Nessus can perform a variety of content checks to look for credit card, financial, personal, copy-written and other types of sensitive data. This dashboard summarizes a variety of different types of sensitive data audits.
- October 28, 2013 , SecurityCenter 4.7.0
- Requirements - Nessus 5.2.1
Nessus can be used to perform a variety of credentialed, uncredentialed and file inspection checks that look for a variety of different types of data in different file formats. This dashboard is made up of 5 components.
Potential Sensitive Information (Active Scanning): An indicator-based component triggers when certain elements are found by an active Nessus scan.
Systems with Sensitive Data: Lists systems with files that contain sensitive data. A filter selected the repository containing the audit results and a severity of high was used to select those with matching data.
Sensitive Data Types: Summarizes file types that contain sensitive data.
Asset Sensitive Data Audit and Results: Displays an indicator that displays a trigger if any assets hold sensitive data, have vulnerabilities that are exploitable, and if the assets were scanned for sensitive content in the last thirty days.
Sensitive Data – Last 25 Days: Displays a trend of the last 25 days of compliance type data vulnerabilities.
- Payment Card Industry - 3.2
- SANS Consensus Audit Guidelines - 15 Data Loss Prevention
- FISMA - AC-4, MP-2 (2), MP-4 (1), SC-7 (6, 10), SC-9, SC-13, SC-28 (1), SI-4 (4, 11), PM-7