I'm curious if you guys perform vulnerability scanning (like Qualys or Nessus) on your endpoint devices or if it's just for server infrastructures. Also, what metrics do you use to assess security at the endpoint level?
5 Answers
We scan everything! Users are kind of like tiny servers with worse judgment, so we've learned to cover our bases. Measuring security at the endpoint level can feel like checking water quality in a kiddie pool—it’s technically doable, but the results can be pretty discouraging!
Oh man, this cracked me up! So true though!
We're using Rapid7 Insight VM alongside CrowdStrike on all devices. It really helps with keeping our systems secure and provides a comprehensive view of our vulnerabilities.
At a municipality I worked with, they used Microsoft Defender for endpoint and Azure Security Portal. If your devices are properly configured (like being Azure AD-joined), you can even handle some basic mitigations directly.
We utilized Nessus until budget cuts hit us—great tool for running audits whenever needed without hiring external firms, but we had to drop it due to costs.
We recently adopted a Tenable One subscription to scan everything. It's a bit of an investment, but it’s worth it for getting insights across the board.
Haha, this analogy is gold! I'm definitely going to remember that one.