Workshop: Tactical Vulnerability Assessment with Matt Toussain

Covering key topics such as threat management, vulnerability assessment frameworks, and dynamic security programs, attendees will gain hands-on experience with industry-standard tools and methodologies.

This workshop is designed to be hands on in nature, incorporating multiple lab exercises focused on vulnerability discovery with tools such as Sirius Scan and Nuclei.

By the end of the workshop, participants will be equipped to engage with vulnerabilities at a tactical level. Attendees will discover system vulnerabilities through multiple mechanisms to include custom scanning and development of Nmap Scripting Engine, Sirius, and Nuclei scripts.

Syllabus

• What is Vulnerability Assessment?
• The Vulnerability Assessment Framework
• Discovery
  • OSI Model discovery opportunity analysis
  • Network-based discovery
    • Sirius Scan
    • RunZero
  • Operational Technology (OT) discovery
    • Active vs Passive Discovery
  • Cloud discovery
    • Cloud presence scanning
      • SpiderfootHX and more
    • GitHub sensitive artifact scanning
• Lab: Network and Cloud Discovery
• Case Study: Hybrid-Cloud Ransomware Breach of a Operational Technology Software as a Service Vendor

• Vulnerability Scanning
  • General-Purpose and Application-Specific Scanning
    • Sirius Scan
    • Nuclei
  • Lab: General-Purpose Vulnerability Scanning
  • Authenticated Scanning
    • Scan policy and account management
    • Privileged Access Management Integration
    • Agent-based scanning
      • EDR and endpoint agent scanners
  • Lab: Credentialed Scanning with Agents
• Validation
  • Calculating risk
  • Understanding confidence metrics
  • Vulnerability Data Management Solutions
    • DefectDojo
    • Brinqa
    • ServiceNow
    • More
• Lab: Enterprise Vulnerability Management with DefectDojo
• Vulnerability Assessment to Vulnerability Management Cycle
• Conclusions

Virtual (May 1st, 2025)

• May 1st – 11 AM EST – 4 PM EST

Student/Lab Requirements:

•  All VMs and labs will be accessed through the training portal: training.opensecurity.com
• VM access will be through a cloud hosted range environment that is accessible via the user’s browser

Who Should Attend/Prerequisites:

• Vulnerability Assessors and Managers, IT System Administrators, Security Auditors, Compliance Professionals, Penetration Testers, Vulnerability Program Managers, Security Analysts, Security Architects, Senior Security Engineers, Technical Security Managers
• As this is a lab-oriented, specialized, and technical course, functional knowledge of information security concepts, technology, and networking is highly recommended

Audience Skill Level:

• Intermediate