If the main objective of patch management is to create a consistently configured environment that mitigates known vulnerabilities and cyber risks, then the purpose of a vulnerability management system is to identify the vulnerabilities and cyber risk that need to be mitigated. In the current corporate environment, managers are realizing the old method of scanning statically deployed systems located within the borders of the network, is no longer sufficient. There is a gap in the way risks are detected, where they reside, and if they can be scanned.
Tenable.io is the first Cyber Exposure platform that enables managers to close the Cyber Exposure Gap by collecting data from the traditional systems, remote agents, containers, and web applications. This dashboard provides managers with a series of vulnerabilities and cyber risks that can be mitigated first. Armed with critical information about the priority of vulnerabilities on the network, the manager now works with other teams to implement the changes.
As managers plan out their mitigation strategies, they are often required to work within the body of a change control program. As the size of the organization grows, so does the complexity of applying patches and mitigating risks. The change management program requires a lot of detailed information about the patch that is being applied, such as severity, CVE, and other related information. A manager is required to look for this information, but many times there is not a single place to look for the information. Tenable.io uses this dashboard to correlate this vulnerability information into an easy to understand location. The tables and charts in this dashboard provide the most impacting vulnerabilities grouped using different metrics that matter most to managers.
The cyber exposure life cycle allows managers to learn about their network in strategic and comprehendible steps. The data collected by Tenable.io provides essential knowledge of status of the risk management within the network. Tenable.io gives managers the information needed about the network to plan for operations to mitigate risk. As the vulnerability information is identified, mangers can monitor the network to ensure problems are fixed, and risks are mitigated.
Widgets on this Dashboard:
Most Common Operating Systems: This chart gives management a percentage of the different operating systems found within the environment, assisting with task and remediation planning. Managers can use this information to get an idea of how many work hours would be required based on asset volume when creating remediation tasks.
Most Common Ports: This chart aids managers in knowing which network ports have been open the most during scans. Knowing which ports have been detected as open gives managers a view into network traffic lanes and provides a strong overview of an organization’s network attack surface.
Most Vulnerable Windows Hosts: This table displays the top ten most vulnerable Windows systems, sorted by total vulnerabilities. This host analysis assists managers in measuring risk and prioritizing remediation tasks. Managers can provide a clear directive based on analysis of the detected vulnerabilities. As remediation tasks are completed, this table will continually display the most vulnerable Windows systems, even down to a low severity level.
Most Vulnerable Linux Hosts: This table displays the top ten most vulnerable Linux/Unix systems, sorted by total vulnerabilities. This host analysis assists managers in measuring risk and prioritizing remediation tasks. Managers can provide a clear directive based on analysis of the detected vulnerabilities. As remediation tasks are completed, this table will continually display the most vulnerable Linux and Unix systems, even down to a low severity level.
Most Common CVEs: This chart shows vulnerability CVE percentages, enabling managers to properly measure workload based on the remediation requirements for the most prevalent CVEs. Many CVEs span multiple operating systems or applications, and require specific mitigation efforts. Knowing the prevalence of particular vulnerabilities makes mitigation planning much easier and more efficient.
Top MS Bulletins: This table displays the number of vulnerabilities detected that are grouped by Microsoft Knowledge Base (KB) articles, Security Rollups, and Bulletin IDs. In the spring of 2017, Microsoft changed the way vulnerabilities are reported to using the KB IDs from the MS Bulletins. In addition, there are rollup patches released each patch cycle. All of this information is critical for managers to understand, allowing them to manage patch deployment efforts and provide direction to operation teams.