The noob in me means I should read the instructions first, the engineer in me says I can figure it out, I don’t need no stinking instructions! How quickly I forget the last time I attempted this method with Ikea kitchen cabinets, um…..Moving swiftly along; I fixed my Windows RStudio installation issues. I had this strange assumption that RStudio would come with R. Similarly to how Visual Studio comes with C#. Assumptions and IT rarely work out well.
R goes hand in hand with Python if you want to break out of metrics beyond averages, using a normal distribution or standard deviation. If you want to crunch juicy, more advanced numbers R is the way to go. I’m new to R and I know just enough statistics to be slightly mathematically dangerous J
Remember, numbers are your friend, they justify the return on IT Security investment, i.e. your paycheck.
To download R, go to the CRAN project page and choose a close mirror for the newest package which is R-3.1.1 for Windows 32/64. Although the title of the package screams security vulnerabilities, my version was patched to 2014-08-18, the day I downloaded it. Once R is downloaded and installed, RStudio can be installed and it works straight away on Windows.
Let’s say I have 5 assets and I want to put them in a data frame with vulnerability counts:
#R data frame example similar to Data-Driven Security Listing 2-1
#create a new data frame of 5 IT and OT assets and vulnerability counts
assets.df <- data.frame(
#review the data frame structure & content
#review assets as now added in
#shows a sample or slice of the available operating systems input
#Addition of a new column with IP address information & new column
assets.df$ip <- c(“10.10.1.2″,”10.10.2.2″,”10.10.3.3”,
#Display assets only with greater than 10 high vulnerabilities & new column
#Categorize assets in zones and add a new column
assets.df$zones <- ifelse(grepl(“^10.10.2″,assets.df$ip),”Zone1″,”Zone2”)
#final inspection of code input
If all goes well your run output will look like this: