Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Outstanding Remediation Tracking Dashboard

by Ryan Seguin
November 2, 2017

New digital platforms and development shifts made the move from concept to capability rapid. Tracking updates for the constantly changing landscape of assets is important, and understanding your legacy code and asset footprint is paramount. This dashboard focuses on an organization’s legacy patches and assets to reduce management overhead and reactive firefighting. An organization can also identify parts of their network that have been missed by patching cycles, or where traditional mitigation methods no longer apply.

As networks expand daily with additional assets, maintaining continuous visibility , and to what extent is crucial. As time passes, assets grow and shrink in their risk scope, and that risk mostly comes from outdated and unpatched vulnerabilities. Even with rigorous risk management practices, assets are often missed.  This dashboard serves to give a clear snapshot of  which assets have fallen behind. 

As assets age, so too does the process that secures them, and that process needs to evolve to stay ahead of legacy threats. In addition to identifying which assets have been missed by the organization’s mitigation strategies, EoL (End of Life) assets may pose the greatest risk. Any assets labeled as EoL are no longer receiving security updates or  support by the vendor, which in turn sets a permanent bottom line to an organization’s Cyber Exposure gap. 

Cyber Exposure will help analysts drive a new level of dialogue with the business. By knowing which areas of the business are secure or exposed, analysts can effectively measure the organization's cyber risk. Analysts can use the metrics provided by Tenable.io to determine how much and where to invest, in order to reduce risk to an acceptable amount.. Tenable.io is the first Cyber Exposure solution that  provides key risk metrics that organizations need to measure risk exposure. 

Tables:

Outstanding Remediations - Time since Patch Publication: This matrix reflects three key points of risk: total count of missing patches, vulnerability severity, and exploitability ratio. Assets with the largest number of missing patches represents a higher level of mitigation effort and may be the most time consuming to address. Assets with a high exploitability ratio represent a fast lane for attackers.  Removing these vulnerabilities is one of the best ways to reduce risk.

Outstanding Microsoft Remediations - Time since Patch Publication: This matrix reflects three key points of risk for Microsoft systems: total count of missing patches, vulnerability severity, and exploitability ratio. Assets with the largest number of missing patches represents a higher level of mitigation effort, and may be the most time consuming to address. Assets with a high exploitability ratio represent a fast lane for attackers, and removing these vulnerabilities is one of the best ways to reduce risk.

Outstanding Remediations By Device Type: This matrix reflects three key points of risk across different asset types: total count of missing patches, vulnerability severity, and exploitability ratio. Assets with the largest number of missing patches possibly represent a higher level of mitigation effort, and may be the most time consuming to address. Assets with a high exploitability ratio represent a fast lane for attackers, and removing these vulnerabilities is one of the best ways to reduce risk.

End of Life Software Detection: This table provides a look at which assets have reached their end of life from the vendor. All assets in this list will have vulnerabilities that cannot be fixed by the vendor,  therefore can only be mitigated through upgrades or removal. Assets found here that can be upgraded to a higher supported version should be upgraded immediately, as vendors no longer list active vulnerabilities for EoL software. 

Category: 
Fix
Try for Free Buy Now

Try Tenable.io Vulnerability Management

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets
Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Purchase your 1-, 2-, or 3-year license today.