Design and Deployment of a Rapid Response Security Vulnerability Scanning Infrastructure

A large research university presents a formidable challenge to computer security professionals. Among the hazards are a completely porous, non firewalled border and decentralized administration of computers. Considerable emphasis and effort is hence placed on proactive vulnerability scanning in an attempt to reduce risk. This paper will discuss the evolution of a software infrastructure designed to support that effort using mostly open source tools. Additionally, it will be shown how this infrastructure is used to rapidly respond to emerging threats. A real life success story will be described that will underscore the value of the investment made in this effort.