Bandolier Baselines: Windows 7 and 2008 Server

The use of a vulnerability scanner in assessing the overall security posture of an integrated ICS is critical no more than ever. A common misconception is that these scanners will not detect ICS-related vulnerabilities like those used on the recent Stuxnet attack, and that these scans can often cause ICS equipment to fail. These misconceptions are in fact, quite false. Digital Bond has provided some very good guidance on the "proper" use of the Nessus vulnerability scanner within ICS environment. As for the comment on vulnerabilities ... well this is just because those individuals do not realize the power and flexiblity of perform ICS scans and audits using the authenticated scan features of Nessus, coupled with the use of specialized Nessus audit files.