Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Unmanaged and Unsupported Host Report

by Josef Weiss
February 4, 2016

The proliferation of unsupported products is an issue for many organizations and increases the effort required to minimize risk. The Department of Homeland Security has issued alerts stating that running unsupported software opens your business up to elevated cybersecurity risks. As applications and operating systems reach their end-of-life (EOL), vendors stop offering support. As patches and updates are released for new versions of software, unsupported versions will be left out. Essentially, zero-day vulnerabilities could be in effect forever on operating systems and application versions that are no longer supported. Therefore, security and stability decrease, raising concern as time progresses. As patches, updates and security fixes will no longer be available, identifying systems running unsupported applications is an important part of assessing and minimizing organizational risk.

This report is comprised of four main chapters that report on unsupported products found in the environment. Components include bar graphs and tables to display, track, and report on unsupported operating systems and applications.

Vulnerability data is filtered using a variety of plugins, such as Nessus plugin 33850, Unsupported Unix Operating System. By searching the plugin name for keywords, plugin family, severity, OS and application CPE strings, SecurityCenter Continuous View can better present the data to the security analyst. Using these examples, the analyst can modify the details and create new chapters or tables specific to the organization’s needs.

The report is available in the SecurityCenter Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards and assets. The report can be easily located in the SecurityCenter Feed under the category Compliance.

The report requirements are:

  • SecurityCenter 5.0.0
  • Nessus 6.5.4

SecurityCenter Continuous View (CV) provides continuous network monitoring, vulnerability identification, risk reduction, and compliance monitoring. SecurityCenter CV is continuously updated with information about advanced threats, zero-day vulnerabilities, and new types of regulatory compliance configuration audits. SecurityCenter CV allows for the most comprehensive and integrated view of network health.

The report contains the following components:

  • Executive Summary - The Executive Summary provides an overview of the three main chapters of this report. Each chapter is summarized with a bar chart, which displays a graph of the unsupported products by the family in which they belong. A table displays the name of the unsupported product and the count of how many were found in the environment.
  • Unsupported Devices - The Unsupported Devices chapter provides details on unsupported core devices (Cisco, Junos, etc.), databases, web servers, and virtual servers. These devices are typically the central part of an organization’s network, and those which provide services to customers. Knowing if any of these devices contain unsupported software is critical to maintaining a secure environment.
  • Unsupported Operating Systems - The Unsupported Operating Systems chapter provides details on any operating system that is no longer supported by the vendor. Coverage is provided for all currently unsupported versions of Windows, Linux, Unix and Mac OS. Systems running unsupported operating systems are more vulnerable to exploitation.
  • Unsupported Software - The Unsupported Software chapter provides details on software that is no longer supported by the vendor. Coverage is provided for all currently unsupported versions of Windows, Linux, Unix and Mac OS. Systems running unsupported software are more vulnerable to exploitation.
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.