February 2024: Vulremi, Vuldetta, PT VM Course relaunch, PT TrendVulns digests, Ivanti, Fortinet, MSPT, Linux PW

Hello everyone! In this episode, I will talk about the February updates of my open source projects, also about projects at my main job at Positive Technologies and interesting vulnerabilities. Let's start with my open source projects. Vulremi A simple vulnerability remediation utility, Vulremi, now has a logo and a repository on GitHub. The logo features a long-handled farming weeding tool and a special pushing stick from the International Gladiators TV show from the 90s. The weeding tool symbolizes the routine but necessary work of describing IT assets and establishing regular patching agreements. The push stick symbolizes efforts to motivate IT to comply with asset patching agreements. So far, this project has a description in three posts in Russian [1, 2, 3] and an example of an IT asset description. Vuldetta I also worked on the Vuldetta project – an API for detecting vulnerabilities based on a list of Linux packages. I'm going to use it as the "brains" for my Scanvus vulnerability scanner. In the same way as the commercial Vulners Linux API or Vulns.io API are used now. I'm currently researching the structure of Ubuntu OVAL content to turn it into something easier to work with. Positive Technologies VM Education In my day job at Positive Technologies, I was involved in preparations for the relaunch of the Vulnerability Management training course on March 24th. The course content has been expanded and improved. I recorded 2 new video modules for it: Building a…Read More