Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Software Summary

by Cesar Navas
November 4, 2015

Organizations are expanding beyond a typical Windows only environment and allowing different computer operating systems and software. Administrators and analysts should be aware of what software operates in their environment, especially in light of shadow IT possibilities. This dashboard provides insight into the operating systems and software in the environment as well as their vulnerability risk.

Software helps organizations and people to accomplish tasks and goals across different operating systems. Being able to interoperate with different files and workflows across different software packages and operating systems is great for the end user. However, the flexibility to allow users to work with different software applications comes at a cost of having to manage different products that can accomplish the same task. For instance, a user can create a Microsoft Word document in Windows and give this to another user who uses a Mac with Apple’s Pages software. The two users have different operating systems and software packages, but they can work together. Administrators and analysts need to know about the vulnerabilities in the environment regardless of how the user gets their task accomplished. This dashboard gives the administrators and analysts the information necessary to remediate these OS and software vulnerabilities across the different ecosystems.

Most software packages and operating systems have vulnerabilities of varying degrees of severity. Attackers will use these software vulnerabilities to compromise data and/or environments. In some cases, attackers only need one or a few vulnerabilities to carry out their attacks. Analysts should know about the different vulnerabilities and their exploitation risk to the environment. This dashboard relates actionable information to administrators and analysts to help them to better protect the environment, remediate vulnerabilities, and mitigate risks.

The dashboard provides broad information across major operating systems and software packages. The analyst is presented with components in the dashboard that show specific vulnerabilities as well as counts of vulnerability across severity levels. Not only are vulnerabilities shown for operating systems, but also web browsers and web browser plugins. The ubiquitous nature of Adobe Flash across multiple operating systems and web browsers makes Flash an attractive target to attackers. Java enables rich and entertaining content in end user applications and is another piece of software that needs constant attention to remain updated. There are many applications that run in web browsers and require a specific web browser for optimal operability. Web browsers are also a constant source of vulnerabilities regardless of the underlying operating system. One of the components in this dashboard shows vulnerabilities for many popular and common web browsers. The web browsers monitored for vulnerabilities are from vendors such as Microsoft, Apple, Google, Mozilla and Opera. Administrators and analysts need to be mindful of the various vulnerabilities in the environment and their risk to the environment.

This dashboard is available in the Tenable.sc Feed, an app store of dashboards, reports and assets. This dashboard can be easily located in the Feed under the category Threat Detection. The dashboard requirements are:

  • Tenable.sc 4.8.2
  • Nessus 8.5.1
  • NNM 5.9.1

Tenable provides continuous network monitoring to identify vulnerabilities, reduce risk and ensure compliance. Our family of products includes Tenable.sc Continuous View (CV), Nessus, and Nessus Network Monitor (NNM). Tenable.sc CV provides the most comprehensive and integrated view of network health. Nessus is the global standard in detecting and assessing network data. NNM provides deep packet inspection to continuously discover and track users, applications, cloud infrastructures, trust relationships, and vulnerabilities.

This dashboard contains the following components:

  • OS Vulnerabilities: The “OS Vulnerabilities” matrix component displays four levels of vulnerability severity. This matrix also shows as a percentage how many hosts are exploitable.
  • Browser and Plugin Vulnerabilities: The “Browser and Plugin Vulnerabilities” matrix component show a count of the vulnerabilities by four severity levels. The matrix component also shows as a percentage the number of exploitable hosts.
  • Vulnerability Trending: The “Vulnerability Trending” line chart component shows over the last 25 days vulnerabilities of varying severity levels
  • Microsoft Top 5 Vulnerabilities: The “Microsoft Top 5 Vulnerabilities” table is a quick look at the top five vulnerabilities relating to Microsoft technologies
  • Mac Top 5 Vulnerabilities: The “Mac Top 5 Vulnerabilities” table is a quick look at the top five vulnerabilities relating to Mac OSX
  • Unix/Linux Top 5 Vulnerabilities: The “Unix/Linux Top 5 Vulnerabilities” table is a quick look at the top five vulnerabilities relating to Linux and Unix technologies
Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, email, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.