Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Security Management Summary Dashboard

by David Schwalenberg
March 23, 2018

If the main objective of patch management is to create a consistently configured environment that mitigates known vulnerabilities and cyber risks, then the purpose of a vulnerability management system is to identify the vulnerabilities and cyber risk that need to be mitigated. In the current corporate environment, managers are realizing the old method of scanning statically deployed systems located  within the borders of the network, is no longer  sufficient. There is a gap in the way risks are detected, where they reside, and if they can be scanned.  

Tenable.io is the first Cyber Exposure platform that enables managers to close the Cyber Exposure Gap by collecting data from the traditional systems, remote agents, containers, and web applications. This dashboard provides managers with a series of vulnerabilities and cyber risks that can be mitigated first. Armed with critical information about the priority of vulnerabilities on the network, the manager now works with other teams to implement the changes.

As managers plan out their mitigation strategies, they are often required to work within the body of a change control program.  As the size of the organization grows, so does the complexity of applying patches and mitigating risks. The change management program requires a lot of detailed information about the patch that is being applied, such as severity, CVE, and other related information. A  manager is required to look for this information, but many times there is not a single place to look for the information. Tenable.io uses this dashboard to correlate this vulnerability information into an easy to understand location. The tables and charts in this dashboard provide the most impacting vulnerabilities grouped using different metrics that matter most to managers.  

The cyber exposure life cycle allows  managers to learn about their network in strategic and comprehendible steps. The data collected by Tenable.io provides essential knowledge of status of the risk management within the network.  Tenable.io gives managers the information needed about the network to plan for operations to mitigate risk. As the vulnerability information is identified,  mangers can monitor the network to ensure problems are fixed, and risks are mitigated. 

Widgets on this Dashboard:

Most Common Operating Systems: This chart gives management a percentage of the different operating systems found within the environment, assisting with task and remediation planning. Managers can use this information to get an idea of how many work hours would be required based on asset volume when creating remediation tasks.

Most Common Ports: This chart aids managers in knowing which network ports have been open the most during scans. Knowing which ports have been detected as open gives managers a view into network traffic lanes and provides a strong overview of an organization’s network attack surface.

Most Vulnerable Windows Hosts: This table displays the top ten most vulnerable Windows systems, sorted by total vulnerabilities. This host analysis assists managers in measuring risk and prioritizing remediation tasks. Managers can provide a clear directive based on analysis of the detected vulnerabilities. As remediation tasks are completed, this table will continually display the most vulnerable Windows systems, even down to a low severity level.

Most Vulnerable Linux Hosts: This table displays the top ten most vulnerable Linux/Unix systems, sorted by total vulnerabilities. This host analysis assists managers in measuring risk and prioritizing remediation tasks. Managers can provide a clear directive based on analysis of the detected vulnerabilities. As remediation tasks are completed, this table will continually display the most vulnerable Linux and Unix systems, even down to a low severity level.

Most Common CVEs: This chart shows vulnerability CVE percentages, enabling managers to properly measure workload based on the remediation requirements for the most prevalent CVEs. Many CVEs span multiple operating systems or applications, and require specific mitigation efforts. Knowing the prevalence of particular vulnerabilities makes mitigation planning much easier and more efficient.

Top MS Bulletins: This table displays the number of vulnerabilities detected that are grouped by Microsoft Knowledge Base (KB) articles, Security Rollups, and Bulletin IDs. In the spring of 2017, Microsoft changed the way vulnerabilities are reported to using the KB IDs from the MS Bulletins. In addition, there are rollup patches released each patch cycle. All of this information is critical for managers to understand, allowing them to manage patch deployment efforts and provide direction to operation teams.

Category: 
Fix
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.