans
GitHub

​