Malware presents a risk to any organization and comes packaged in many forms. Malware can exploit weaknesses and vulnerabilities to make software or hardware perform actions not originally intended. Vulnerabilities can also be widely exploited shortly after publication as malware authors reverse engineer the fix and develop "1-day exploits" that can be used to attack organizations. Tenable.io easily identifies assets most vulnerable to malware and other exploitation frameworks. This dashboard provides the necessary context to understand which assets are vulnerable to malware exploitation. Organizations can better communicate cyber risk to the business by supplying context and associated metrics.
Organizations can use the dashboard to gain operational awareness of assets on the network with exploitable vulnerabilities. Analysts need to prioritize vulnerability remediation or mitigation, depending on risk. Focusing on vulnerabilities that are actively being exploited by malware helps to reduce the risk to the organization and provides guidance on which vulnerabilities to remediate first. Vulnerabilities can also be exploited through common software applications. Products such as Metasploit, Core Impact, and exploits listed in ExploitHub can be used by anyone to perform attacks against vulnerabilities. Vulnerabilities that can be exploited through these means are highlighted in this dashboard.
Modern ransomware and malware can be initially developed with the assistance of an exploit framework. This dashboard provides some context on exploitability using frameworks such as CANVAS or Core Impact.
Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable.io discovers and analyzes assets continuously to provide an accurate and unified view of an organization’s security posture.
Vulnerabilities Exploitable by Malware Summary - This widget displays a summary of vulnerabilities that are exploitable by malware.
Top 100 Vulnerabilities Exploitable by Malware - This widget presents the top 100 vulnerabilities that have been identified to be exploitable by malware. The table is sorted by the total host column, which counts the total systems affected by the specific vulnerability.
Exploitable by Framework - This widget provides a summary of exploitable vulnerabilities by framework. Exploitation framework tools are designed to detect and exploit software and hardware vulnerabilities in target systems. This matrix helps the security team to narrow their focus and discover risks that may require prioritization over other vulnerabilities.
Top 100 Malware Vulnerable Assets - This widget provides a list of assets with vulnerabilities that are known to be exploitable by malware.