Exploits & Attack Paths

HeartBleed Report

by Cody Dumont
April 10, 2014

HeartBleed Report Screenshot
This report template identifies the details on systems vulnerable to the newly identified HeartBleed vulnerability. Using all the tools available to SecurityCenter users, Tenable has several methods of identifying vulnerable systems.

Exploitable by Malware

by Cody Dumont
December 26, 2013

Exploitable by Malware Screen Shot
This report provides a detailed view into the exploitability of your network. The following chapters show which vulnerabilities are exploitable by malware, and then compares the exploitability to attack frameworks.

IT-Grundschutz BSI-100-2 Report Template

by Josef Weiss
June 19, 2013

Required - IT-Grundschutz BSI-100-2 audit file, Nessus, and SecurityCenter 4.6 or higher

The IT-Grundschutz Standards and Catalogues are a set of recommendations designed to assist an organization in achieving an appropriate security level for information throughout an organization. The Federal Office for Information Security (BSI) in Germany develops and maintains the BSI Standards, of which IT-Grundschutz is a part, with the providing methods, processes, procedures, and approaches to information security management, risk analysis, and business continuity management.

Exploitable Systems Report

by Randal T. Rioux
November 26, 2012

Chart_1

Tenable incorporates exploit information for vulnerabilities discovered using data feeds provided by vendors such as Core, Immunity, and several others. Knowing that major exploit platforms have such click-and-attack capabilities for vulnerabilities found on your network, and trending such details over time, can assist you in prioritizing actions you should take to minimize your exposure.

Exploit Frameworks

by Dave Breslin
May 10, 2012

HostsAndPlugins

This report template provides both summarized and detailed information to complement the Exploits By Platform dashboard template. The sample above was cut from one of four chapters. The table at the top lists hosts with vulnerabilities that can be exploited by Immunity CANVAS. The table at the bottom reports Nessus plugin family totals for Immunity CANVAS exploitable vulnerabilities. The example report provided, use the download link below, was produced in a laboratory environment and is not intended for use in the competitive analysis of Metasploit, Core Impact or Immunity CANVAS.

Exploitable Vulnerabilities Summary

by Dave Breslin
March 9, 2012

TopExploitableHosts

This report template graphs and charts exploitable vulnerabilities over time and summarizes the most exploitable issues, networks and hosts. It is based on an existing dashboard template. The sample table above was generated by one of four chapters in the template. To see a full report use the download example link.