Identifying, prioritizing, and patching existing vulnerabilities on a network can be a difficult task for any analyst to manage effectively. By determining which vulnerabilities are most severe, analysts can properly prioritize vulnerability remediation in order to best protect systems on the network. This report presents a comprehensive look at the critical and exploitable vulnerabilities discovered on the network, which can be useful in reducing the overall attack surface and keeping critical data secured within an organization.
Tenable SecurityCenter Continuous View (CV) collects a vast amount of data on existing vulnerabilities discovered on the organization's network. Detailed analysis and understanding of risk for each vulnerability can be time consuming. The analyst should understand the impact of each vulnerability in order to understand the threat posed by the vulnerability.
SecurityCenter CV defines the severity of a vulnerability using the Common Vulnerability Scoring System (CVSS) base score. The CVSS is a method to define and characterize the severity of a vulnerability. Vulnerabilities are scored on a scale of 1 to 10, with a CVSS base score of 10 considered to be the most severe. SecurityCenter CV specifies vulnerabilities with a CVSS base score of 10 as “critical.” In addition to specifying the severity of a vulnerability, SecurityCenter CV checks industry sources to determine if a publically-known exploit for the vulnerability exists. These critical and exploitable vulnerabilities create gaps in the network’s integrity which attackers can take advantage of to gain access to the network. Once inside the network, an attacker can perform malicious attacks, steal sensitive data, and cause significant damage to critical systems. By identifying the most severe vulnerabilities, analysts and security teams can better focus patch management efforts and better protect the network.
The Critical and Exploitable Vulnerabilities report provides information on critical and exploitable vulnerabilities that have been detected on the network. The report utilizes data such as the CVSS base score and information from exploit frameworks including Metasploit, Core Impact, Canvas, Elliot, and ExploitHub to determine which vulnerabilities are critical and exploitable. The report presents a cumulative view of the data to provide an analyst with a comprehensive understanding of the discovered critical and exploitable vulnerabilities. Using various visual aids, the report displays the data in an easy to understand manner. Furthermore, the report presents potential remediation actions that an analyst can use as a starting point for a remediation plan. The information from this report will enable analysts to discover, prioritize, and remediate critical and exploitable vulnerabilities in a timely manner.
The report is available in the SecurityCenter Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards and assets. The report can be easily located in the SecurityCenter Feed under the category Executive. The report requirements are:
- SecurityCenter 5.4.1
- Nessus 6.8.1
Tenable SecurityCenter Continuous View (CV) is the market-defining continuous network monitoring solution, and can assist in securing an organization’s internal network and effectively responding to incidents. SecurityCenter is continuously updated with information about advanced threats and zero-day vulnerabilities, allowing it to evolve as the threats evolve. Active scanning periodically examines systems to determine vulnerabilities and compliance concerns, which enables security teams to more effectively tailor remediation efforts. Passive listening provides real-time monitoring to collect information about hosts connected to the network, including detected vulnerabilities. Tenable’s extensive network monitoring capabilities enables a powerful, yet non-disruptive, continuous monitoring of the organization to ensure the latest vulnerability information is provided to analysts.
Executive Summary - The Executive Summary chapter presents a series of tables and charts to provide an overview of both critical and exploitable vulnerabilities. The elements presented allow analysts to visualize how critical vulnerability detections in the network have changed over time, as well as a focus on recent vulnerability activity. In addition, the elements provide a comparison of critical vulnerabilities with exploits to critical vulnerabilities with no known exploits. Differentiating the two allows analysts to further prioritize the remediation of the critical vulnerabilities, as the critical vulnerabilities with exploits can pose a more immediate threat.
Exploitable Vulnerability Summary - The Exploitable Vulnerability Summary chapter displays a summary of the top exploitable critical vulnerabilities. The components in this chapter clarify which systems and hosts on the network are more exploitable and provide suggestions on how to begin securing them. Information presented in this chapter can alert organizations to vulnerabilities within the network that have known exploits associated with them.
Critical Vulnerability Summary - The Critical Vulnerability Summary chapter displays a summary of the top critical vulnerabilities. The components in this chapter clarify which systems and hosts on the network are most vulnerable and provide suggestions on how to begin securing them. Using this chapter, organizations will be able to identify which vulnerabilities can cause the most damage to the network if left unattended.