Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Exploitable Framework Analysis

by Steve Tilson
March 23, 2018

Exploitability ease grows every day as attacks are made public, and those exploits are then imported into various tools and services.  With most common exploit frameworks being free or easy to obtain, security technicians must always be aware of adversaries that may use these frameworks.  By understanding an exploit’s source tool, and the most common targets, security technicians can make effective plans to reduce risk to the organization.

The Cyber Security Framework (CSF) category ID.RA (Risk Assessment) provides guidance to organizations on understanding cyber risk and helps to define actions the security operations team should conduct. ID.RA-1 calls for the security technicians to implement National Institute of Standards and Technology (NIST) 800-53 control CA-8 Penetration Testing.  The control states “Penetration testing is a specialized type of assessment conducted on information systems or individual system components to identify vulnerabilities that could be exploited by adversaries.” To aid in this specialized assessment some security teams will utilize exploitation frameworks such as Core Impact, Canvas or others. Tenable.io aids the organization in identifying which vulnerabilities are exploitable by different frameworks.  This dashboard provides the security technicians with a centralized view of which frameworks are most commonly found on vulnerabilities in their network.

When analyzing the vulnerability status of a network, security teams need to understand the different vulnerability attributes and metrics available through Tenable.io. Within this dashboard there are several attributes that help communicate the exploitability and the framework to which exploitability is already available. In addition to the exploitable attributes, other attributes are used such as plugin family and vulnerability state. After using the dashboard to drill down into the Vulnerability Workbench, there are other attributes such as CPE, In The News, and CVSS Vectors.  Each of these filters helps the security team to narrow the focus and discover risks that may require a higher priority over other vulnerabilities.  

Cyber Exposure will help security technicians drive a new level of dialogue with the business. By knowing which areas of the network have exploitable systems, the security team is able to effectively measure the organization's cyber risk. Technicians can use the metrics provided by Tenable.io to determine how to plan testing and patching, in order to reduce risk to an acceptable amount. Tenable.io is the first Cyber Exposure solution that provides key risk metrics that organizations need to measure risk exposure.

The following widgets are included on this dashboard:

Exploitable by Framework - This widget provides a summary of exploitable vulnerabilities by framework. Exploitation framework tools are designed to detect and exploit software and hardware vulnerabilities in target systems. This matrix helps the security team to narrow the focus and discover risks that may require a higher priority over other vulnerabilities.

New Exploitable Hosts - Vulnerabilities marked as new have not been seen before on an asset. A vulnerability can be marked as new if that vulnerability had not been discovered before in a scan, or if that vulnerability was recently published and discovered on a new scan. This allows technicians to see previously secure assets with new exploitable vulnerabilities.

Top Exploitable Linux HostsThis widget displays a list of the top Linux/Unix assets that have exploitable vulnerabilities. Security technicians will be able to use this information to focus mitigation efforts by operating system. This allows technicians to notify the asset administrator of the threats posed to their assets.

Exploitable Windows Hosts -This widget displays a list of the top Windows assets that have exploitable vulnerabilities. Security technicians will be able to use this information to focus mitigation efforts by operating system. This allows technicians to notify the asset administrator of the threats posed to their assets.

Category: 
Analyze
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,190.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.