SC Dashboard
Wednesday, May 18, 2016
According to published data in the Verizon Data Breach Investigation Report (DBIR), missing patches with associated Common Vulnerabilities and Exposure (CVE) IDs accounted for a large number of exploits. A CVE is a dictionary of publically known information about security vulnerabilities and exposures, maintained by the Mitre Corporation, and funded by the National Cyber Security Division of the United States Department of Homeland Security. Applying the appropriate vendor patch can typically mitigate these vulnerabilities.
SC Dashboard
Wednesday, May 18, 2016
Databases can potentially store valuable data for an organization that may not have daily database activity monitoring mechanisms in place. Database management systems can have vulnerabilities, which attackers can exploit to retrieve the organization’s data. This dashboard assists analysts with the identification of database management systems, database vulnerabilities, and information to assist in reducing vulnerabilities.
SC Report Template
Thursday, April 14, 2016
The ability to detect active user accounts and executed commands across hosts is very useful for analyzing system activity, as well as assisting in the identification of activity that may be malicious in nature. Being able to alert on active users and executed commands can be helpful in maintaining a secure environment. This report presents information on active users and issued commands executed across hosts within the environment.
SC Report Template
Thursday, April 7, 2016
The ability to detect unique processes across hosts is very useful for identifying new changes, as well as executables created by malicious software. Many types of malicious software create executables with random file names, being able to alert on those is key is maintaining a secure environment. This report presents information on unique processes and new commands that have been detected in the environment.
SC Dashboard
Friday, February 26, 2016
Monitoring the status of multiple security devices can be a challenge for security teams. The pressure to track down and remediate vulnerabilities often overshadows the routine tasks to ensure the health of the security devices. This dashboard provides administrators a platform for monitoring the health and status of their Nessus scanners, Passive Vulnerability Scanners (PVS) and Log Correlation Engines (LCE) through their connection to SecurityCenter.
SC Report Template
Thursday, February 25, 2016
Hosts that contain unsupported or unauthorized software within an organization’s environment is risky and may have dangerous consequences. Unsupported software is no longer compliant with regulatory obligations while unauthorized software may create other organizational risks. This report identifies hosts that are found to have unsupported and unauthorized applications installed.
SC Report Template
Thursday, February 18, 2016
Adobe products are widespread, and Flash is a favorite target of exploit kits, with many of the top exploits targeting flash and other Adobe product vulnerabilities. Understanding what vulnerabilities exist better informs and prepares organizations to which patch management functions need to be addressed. This report provides details on flash vulnerabilities as well as other Adobe products for Windows and Mac OS systems.
SC Report Template
Thursday, February 4, 2016
Hosts that contain unsupported software or operating systems within an organization’s environment are risky, and may have dangerous consequences. Patches for new vulnerabilities in unsupported software will no longer be available, and unsupported software is no longer compliant with regulatory obligations. This report identifies hosts that are found to have unsupported operating systems or applications installed.
SC Dashboard
Thursday, January 21, 2016
Netstat displays active connections for Transmission Control Protocol (TCP), and lists the ports on which the computer is listening. Netstat is useful for displaying statistics and enumerating open ports on a given host and across multiple platforms. This dashboard utilizes Nessus netstat plugins to enumerate open ports via SSH and WMI.
SC Dashboard
Thursday, January 14, 2016
Securing assets appropriately is a common goal of any information security program. The Center for Internet Security (CIS) provides industry best practices to help organizations improve their security posture. The CIS Linux and Unix dashboard is designed to display the overall compliance status of the network based on Tenable's certified Center for Internet Security (CIS) Linux and UNIX Configuration Benchmark audits.