Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

OpenSSL Dashboard

by Josef Weiss
March 22, 2017

Developed in 1988, OpenSSL is an open source toolkit and cryptographic library for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. OpenSSL is used in a number of technologies from virtual private networks (VPN), network file shares (NFS), domain name servers (BIND), Java, and more. Other common use cases are to secure communications using https and to create certificate authorities. OpenSSL is mostly found in server side implementations and is commonly used by a wide variety of web servers. There are many versions of OpenSSL in existence. In some instances, OpenSSL libraries may be installed on a host even if the application itself is not running, potentially opening hosts to risks of compromise.

Notable OpenSSL vulnerabilities have included Heartbleed, timing attacks on RSA keys, and Change Cipher Spec (CCS) Injection Vulnerabilities. The POODLE vulnerability, while mostly directed at SSL v3.0, also affected vulnerable SSL/TLS OpenSSL libraries. A critical element in understanding potential OpenSSL risks is the identification of the installed OpenSSL applications, libraries, and versions within an organization's environment.

Organizations can save development costs by utilizing open-source projects such as OpenSSL, but they need to remain diligent in keeping the code up to date. Understanding which OpenSSL versions and vulnerabilities are present in the environment is a critical aspect of risk reduction. This dashboard provides the analyst with the ability to better prioritize OpenSSL patching efforts and highlights the networks which may have the greatest potential for concern. In addition to identifying risks associated with each OpenSSL version back to pre-2006, analysts can discover OpenSSL installations of which they might not even be aware, further decreasing the cost of analysis in determining the best approach to remediate OpenSSL vulnerabilities.

The dashboard is available in the SecurityCenter Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. The dashboard can be easily located in the SecurityCenter Feed under the category Threat Detection & Vulnerability Assessments. The dashboard requirements are:

  • SecurityCenter 5.4
  • Nessus 6.10.0
  • PVS 5.2.0

Tenable SecurityCenter Continuous View (CV) is the market-defining continuous network monitoring solution, and assists in securing an organization’s internal network. SecurityCenter CV is continuously updated with information about advanced threats, zero-day vulnerabilities, and new regulatory compliance data. Active scanning periodically examines systems to detect vulnerabilities within operating systems, software applications, and hardware. Agent scanning enables scanning and detection of vulnerabilities on transient and isolated devices. Passive listening provides real-time discovery of vulnerabilities on operating systems, protocols, network services, wireless devices, web applications, and critical infrastructure. Host data and data from other security products is analyzed to monitor activity from patch management solutions and services. SecurityCenter CV provides an organization with the most comprehensive view of the network and the intelligence needed to fully understand the impact of OpenSSL vulnerabilities on the network.

The following components are included within this dashboard:

  • OpenSSL ChangeCipher Spec - Indicators - This component provides an overview of OpenSSL vulnerabilities and the related ChangeCipherSpec vulnerabilities. There are three columns, one for each vulnerability type (active, passive, event). Each column has an indicator for the six CVEs related to OpenSSL ChangeCipherSpec vulnerability, and one indicator for all OpenSSL related vulnerabilities. The active and passive indicators will turn red, signifying immediate action should be taken, while the event vulnerabilities are orange and signify that administrators should investigate the true severity of the event.
  • OpenSSL – Detection Details - This matrix displays the OpenSSL versions detected as running in the environment and identifies the total number of vulnerabilities associated with each version.
  • OpenSSL – Version Specific Vulnerabilities - This matrix displays OpenSSL vulnerabilities by specific OpenSSL version, displayed by row. Each row presents columns showing the number of hosts and counts of vulnerabilities by severity from low to critical.
  • OpenSSL – Top Concerns Based on Version - This table displays OpenSSL vulnerabilities by OpenSSL version. Vulnerabilities are ranked from most to least severe.
  • OpenSSL – Top 10 Remediation Opportunities - This component displays which remediation opportunities should be targeted to achieve the largest reduction of identified OpenSSL vulnerabilities.
  • OpenSSL – Class C Summary - This chart displays OpenSSL vulnerabilities by Class C subnet. Vulnerabilities displayed are for all severity levels and are sorted into Class C address blocks.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Formerly Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Formerly Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training