Malicious Process Detection

by Dave Breslin
July 9, 2012

Dashboard

This dashboard was designed to be used with the Malicious Process Detection in Nessus including the plugin update to divide results into malware and potentially unwanted software.

 

Locations

When reporting locations the dashboard uses SecurityCenter's asset lists. If you are using both static asset lists (to label network subnets as locations) and dynamic asset lists (to group hosts by attributes like operating system) then SecurityCenter's GUI driven report builder will allow you to refine the subset of asset lists reported:

Assetfilters

The historical trend graphs use daily snapshots taken by SecurityCenter automatically:

Trendgraph

Trendoption

The 7 day timeframe can be easily modified to a shorter or much longer period:

Timeframe

To display the detailed Nessus plugin output of malicious processes and potentially unwanted software use the “Browse Component Data” icon above the host summary tables and switch the analysis view to "detailed vulnerability results":

Browsecomponentdata

Details1

Details2