Tenable has published a technical paper titled “Predicting Attack Paths” that describes how to leverage active and passive vulnerability discovery technology to identify in real-time Internet facing services, systems and clients on your network that can be exploited in a variety of scenarios.
Tenable customers can leverage Nessus active vulnerability scanning and PVS continuous passive network monitoring to accomplish this sort of security analysis. Vulnerability data from these sources is managed and analyzed with SecurityCenter. In the paper we offer easy steps to leverage SecurityCenter’s ability to categorize assets based on their exploitability, their level of trust with other systems and if the exploits are client-side vectors or server-side vectors.
The paper also details many different methods in which this information can be leveraged for dashboards, reports, real-time alerts and 3D visualization, such as shown in this screen shot below:
If you are experienced with penetration testing, need to demonstrate security to penetration testers or want to measure how exploitable your network is, this paper will help you leverage Tenable solutions to present clear and comprehensive results that can dramatically increase and demonstrate the security of your network.