๐ Enhancing Security Through Vulnerability Management - (OpenVas)
Category: Blue Team | Vulnerability Assessment | Risk Remediation
Timeline: June 2024
Tools Used: Microsoft Azure, OpenVAS, Windows 10 Pro
๐ Full Article & Report
๐ Access the full report Here!
This project focused on simulating a real-world vulnerability management process using Microsoft Azure and OpenVAS to identify, assess, and remediate security flaws in a Windows 10 environment. By combining cloud infrastructure with open-source vulnerability scanning tools, the project demonstrated a complete lifecycle of identifying threats, applying remediations, and verifying improvements to security posture.
๐งฉ Project Overview:
Set up a secure virtual environment in Azure
Deployed a vulnerable Windows 10 VM with outdated software
Performed both unauthenticated and credentialed scans using OpenVAS
Analyzed scan results to determine vulnerability severity and root causes
Applied remediations and validated their effectiveness via follow-up scans
๐ง Key Components & Workflow:
1. Azure Infrastructure Setup
2. Vulnerability Simulation
Disabled Windows Firewall and User Account Control
Installed outdated versions of Firefox, VLC Player, and Adobe Reader
Allowed inbound RDP traffic to simulate an exposed endpoint
3. Unauthenticated Scan
4. Credentialed Scan Configuration
Enabled Remote Registry and configured the registry for remote access
Created credential sets within OpenVAS to authenticate with the VM
Cloned and updated scan targets to use these credentials
5. Credentialed Scan & Analysis
Executed a deeper, authenticated scan
Revealed high-severity vulnerabilities, including CVEs tied to unpatched software and insecure configurations
6. Remediation Phase
Uninstalled all outdated applications from the Windows VM
Reconfigured security settings (firewall, UAC, updates)
Restarted the system to ensure configuration changes took effect
7. Verification Scan
Re-ran the credentialed scan post-remediation
Scan results showed a significant reduction in critical and medium-level issues, validating the success of remediation steps
๐ Outcomes & Lessons Learned:
Unauthenticated vs. Credentialed Scans: Credentialed scans provided deeper insights and detected more vulnerabilities, emphasizing the value of authorized assessments.
Security Misconfigurations Matter: Improper registry settings and outdated software dramatically increase the attack surface.
Practical Remediation: Removing legacy software and re-enabling security controls significantly hardens systems against attacks.
Cloud Security Skills: Working in Azure demonstrated the importance of secure cloud configurations and network architecture.
๐ง Skills Demonstrated:
Vulnerability Scanning (OpenVAS)
Azure Virtual Network Configuration
Windows System Hardening
Credentialed vs. Uncredentialed Scan Analysis
Risk-Based Vulnerability Prioritization
Report Writing & Technical Documentation
โ
Conclusion:
This project successfully simulated a full-cycle vulnerability management workflow, from scanning to remediation and validation. It emphasized both technical and analytical thinking โ bridging cloud infrastructure with open-source tools to enforce a resilient cybersecurity posture. The experience strengthened my capabilities in real-world risk mitigation, strategic security assessment, and incident response readiness.
๐งฐ Tech Stack (Vulnerability Management Project):
Microsoft Azure, OpenVAS, Windows 10 Pro, RDP, Remote Registry, SSH, NVT Feed, Firefox, VLC, Adobe Reader, Virtual Networks, Azure Marketplace
Get visibility from recruiters & peers