Cyber Security Project: Vulnerability Management

Поділитися
Вставка
  • Опубліковано 25 лис 2024

КОМЕНТАРІ • 43

  • @thetechguy3362
    @thetechguy3362 7 місяців тому +7

    You know what’s awesome about this video in my opinion. The way you go through your troubleshooting steps and explaining your methodology. It was nice to hear your thought process where you realized you made obvious mistakes and how you learned from that and then what you finally did at the end to resolve the issue. I think to many people edit these steps out so their thought process seems “flawless” and you don’t really hear the true struggling of what can go wrong. Revisiting the notes you states you missed for remediation was a perfect example of how you used this that could really help someone in the future. Great video! I wish you could take the best of those to scanners and merge them and have the perfect scanner. I do exactly what you did. I don’t feel comfortable until I use both.

    • @cyber_salih
      @cyber_salih  7 місяців тому +1

      Thank you, really appreciate the comment.
      Yeah I agree, no point editing it out. It is like this day-to-day in IT/Security roles... Constantly running into issues and tryna fix them and sometimes to realise it was something that was overlooked.
      Yeah the Tenable.io Cloud Agent Scanner is actually quite good too. Unfortunately the license is like £3k+ a year so couldn't feature it in the video. I have used it a lot, it's a lot simpler to use than Qualys (in my opinion).

    • @thetechguy3362
      @thetechguy3362 7 місяців тому +1

      @@cyber_salihNo problem buddy, I mean it great job! I like the web version of Tenable too; however, you had Nessus in there which is pretty much the same thing for what you were doing just for that machine. It’s not like you were going in depth and putting multiple machines credentials in. I think this was the perfect video for what you were demonstrating. I would agree that Tenable is much easier to use than Qualays, I just like the reports of Qualays better so I wish I could merge the two.

  • @unconventionalgenxer
    @unconventionalgenxer 4 місяці тому +2

    Just passed the VMDR exam, so starting the Compliance course and this came right on time. Been difficult to find UK content creators in this field. TY.

  • @karimel-gamil6817
    @karimel-gamil6817 7 місяців тому +4

    Jazak Allah Khair, This is very good one!

  • @daniel_uba
    @daniel_uba 7 місяців тому +1

    Very informative
    Thanks for sharing sir

  • @sideck02
    @sideck02 7 місяців тому +2

    Well, I’m a complete newbie to all of this so naturally don’t know what’s going really 😂 however your clear, concise and honest delivery just confirms to me how much I want to learn and eventually get a GRC role. I take my hat off to you 👌🏼

    • @cyber_salih
      @cyber_salih  7 місяців тому +1

      Thank you man, really appreciate that. Good luck on your journey. Hopefully, you get there soon!

    • @sideck02
      @sideck02 7 місяців тому

      @@cyber_salih 👍🏼

  • @juliusqtitaryou
    @juliusqtitaryou Місяць тому

    nice very informative

  • @paulavon8588
    @paulavon8588 5 місяців тому

    You spoke the truth about the need to have your family as your backup or backbone in relation to your partner. The need not to bad mouth your family before your partner. My wife's younger sister was a victim, before her wedding she had issues with my wife,they stopped talking, she also cut off from other family members. When the husband realized she was all alone he took advantage and was maltreating and emotionally abusing her. She endured everything bcos she had nobody to speak to. It was when a friend when to visit that information came that she was suffering and dying slowly. my wife and her parents had to step in and rescued her, today now the marriage is over, she learnt her lesson in a hard way.

    • @cyber_salih
      @cyber_salih  5 місяців тому

      Sorry to hear that, sounds like a rough situation.

  • @devgoswami3158
    @devgoswami3158 7 місяців тому

    Really good information for cybersecurity aspirant.

  • @zadekeys2194
    @zadekeys2194 7 місяців тому +1

    You can also do CVE scans with N-map / zenmap.

    • @cyber_salih
      @cyber_salih  7 місяців тому +1

      Both comments are good points, I should have used Grep/CVE scans. I know there is a search functionality for Linux (I have used it before) - the 'find' command. But, had no idea Grep and Nmap can be used. I thought Grep was just for files/data.
      I am Linux/Unix noob too as you can probably tell.

  • @genetech109
    @genetech109 7 місяців тому +1

    Awesome, awesome, thank you. I enjoyed this video. Very helpful and very informative. Please keep making excellent content. I'm a new subscriber 😊

  • @kingsleyandang4739
    @kingsleyandang4739 6 місяців тому +1

    straight to the point

  • @lightswitch6854
    @lightswitch6854 7 місяців тому

    Seems interesting, I might try some of these projects, thanks.

