Summary
Tools don’t fix problems. They can only identify problems—and then, only the ones that are known. Security tools are important and help to address security issues in your networks and the environment, but you can’t stop there. Any given tool can produce false positives, false negatives, or simply wreak havoc on your network. You need to plan to use these tools at the appropriate time, and you will also need a remediation plan to address how discovered problems will be addressed.
The vulnerability assessor must be trained in the use of the tools, use them carefully, and then interpret any information that has been produced by that tool. Finally, you should never use these tools on a network unless you have been given explicit permission ...
Get Inside Network Security Assessment: Guarding Your IT Infrastructure now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
