PVS Detections

by David Schwalenberg
February 12, 2014

This dashboard highlights network vulnerabilities and promotes network awareness by displaying indications of the network traffic detected by the Passive Vulnerability Scanner (PVS).

The dashboard and its components are available in the SecurityCenter 4.7 Dashboard app feed, an app store of dashboards, reports, and assets.

The dashboard requirements are:

  • SecurityCenter 4.7
  • PVS 4.0.0

Listed below are the included components:

PVS Detections – Traffic
This matrix displays indicators for network traffic detected by PVS. This traffic includes observed malware/backdoor traffic, botnet traffic, gaming traffic, peer-to-peer traffic, data leakage, Internet messaging, and more. Also included are indicators for traffic that might cause policy or CGI (Common Gateway Interface) concerns.

PVS Detections - Devices/Services
This matrix displays indicators for devices and services detected by PVS. These observed devices/services include mobile systems, web clients and servers, other servers and protocols, cloud services, databases, wireless access points, and more.

PVS Detections - Non-Standard Traffic
This matrix displays indicators for non-standard traffic detected by PVS. This traffic is either non-standard traffic observed going to a standard port, or standard traffic observed going to a non-standard port.

PVS Detections - Vulnerabilities/Attacks
This matrix displays indicators for vulnerabilities and attacks detected by PVS. These vulnerabilities/attacks include observed issues with credentials and sensitive data, unsupported software, network attacks, suspicious database commands, and common known vulnerabilities of detected applications.

PVS Detections - Top 50 Exploitable Vulnerabilities
This table displays the top 50 exploitable vulnerabilities detected by PVS. The list is sorted so that the most critical vulnerability is at the top of the list. The severity and the number of hosts affected is shown for each vulnerability.