Predicting Attack Paths

by Ron Gula
April 2, 2012

Tenable has published a technical paper titled “Predicting Attack Paths” that describes how to leverage active and passive vulnerability discovery technology to identify in real-time Internet facing services, systems and clients on your network that can be exploited in a variety of scenarios.

Tenable customers can leverage Nessus active vulnerability scanning and PVS continuous passive network monitoring to accomplish this sort of security analysis. Vulnerability data from these sources is managed and analyzed with SecurityCenter. In the paper we offer easy steps to leverage SecurityCenter’s ability to categorize assets based on their exploitability, their level of trust with other systems and if the exploits are client-side vectors or server-side vectors.

The paper also details many different methods in which this information can be leveraged for dashboards, reports, real-time alerts and 3D visualization, such as shown in this screen shot below: 

Tenable-3d2-tool

If you are experienced with penetration testing, need to demonstrate security to  penetration testers or want to measure how exploitable your network is, this paper will help you leverage Tenable solutions to present clear and comprehensive results that can dramatically increase and demonstrate the security of your network.

In addition to the paper, Tenable has also added an "Attack Path Analysis" playlist of videos to our Tenable Youtube Channel