Erick Cisneros
AboutExperienceProjectsSkillsContactResume
Back to Projects
Vulnerability Management

Program Implementation Simulation

Simulating the end-to-end implementation of a comprehensive vulnerability management program, integrating real organizational challenges, CAB meetings, and cross-team collaboration.

Tenable
Azure VMs
PowerShell
BASH
Visit Repository

Inception State

The organization has no existing policy or vulnerability management practices in place. No formal scanning, assessment, or remediation processes exist.

Completion State

A formal policy is enacted, stakeholder buy-in is secured, and a full cycle of organization-wide vulnerability remediation is successfully completed and operationalized.

Program Phases

1. Policy Draft Creation

Drafted a Vulnerability Management Policy as a starting point for stakeholder engagement, outlining scope, responsibilities, and remediation timelines.

2. Stakeholder Engagement (Mock Meeting)

Meeting with the server team to assess their capacity to meet proposed remediation timelines. Adjustments were made to ease them into the new process.

E

I had a chance to read through the policy draft... However, with our current staffing, we can’t meet the aggressive remediation timelines—especially the 48-hour window for critical vulnerabilities.

J

I totally understand. It is a bit aggressive. Perhaps we can extend the critical remediation period to one week for now.

E

That sounds reasonable. Can we also have some leeway in the beginning as we get used to the remediation and patching process?

J

Absolutely. We’re planning to give all departments about six months to adjust to the new process.

Initial Scanning & Permissions

Collaborated with the server team to initiate scheduled credential scans. A compromise was reached to scan a single server first, monitoring resource impact, and using "just-in-time" Active Directory credentials for secure, controlled access.

  • Provisioned insecure Windows Server to simulate environment
  • Negotiated Just-In-Time AD administrative scan accounts
  • Assessed vulnerabilities (Wireshark, Ciphers, Guest Auth)
Scan Results

Active Remediation Cycles

Round 1

Software Sec

Outdated Wireshark Removal

Server team utilized targeted PowerShell scripts pushed to hosts to remotely remove vulnerable third-party installations. Confirmed via follow-up scan.

Round 2

Network Sec

Insecure Protocols & Ciphers

Deprecated cipher suites (TLS 1.0/1.1) disabled via PowerShell registry modifications post-CAB approval.

Round 3

Identity Sec

Guest Account Local Admin

Identified and stripped local 'Guest' account from local Administrators group, hardening unauthorized lateral potential.

Round 4

OS Patching

Windows OS Updates

Windows update services re-enabled and synchronized with organizational patch management baseline.

First Cycle Effort Summary

80%

Total Vol Reduction

100%

Criticals Resolved

90%

Highs Resolved

76%

Mediums Resolved

Transition to Maintenance Mode

Ensuring vulnerabilities continue to be managed proactively, keeping systems secure longitudinally.

Scheduled Weekly & Monthly Scans
Zero-Day Continuous Patch Management
Targeted Remediation Follow-ups
Quarterly Policy Review & Updates
Compliance Auditing Routines
Ongoing Stakeholder Communications
Back to All Projects