This Remediation Report provides detailed instructions to resolve vulnerabilities on the top 20 most vulnerable systems tracked within SecurityCenter. The report is organized by the plugin type (Active, Passive, and Compliance). This report contains resolution and steps to mitigate the risk of the vulnerabilities, including CVE, BID, and vendor knowledgebase articles. Additionally, this report indicates if the vulnerability is exploitable, indicated in the detailed remediation information and by which exploit platform.
The report is available in the SecurityCenter 4.7 report app feed, an app store of dashboards, reports, and assets.
The requirements are:
- SecurityCenter 4.7.1
- Nessus 5.2.1
- PVS 4.0
Active Remediation Instructions by Host - This chapter provides a top 20 summary of most vulnerable hosts by severity levels (Critical and High) discovered from active scanning performed by Nessus vulnerability scanners. Active vulnerability scanning sends packets to a target machine to provide a snapshot of the network services and applications installed, and to determine if vulnerabilities are present. Active scanning can perform highly accurate and rapid patch, configuration, and vulnerability audits across many systems, including Unix, Linux, Windows, network devices, and database systems.
Passive Remediation Instructions by Host - This chapter provides a top 20 summary of the most vulnerable hosts by severity levels (Critical and High) discovered from passive scanning performed by the Passive Vulnerability Scanner (PVS). PVS is an advanced network monitoring application designed to detect vulnerabilities on the network by listening to network communications. Through passive monitoring, PVS can reveal devices and software on the network that are not authorized, or that may indicate a network compromise.
Compliance Remediation Instructions by Host - This chapter provides a top 20 summary of hosts that have failed compliance checks, which are reported through performing scans with audit files in SecurityCenter. The compliance checks may vary in importance, depending on the environment. In this report, the checks that failed are listed as high severity.