Tracking Risk

by Josef Weiss
October 30, 2013

Tracking unsupported and exploitable software along with critical vulnerabilities over time offers a variety of insights to the security of your network.

  • SecurityCenter 4.7
  • Required tools : Passive Vulnerabiltiy Scanner or Nessus

These dashboards each include four different components that trend the detection of unsupported software, exploitable vulnerabilities, systems with high severity vulnerabilities and vulnerabilities with CVSS scores of 10.

Tenable’s Research team has built a variety of detection logic for Nessus and the Passive Vulnerability Scanner which detects a variety of unsupported applications. These are often “end-of-lifed” operating systems, web browsers and other types of software. The risk from unsupported software is high because very often, security fixes in the form of patches are not available for these technologies.

Tracking the detection of unsupported software can be very insightful. These components track any type of service or client-side applications that are unsupported the same way.

For tracking exploitable vulnerabilities, Tenable uses data feeds provided by vendors such as Core, Immunity and several others to identify which vulnerabilities have exploits available for them. Theoretically, all vulnerabilities can be exploited, but in practice only a very small few have been weaponized into a point-and-click tool. Knowing that an exploit exists for a vulnerability and trending this over time can help prioritize what types of security actions you should take.