Remediation Instructions Report by Vulnerability

by Cody Dumont
November 7, 2013

This remediation report provides detailed information on the top discovered vulnerabilities, and lists the affected hosts tracked within SecurityCenter. This report also contains steps to mitigate the risk of the vulnerabilities, including CVE, BID, and vendor knowledgebase articles. Additionally, this report indicates if the vulnerability is exploitable and by which exploit platform.

The report is available in the SecurityCenter 4.7 Report app feed, an app store of dashboards, reports and assets.  The report requirements are:

  • SecurityCenter 4.7.1
  • Nessus 5.2.3
  • PVS 4.0

Chapters

  • Active Vulnerability Remediation Plan - This chapter provides a top 20 summary of vulnerabilities (with affected hosts) discovered from active scanning performed by Nessus vulnerability scanner. Active vulnerability scanning sends packets to a target machine to provide a snapshot of the network services and applications installed, and to determine if vulnerabilities are present. Active scanning can perform highly accurate and rapid patch, configuration, and vulnerability audits across many systems, including Unix, Linux, Windows, network devices, and database systems.
  • Passive Vulnerability Remediation Plan - This chapter provides a top 20 summary of vulnerabilities (with affected hosts) discovered from passive scanning performed by the Passive Vulnerability Scanner (PVS). PVS is an advanced network monitoring application designed to detect vulnerabilities on the network by listening to network communications. Through passive monitoring, PVS can reveal devices and software on the network that are not authorized, or that may indicate a network compromise.
  • Compliance Check Remediation Plan - This chapter provides a top 20 summary of compliance check failures discovered through performing scans with audit files in SecurityCenter. The compliance checks may vary in importance, depending on the environment. In this report the checks that fail are listed as high severity.