June 8, 2021

Best practice for checking entire network for vulnerabilities/and live threats

What are the best methods of assuring you have checked everything for all potential compromised items on the network? How can you be sure that you have not skipped over a piece of malware, a back door, etc.?



A good layered approach is a solid place to start. If you have for example:

* Log Monitoring
* Anti Virus/Anti Malware
* Executable reputation score checking

That plus any other tools your company determines is necessary is a good start. Again this is only a small example of some tools there are quite a few different things out there I would recommend using.


Compromised systems? that is a tall order. Because how do you know a system is compromised? You have to have had stuff on the server usually before hand.

Installing a good EDR (endpoint detection system) as well as many other lines of defense you help you know…

How can you be sure?

You cant. You can only do the best you can do using different tools for different tasks, layering them on top of each other.

Remember this…You cant “generally” eleminate all risk from an attack that has NEVER been done before. You hope the mitigations stop the attack before it hits (firewalls…and other blockages)


Checked EVERYTHING for ALL potential compromises? Probably can’t be SURE.
But a good SIEM, like Azure Sentinel, could help. Without knowing more about your environment it’s hard to be more specific.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.