Vulnerability Metrics

Mitigation Summary Executive Report

by David Schwalenberg
July 16, 2014

This report presents vulnerability summary information grouped in various ways. It provides a succinct visual representation of how quickly vulnerabilities on the network are being mitigated and how many exploitable vulnerabilities remain.

MAS TRM Guidelines Report

by David Schwalenberg
July 9, 2014

MAS TRM Guidelines Report Screenshot
The Monetary Authority of Singapore (MAS) published new Technology Risk Management (TRM) Guidelines in June 2013. The MAS TRM Guidelines report provides a high-level overview of information relevant to specific sections in the TRM Guidelines. The applicable sections of the TRM Guidelines are noted for each component in the report.

Qualitative Risk Analysis with CVSS Scores

by Michael Willison
June 20, 2014

Qualitative Risk Analysis with CVSS Scores Screen Shot
Information Security professionals continuously perform various types of risk assessments within their environment. SecurityCenter users have a secret weapon in the battle to properly assess risk, and that weapon is SecurityCenter's native ability to fully use the CVSS scoring system.

Relative Date Summary Report

by Cody Dumont
February 6, 2014

 Relative Date Summary Report Screen Shot
SecurityCenter supports server predefined relative date setting for trend analysis, remediation tracking, and vulnerability analysis. This report template provides five chapters using these relative date summary filters.

Monthly Executive Report

by Cody Dumont
January 7, 2014

Monthly Executive Report
This report is produced by Tenable SecurityCenter and provides a high-level executive review of vulnerability detection over the past 30 days. This report provides executive-level directors and managers with a detailed understanding of the vulnerability risk management program via a series of trend graphs, charts, tables, and other reporting components. A CISO can use this report in monthly meetings to communicate the status of current risk levels to other members of the organization.

Executive Age Summary Report

by Cody Dumont
October 24, 2013

Executive Age Summary Report
Using a series of charts, tables, and graphs, this overview report provides a summary for an executive to gain a high level understanding of the vulnerability management status of the network environment. This report contains valuable information, including Top 10 Summaries of Assets, Networks and Systems that are vulnerable, as well as useful trend information on vulnerabilities and how long they have existed within the network environment.

IAVM Executive Summary Report

by Cody Dumont
October 3, 2013

IAVM Executive Summary Report Screenshot
The US Cyber Command (USCYBERCOM) publishes Information Assurance Vulnerability Management (IAVM) Notices for the DoD. This report provides an executive summary to the current IAVM program.

IT-Grundschutz BSI-100-2 Report Template

by Josef Weiss
June 19, 2013

Required - IT-Grundschutz BSI-100-2 audit file, Nessus, and SecurityCenter 4.6 or higher

The IT-Grundschutz Standards and Catalogues are a set of recommendations designed to assist an organization in achieving an appropriate security level for information throughout an organization. The Federal Office for Information Security (BSI) in Germany develops and maintains the BSI Standards, of which IT-Grundschutz is a part, with the providing methods, processes, procedures, and approaches to information security management, risk analysis, and business continuity management.

HP Software Vulnerabilities

by Cody Dumont
June 18, 2013

HP Software Vulnerabilities Report Screen Shot
This report enumerates known software and hardware manufactured by HP, such as HP System Management, HP OpenView, and HP Data Protector. The report displays information for enforcing and verifying IT management policies relating to assets, such as vulnerability, configuration and remediation policies.