Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Web Services Summary

by Andrew Freeborn
September 7, 2016

Organizations have a need to be competitive and innovative to stay ahead of the industry. Technology can be used to help organizations facilitate a competitive edge. When fused with business processes, innovations in technology can also help partners of organizations to further their own success as well. In many cases, technology and processes shared among organizations occur over the Internet. In order to do business across the Internet, web services need to be available at least on one side of the partnership.

Web services can be simple or complex based on the needs of the organization. Business processes could require many interconnected web services across teams to accomplish a business objective. Complex web services may also involve many different technologies to support a process. As web services become more intricate, the risk of vulnerabilities increases.

When complex or outdated versions of web service technologies are accessible on the Internet, attackers may find these vulnerable web service platforms and exploit them. Analysts need to know about the web services operating within the organization. The Web Services Summary report available within Tenable SecurityCenter uses Tenable Nessus to detect vulnerable web services within the organization. Nessus is able to actively detect and report upon the findings within the network. Active scans performed with credentials can greatly increase the visibility of web service vulnerabilities on each host. Uncredentialed scans of the host may not reveal in-depth detail of each detected web service capability or all of the installed software.

Analysts using this report gain insight into vulnerabilities within well-known web service platforms from vendors such as Apache, IBM, Microsoft, and Oracle. The web service platforms referenced in this report typically have regular security updates that remediate critical and exploitable vulnerabilities. The report provides quick and accurate reference points for analysts to quickly see the impact of vulnerabilities on web services platforms across time.

This report is available in the SecurityCenter Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. The report can be easily located in the SecurityCenter Feed under the category Threat Detection & Vulnerability Assessments. The report requirements are:

  • SecurityCenter 5.4
  • Nessus 6.8.1

Tenable SecurityCenter provides continuous network monitoring, vulnerability identification, and security monitoring. SecurityCenter is continuously updated with information about advanced threats and zero-day vulnerabilities, and new types of regulatory compliance configuration audit files. Tenable constantly analyzes information from our unique sensors, delivering continuous visibility and critical context, enabling decisive action that transforms your security program from reactive to proactive. Active scanning examines the web services on the systems, running processes and services, detection of vulnerable software applications, configuration settings, and additional vulnerabilities. With this information, analysts have greater insight to determine if supported and update to date web service platforms are operating within the organization. Tenable enables powerful, yet non-disruptive, continuous monitoring of the organization to ensure vulnerabilities are available to analysts.

This report contains the following chapters:

  • Executive Summary: Organizations that offer services on the Internet need to be aware of the risks to the supporting web service platforms
  • Web Services Vulnerability Status at a Glance: This chapter provides management with a brief overview of the most critical web services vulnerabilities detected with Tenable Nessus
  • Web Services Detailed Vulnerability Details: This chapter assists analysts by displaying detailed information for common vendors that produce web services platforms
Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, email, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.