As cyber security professionals, it is crucial to understand and familiarize yourself with different tools in the field. I explored and performed a trade study on network visualization and vulnerability detection tools in this course. A network visualization tool provides a visual aid for data flows between network entities. A vulnerability scanning tool finds and corrects the system's weaknesses before a bad actor discovers it. Familiarizing myself with these tools, I explored different attack approaches in various settings. Combining these tools can create a strong defense for a system or a penetration toolkit. It depends on which cybersecurity team you associate yourself with.
Reflection
Exploring different cybersecurity tools was a fantastic lesson during this course. Before this course, I have never used tools such as Metasploit, SolarWinds, Splunk, Nessus, and other well-known tools. Performing a trade study on SolarWinds and Splunk was a fantastic learning experience. I was fortunate enough to use these network visualization tools on an enterprise level with my organization and be exposed to the extra features. Both tools have a user-friendly interface, customizable visual aids, and in-depth network traffic analysis. The big takeaway from using both tools is that the organization's size will determine the cost.
As cyber security professionals, we can recommend which will be more effective for the organization due to various factors. Vulnerability scanning tools such as Nessus and OpenVAS are compatible with common vulnerabilities and exposures (CVE) databases and can identify the system's weaknesses and allocate them with the CVE number. This is crucial when ensuring we are up to date with the updates and patches in our systems. These tools can improve the system's defense by using them individually or combing them.
An example is using Nessus to identify the system vulnerability and then having those vulnerabilities corrected. We then may use Metasploit to exploit the previously known vulnerability to verify whether the system is still vulnerable or has been fixed. Understanding each tool's capability will help ensure that the organization's systems are well-protected and up-to-date.
Your browser does not support viewing this document. Click here to download the document.