SecurityCenter Report Templates

Admin Discovery Report

by Josef Weiss
April 29, 2014

This report displays details on Administrator accounts that have been found in your environment via LCE and active Nessus scanning.

Provided are details on:

  • Administrative accounts that have been identified within the environment.
  • Accounts that are listed as being 'admin', 'administrator', or 'root' are displayed, along with any other accounts provisioned on the system.

This can be easily configured to your own environment if required by altering the filter for vulnerability text.

FortiGate Scan Report

by Josef Weiss
April 22, 2014

This report leverages the Tenable FortiGate Best Practices Audit and other plugins to provide security settings and other useful information on FortiGate device configuration to an administrator.

Requirements:

  • root/admin SSH credentials for FortiGate FortiOS device.
  • Plugin ID #70272 (Fortigate FortiOS compliance checks)
  • Audit File for Fortigate (TNS_Fortigate_Best_Practices.audit)
  • FortiOS Dynamic Asset

Security settings included in this audit:

HeartBleed Report

by Cody Dumont
April 10, 2014

HeartBleed Report Screenshot
This report template identifies the details on systems vulnerable to the newly identified HeartBleed vulnerability. Using all the tools available to SecurityCenter users, Tenable has several methods of identifying vulnerable systems.

NetFlow Monitor Report

by Josef Weiss
April 9, 2014

Sample image from Chapter 4 of the report.

This report displays event statistics leveraging the capabilities of Tenable Netflow Normalized Events. This event data is correlated to produce a series of pie charts, tables, and trends lines to display statistical data. The report is based on the the components present in the NetFlow Monitor Dashboard.

Netflow data that is being forwarded to Tenable’s LCE includes ports, source and destination IP address. The chapters in this report include:

Top Talkers (All Traffic)

PCI Configuration Report

by Josef Weiss
April 1, 2014

This report template leverages Nessus PCI system configuration results to track which PCI DSS requirements are compliant or non-compliant.

If you need to track which PCI requirements your group is compliant with and you are performing credentialed Nessus configuration audits of your systems, then this SecurityCenter report template can be used to track which requirements are currently being met or not.

Pages