Matthew J. Harmon: Minneapolis, Minnesota, États-Unis, Earth

Action and Adventure on the High Seas of Information Security

Inventory: Assets; Software and Hardware

Apr 05, 2014, Posted in sosb, infosec, featured

Google Data Center

In order to be effective, you must know what you are trying to protect. Further, you can reuse your financial audit information to help accomplish this.

Download a local copy of this spreadsheet to get started.

Inventory all the things

  • Authorized and unauthorized devices
    • Anything with an IP address
  • Authorized and unauthorized software
    • Be able to account for all running processes.
  • Inventory of information types and location
    • Know where your data is and moves around to.

Devices

  • Login to your switch or router and look at DHCP and ARP entries
  • Look at your netstat output
  • Run nmap on your local network

Software

  • Secunia's {Personal, Corporate} Software Inventory
  • Microsoft PowerShell Scripts [1,2]
  • With python

Image Credit: No Idea

Matthew J. Harmon
Matthew J. Harmon - http://www.linkedin.com/in/matthewjharmon/

Passionate security researcher, entrepreneur, consultant. Owner, founder, maker, mentor, teacher.

Loading Google+ Comments ...