RETURN_TO_INDEX
[OP_01]// PERSONAL LAB // ra-sys-io/GitHub
Vulnerability Management Lab with Tenable
Cloud-based vulnerability management lab using Tenable's cloud console against a Windows 10 target in Azure. Ran a four-scan cycle: baseline → intentional misconfiguration → remediation → verification, tracking real DISA STIG v3r2 findings the whole way.
YEAR
2025
DURATION
Cloud-hosted, hands-on
ROLE
Solo — Setup → Scan → Introduce → Remediate → Verify
SCOPE
Tenable Vulnerability Management (cloud) · Microsoft Azure VMs · DISA STIG v3r2 · Credentialed scanning
4
SCAN_CYCLES
STIG_v3r2
DISA_FRAMEWORK
3
STIGs_TRACKED
[01]
Briefing
Practical, cloud-hosted lab to internalize the vulnerability management lifecycle — baseline scanning, intentional misconfiguration, remediation, and validation — using Tenable's cloud VM platform and Azure infrastructure.
[02]
Approach
- 01Cloud environment: provisioned Microsoft Azure VMs — one hosting the Tenable Scan Engine, another as the Windows 10 Scan Target. Interfaced with the Tenable Vulnerability Management cloud console.
- 02Scan configuration: authored a credentialed Tenable scan combining a basic vulnerability policy with DISA Windows 10 STIG v3r2 compliance checks.
- 03Baseline (Scan 1): established a documented vulnerability + compliance baseline. Focus STIGs — WN10-AU-000505 (Security Event Log size), WN10-SO-000025 (Rename Guest Account), WN10-SO-000010 (Disable Guest Account).
- 04Intentional vulnerability (Scan 2): installed an outdated Firefox v110 and enabled the Guest Account (forcing WN10-SO-000010 to fail). Rescanned and confirmed Tenable detected both changes.
- 05Remediation (Scans 3–4): uninstalled Firefox, modified the registry to increase Security Event Log size, disabled and renamed the Guest Account, and fully patched Windows. Two rescans confirmed the vulnerability trend dropping.
[03]
Outcome
- Four-scan workflow that clearly maps a vulnerability from baseline → introduction → partial mitigation → full remediation, with annotated screenshots at every stage in the repo.
- Hands-on operation of Tenable's cloud VM console, credentialed scanning, and DISA Windows 10 STIG v3r2 compliance checking.
- Reproducible, evidence-first process — the same shape of work I apply to real vulnerability management at LOG(N) Pacific and UF Health.
[04]
Testimonial
“The lab isn't the point — the workflow is. Scan, remediate, verify, evidence. Repeat until the baseline is boring.”