Monitoring Unix and Linux hosts for vulnerabilities is an essential piece of securing a network. Various distributions can be susceptible to different vulnerabilities, so understanding which Unix or Linux distributions are used in the environment is important. SecurityCenter integrates with Nessus to monitor Unix and Linux hosts for vulnerabilities across various distributions.
The Unix and Linux Distribution Vulnerabilities report assists security teams with monitoring Unix and Linux hosts within their network. Specific plugin families are used to identify vulnerabilities by distribution and severity. Detailed information is included about specific vulnerabilities detected across distributions. Plugin IDs are used to identify hosts with Unix or Linux operating systems and list the results by count. By monitoring Unix and Linux hosts in the environment, security teams can more effectively identify and remediate associated vulnerabilities.
The chapters in the Unix and Linux Distribution Vulnerabilities report present vulnerabilities and distributions. Specific information about vulnerabilities by severity and distribution is provided to assist with remediation efforts. An indicator matrix shows whether vulnerabilities have been detected that impact specific distributions in the environment. Trend data is used to illustrate the rates of vulnerabilities by severity over the past week in order to allow security teams to monitor remediation progress. If needed, the report can be modified to focus on subnets or distributions of particular concern. Organizations can use the information provided to better monitor the presence of vulnerabilities across Unix and Linux distributions.
Note: Credentialed scans of the target machines are necessary to retrieve information from the local security check plugins.
This report available in the SecurityCenter Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. This report can be easily located in the SecurityCenter Feed under the category Monitoring. The report requirements are:
- SecurityCenter 4.8.2
- Nessus 6.5.4
- Local Security Checks
Of the five sensors supported by Tenable products, this dashboard focuses on two: Active Scanning and Agent Scanning. Active Scanning provides the ability to periodically examine assets to determine their level of risk to the organization. Agent Scanning allows the organization to rapidly audit assets that are offline or where credentialed scanning is not an option. Tenable SecurityCenter provides continuous network monitoring, vulnerability identification, risk reduction, and compliance monitoring. SecurityCenter is continuously updated with information about advanced threats and zero-day vulnerabilities, and new types of regulatory compliance configuration audits allowing for organizations to know their environment is being scanned with latest technology. By integrating with Nessus, SecurityCenter is able to monitor the network and detect systems and vulnerabilities across the enterprise.
- Executive Summary: This chapter provides a high-level overview of the Linux and Unix distributions present on the network. The chapter also provides trend data about vulnerabilities associated with the detected Linux and Unix operating systems. Security teams can use the information in this chapter to gain perspective on the current vulnerability status of the Linux and Unix systems on their network.
- Unix and Linux Vulnerabilities: This chapter presents detailed information about the vulnerabilities affecting Unix and Linux hosts on the network. Vulnerabilities are identified by the distribution affected as well as severity. Security teams can use the information in this chapter to determine whether any Unix or Linux distributions on their network are impacted by vulnerabilities and adjust their remediation efforts accordingly.