Launching remote security scans

Asphyxia

Owner
Administrator
Apr 25, 2015
1,845
2
2,199
327
You are sitting there and scratching your chin about starting the latest and great remote cybersecurity business, an MSSP.

In-house SOC vs. MSSP? The Respond Analyst gives you a third option. For mid-enterprise businesses, expert-level automation makes more sense. At Machine Speed. Automate Security Ops.

These advertisements all look the same, get a vCISO...

Deciding on whether to insource to a Chief Information Security Officer (CISO) or outsource to a virtual CISO (vCISO) is a critical step in...

Everyone wants a virtual-everything, why? An in-house security team is $$$$, a single CISO can cost well over $100,000..

Should I hire a CISO or a Virtual CISO? A full-time Chief Information Security Officer (CISO) is salaried at $180k-$200k. Add on benefits, bonuses, stock programs, etc, the total compensation is $250k-$300k. A virtual CISO (vCISO) can cost a fraction of that amount.

Basically what I am emphasizing is the need for virtualizing securities, this can start from an IT director, server admin, or even the business owner being walked through setting up an affordable Linux server with SSH access open to your SOC network e.g. you have them whitelist your Hetzner/OVH (or whatever IP) of your security scanning server.

Then you can use something like InsightVM to perform scans (probably want a license):

Or offer services to the client like:

Keep in mind you can also use PHP and SSH libraries.. https://github.com/phpseclib/phpseclib/tree/master/phpseclib or any other language.

Then just remote into the box, setup Metasploit, Nmap, or any other scanning/security software ;) can do pen-testing or whatever.
 
Top