  • @juliusqtitaryou
    @juliusqtitaryou Місяць тому

    Subscribed!

  • @AlchemysMom
    @AlchemysMom 3 місяці тому

    Wow very thorough

  • @carsonjamesiv2512
    @carsonjamesiv2512 7 місяців тому

    INTERESTING!😃👍

  • @mapitsamapitsa6627
    @mapitsamapitsa6627 7 місяців тому

    Thanks for the share bruuu.

  • @jayrajshirali6327
    @jayrajshirali6327 5 місяців тому +1

    Temporary emails (10minutemail, etc) work as business emails

  • @boh70326
    @boh70326 7 місяців тому

    I liked th idea and the way you explained things, thanks

  • @setasonte6392
    @setasonte6392 7 місяців тому

    Thanks for this mate! Helped alot !

  • @ninighebre3601
    @ninighebre3601 5 місяців тому

    Thank you 🙏🏽

  • @ao4514
    @ao4514 7 місяців тому

    Interesting!
    I have actually been looking to create a marlware hunting labs projects..........

    • @cyber_salih
      @cyber_salih  7 місяців тому

      Sounds good, good luck with that - I might do something similar in the future when I learn more about that area.

  • @skandergharbi2598
    @skandergharbi2598 7 місяців тому

    Great thanks, can you do more of this type of videos? Practical projects we can do

    • @cyber_salih
      @cyber_salih  7 місяців тому

      Yes, got a “day in the life” video coming out in a few days then my next 5-10 videos will all be projects (bigger and better projects too)!

  • @zadekeys2194
    @zadekeys2194 7 місяців тому

    Im a Unix noob, but I think the Grep command would have helped you find the file. Maybe even the OS's search tool wouldve found it?

  • @GuangtingLi
    @GuangtingLi 7 місяців тому +1

    Qualy's certificate is not valuable as security +, only security + can help us get a job.

    • @cyber_salih
      @cyber_salih  7 місяців тому +2

      That’s not true, I don’t have security + and I know many other people without it who got jobs.
      Many different paths/certification routes.

  • @aka1Khalid
    @aka1Khalid 7 місяців тому

    I was wondering, while i gain more experience in cybersecurity ( i currently have some experience in networking and I.T. but new(er) to cyber security), do you think it's possible to to add this a service i can sell to small businesses in my area to help protect them online? If so, do you have any advice for me in doing this? Thanks!

    • @cyber_salih
      @cyber_salih  7 місяців тому

      Yes, this service already exists in many companies. Typically it’s called VAPT and includes penetration testing - Vulnerability assessments and penetration testing services.
      I don’t own a business so not sure how useful my advice would be, but I guess just research similar service offerings and try and improve on them.

  • @crypto_que
    @crypto_que 7 місяців тому +4

    You completely glossed over downloading the agent and connecting it to do the host scan. Those are super important steps. Ironically the agent for Mac doesn’t work. Yet another half ass cyber project in the books.

    • @cyber_salih
      @cyber_salih  7 місяців тому +6

      The MAC agent does work - I literally showed the results of the agents and it being connected to my cloud instance. So you’re wrong 😂
      I could have shown the step by step but instead chose to recommend completing the free training and figure certain parts out.
      If you want a “hand holding” video showing every step, and a dummy as a comforter then create one yourself instead of hating on other peoples effort to add some value to the industry.
      Yes, the video could have been better btw like anything.

    • @crypto_que
      @crypto_que 7 місяців тому +3

      You’re not going to believe this…
      For some reason the Mac Agent absolutely does not work on my machine…
      So I went home and used my Linux box and Voila it worked!
      Next when I said “another half assed project” I was talking about FOR ME, not you.
      Thanks for all your help. Now because of you I have some sort of “experience” to add to my portfolio. Thanks again. ✌️

    • @cyber_salih
      @cyber_salih  7 місяців тому +5

      @@crypto_que I apologise I took that the wrong way.
      The MAC agent was really fiddly and I couldn’t figure it out at first and it was really frustrating. I had to do the training and after completing the training and trying 2 different agents I got it to download and automatically scan and update periodically.
      It’s not another half assed project - that’s the real world things don’t work and are fiddly… having issues like that in your projects and errors and mistakes is more valuable because it is more realistic. More experienced people than me struggle with similar issues daily - trust me.
      Not every project has to be perfect - I will upload more projects in the future and will take your advice on board. More detailed instructions probably would have been more useful to people. You are right the video would have been better showing how I got the agent to work.

  • @ap4702
    @ap4702 7 місяців тому

    Bro got 99 cyber security.

    • @cyber_salih
      @cyber_salih  7 місяців тому

      Just need 200mil xp 😂😂