Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

DHS CISA Binding Operational Directive 22-01 Report

by Seth Matheson
November 5, 2021

DHS CISA Binding Operational Directive 22-01 Report

On November 3rd, 2021, CISA issued Binding Operational Directive (BOD) 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities establishing a CISA managed catalog of known exploited vulnerabilities and requires federal civilian agencies to identify and remediate these vulnerabilities on their information systems. Tenable.sc allows organizations to quickly summarize and track specific vulnerabilities to ensure proper discovery and mitigation.  This report showcases progress in mitigation of these vulnerabilities to allow organizations to ensure a reduced attack surface.

The DHS site says:

The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy. The federal government must improve its efforts to protect against these campaigns by ensuring the security of information technology assets across the federal enterprise. Vulnerabilities that have previously been used to exploit public and private organizations are a frequent attack vector for malicious cyber actors of all types. These vulnerabilities pose significant risk to agencies and the federal enterprise. Aggressively remediating known exploited vulnerabilities is essential to protect federal information systems and reduce cyber incidents.

Directive 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities establishes a CISA-managed catalog of known exploited vulnerabilities that carry significant risk to the federal enterprise  and establishes requirements for agencies to remediate any such vulnerabilities included in the catalog. CISA will determine vulnerabilities warranting inclusion in the catalog based on reliable evidence that the exploit is being actively used to exploit public or private organizations by a threat actor. This directive enhances but does not replace BOD 19-02, which addresses remediation requirements for critical and high vulnerabilities on internet-facing federal information systems identified through CISA’s vulnerability scanning service.

The CISA Known Exploited Vulnerabilities Catalog defined the vulnerabilities to be address by November 17th, 2021 (BOD 22-01). Tenable.sc assists the CISO in identifying actions needed to mitigate these vulnerabilities along with others identified in past due advisories. The CVE’s tracked by CISA in this report are subject to change and new reports will be provided as needed.

Tenable.sc uses active credentialed scanning and/or agent-based scanning to collect information needed to identify known exploitable vulnerabilities. Allowing the risk manager to work with asset owners to establish an ongoing remediation action plan, which demonstrate compliance with this directive.

The report is available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The dashboard can be easily located in the Tenable.sc Feed under the category Threat Detection & Vulnerability Assessments.

The report requirements are: 

  • Tenable.sc 5.19.1
  • Nessus 8.15.2

Risk-based vulnerability management (RBVM) is a process that reduces vulnerabilities across the agency's attack surface by prioritizing remediation actions to the risks CISA identifies. Tenable.sc enables the agency to go beyond just discovering vulnerabilities, and provides the life cycle steps to establish internal validation and enforcement procedures that demonstrate adherence with this Directive.

Chapters

Executive Summary: The Executive Summary provides the operations team a quick view into NIA Compliance and Vulnerability Priority Rating (VPR) summary matrices. Using a series of tables and matrices this chapter provides an easy-to-understand view of the current state of the NIA compliance.

Roadblocks Currently Gating Remediation: This chapter tracks the top remediation actions that will have the most impact to resolve the tracked vulnerabilities in your environment and notes any blockers that may exist such as missing rollup packages or configurations requiring registry changes.

Vulnerability and Host Details: The Vulnerability and Host Details chapter includes a table that displays a full list of missing patches that need to be applied to remediate all the tracked vulnerabilities and the impacted hosts.

Try for Free Buy Now
Tenable.io FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.