icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Historic Patch Mitigation Status

by Megan Daudelin
January 15, 2016

Patch management is a key responsibility of any information security team. By applying patches regularly, security teams can reduce the level of risk that their organization is exposed to. Integrating Nessus with SecurityCenter allows analysts to monitor the application of patches and resolution of vulnerabilities in their network.

The Historic Patch Mitigation Status dashboard monitors vulnerability mitigation on an organization’s network in order to help security teams understand the effectiveness of their patch management efforts. Increased visibility into vulnerability mitigation can assist security teams in implementing improved patch application procedures as needed. By monitoring the patterns of patch application and vulnerability mitigation, security teams can better understand the effectiveness of their efforts and make adjustments as necessary in order to more effectively secure their network.

The components in this dashboard display data about the mitigation dates of detected vulnerabilities. Two filters are leveraged: “Days to Mitigate” and “Days Since Mitigation.” The components depicting patch rates use the “Days to Mitigate” filter to count vulnerabilities that were mitigated within the specified number of days of initial discovery. The count is based on the difference between the “First Discovered” date and the “Mitigated On” date. The components that depict patch dates use the “Days Since Mitigation” filter to count vulnerabilities that were mitigated within the specified timeframe. The count is based on the number of days between the current date and the “Mitigated On” date. Together, the components in this dashboard can assist security teams with understanding the effectiveness of their patch application and vulnerability remediation efforts.

This dashboard is available in the SecurityCenter Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards and assets. This dashboard can be easily located in the SecurityCenter Feed under the category Monitoring. The dashboard requirements are:

  • SecurityCenter 4.8.2
  • Nessus 6.5.4

SecurityCenter Continuous View (CV) provides continuous network monitoring, vulnerability identification, risk reduction, and compliance monitoring. Nessus is continuously updated with information about advanced threats and zero-day vulnerabilities, and new types of regulatory compliance configuration audits. By integrating with Nessus, SecurityCenter CV’s continuous network monitoring is able to track vulnerabilities and mitigations across the enterprise.

Listed below are the included components:

  • Host Count – Patch Rate 0 – 20 Days: The Host Count – Patch Rate 0 – 20 Days matrix displays the number of vulnerabilities mitigated within 20 days of initial detection.
  • Host Count – Patch Date 0 – 20 Days: The Host Count – Patch Date 0 – 20 Days matrix displays the number of vulnerabilities patched within the last 20 days.
  • Host Count – Patch Rate 21 – 60 Days: The Host Count – Patch Rate 21 – 60 Days Matrix displays the number of vulnerabilities mitigated between 21 and 60 days of initial detection.
  • Host Count – Patch Date 21 – 60 Days: The Host Count – Patch Date 21 – 60 Days matrix displays the number of vulnerabilities patched between 21 and 60 days ago.
  • Host Count – Patch Rate > 60 Days: The Host Count – Patch Rate > 60 Days Matrix displays the number of vulnerabilities mitigated more than 60 days since initial detection.
  • Host Count – Patch Date > 60 Days: The Host Count – Patch Date > 60 Days matrix displays the number of vulnerabilities patched more than 60 days ago.