Hello everyone. I work for a small IT company and and the company want to start implementing Cybersecurity for a small portion of the clients we have. We generally have access to the entire network ( as we are the ones who did the setup and installation of the whole network) of the clients we work with.

So now my question is: What is the basic starting point for a company who wants to build a cybersecurity team from the ground up? I do have some bare bone basic knowledge of running vulnerability tests on networks, and usning tools to find vulnerabilities in devices, but im still a beginner so thats why im here asking for some advice from people who have much more experience in this field than I have.

If im unclear about anything, dont hesitate to ask any questions. Im not the most fluent English speaker out there so bare with me haha.

Thank you in advance!

Share This Discussion

1 Comment

  • ghost-train

    November 18, 2021

    I would start of with nessus for network / vuln scanning ( or openvas which is a free alternative ).

    And 100% use ping castle ( free product ) for getting an idea of their active directory security posture. Honesly ping castle is a must.

    Use these tools to identify known issues, and start patching what you can. Try starting with the criticals and high.


Leave a Comment

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.