๐ ๐๐ฟ๐ผ๐บ ๐๐ต๐ฒ ๐๐ถ๐ฒ๐น๐ฑ โ Real-World Findings from Security Assessments
๐ฅย ๐ฐ๐ณ.๐ฒ%ย of infrastructures Iโve assessedย ๐ฑ๐ผ๐ปโ๐ ๐ฐ๐ต๐ฒ๐ฐ๐ธ ๐๐ต๐ฒ ๐ฝ๐ผ๐๐๐๐ฟ๐ฒ ๐ผ๐ณ ๐ฑ๐ฒ๐๐ถ๐ฐ๐ฒ๐ ๐ฐ๐ผ๐ป๐ป๐ฒ๐ฐ๐๐ถ๐ป๐ด ๐ผ๐๐ฒ๐ฟ ๐ฉ๐ฃ๐ก.
When a device connects via VPN, it shouldnโt be a blind trust. You need to verify:
โ๏ธ Is it patched?
โ๏ธ Is antivirus/antispyware active?
โ๏ธ Are required services, files, or registry keys in place?
๐ง๐ผ๐ผ๐น๐ ๐น๐ถ๐ธ๐ฒ ๐๐ถ๐๐ฐ๐ผ ๐๐ฆ๐ (๐ท๐๐๐ ๐ผ๐ป๐ฒ ๐ฒ๐ ๐ฎ๐บ๐ฝ๐น๐ฒ) ๐ฐ๐ฎ๐ป ๐ฒ๐ป๐ณ๐ผ๐ฟ๐ฐ๐ฒ:
โช๏ธ AV and patch compliance
โช๏ธ Registry/file/service checks
โช๏ธ Application presence/versions
โช๏ธ Custom remediation (e.g., force Windows Update before access)
๐ซ ๐ก๐ผ๐ป-๐ฐ๐ผ๐บ๐ฝ๐น๐ถ๐ฎ๐ป๐ ๐ฑ๐ฒ๐๐ถ๐ฐ๐ฒ๐ ๐ฐ๐ฎ๐ป ๐ฏ๐ฒ:
โ Blocked
โ Quarantined
โ Granted limited access (e.g., updates only)
๐ก From an external provider perspective:ย ๐๐ฒ ๐ฎ๐น๐๐ฎ๐๐ ๐๐๐ฒ ๐ถ๐๐ผ๐น๐ฎ๐๐ฒ๐ฑ ๐ฉ๐ ๐ย to access client environments. Youโd be surprised how many donโt. If you work with third parties โย ๐ฟ๐ฒ๐พ๐๐ถ๐ฟ๐ฒ ๐๐ต๐ถ๐ ๐ฐ๐ผ๐ป๐๐ฟ๐ผ๐น.
๐ No affiliation with Cisco โ just sharing what I have experience with…
