Andrew Freeborn

Oracle software is typically used in an organization to provide services with Java, ERP, or virtualization. Attackers know that many organizations with Oracle software may have outdated versions in use, which the attackers can use to their advantage. Analysts can use this report to identify vulnerable Oracle software to reduce the risk to the organization.

The federal government relies heavily on external service providers and contractors to assist in carrying out a wide range of federal missions. In order to protect information processed by, stored on, or transmitted through nonfederal information systems, NIST SP 800-171 provides recommended requirements, including the Access Control and Identification and Authentication families of requirements. This dashboard focuses on limiting access to sensitive data through monitoring of information system access and strong user authentication.

Modern applications such as web browsers, Java, and anti-virus clients commonly have associated mechanisms to keep the applications up to date. The applications that update other applications are still software that can have vulnerabilities. This report can assist analysts with identifying the updater applications on the network and the associated vulnerabilities.

In today’s world of more connected “everything”, organizations are making more business-centric services available across the Internet. With more of the company’s services offered via the Internet, there is an inherent risk for more vulnerabilities and exploitation. This report can assist analysts to ensure that vulnerabilities in web services from multiple vendors are detected across the organization.