Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Web Services Dashboard

by Ryan Seguin
November 14, 2017

There are an increasing number of services across enterprises that are becoming web connected, but not all web services are secure. Organizations need to know what web services are operating in the environment in order to understand their vulnerability status. This dashboard provides insight into the web services in the environment and the vulnerabilities associated with them.

 

Within the Cyber Exposure lifecycle, assessment and analysis aim to bring down overall effort and time spent on reducing cyber risk. The information on this dashboard serves to give an informative overview of discovered vulnerabilities and web services. Organized and well labeled data points aim to give focus for any organization seeking to expedite the assessment of their assets.

Organizations can see vulnerabilities based on ports, outgoing network traffic, and web services that are present with known vulnerabilities. This allows for focused asset analysis through an understanding of vulnerability type, before the analysis phase even begins. Therefore, even with the wide array of threats that can be posed by web services, this dashboard should close an organizations cyber gap more quickly while performing their Cyber Exposure practice.

Cyber Exposure helps analysts drive a new level of dialogue with the business. By knowing which areas of the business are secure or exposed, analysts can effectively measure the organization's cyber risk. Analysts can use the metrics provided by Tenable.io to determine how much and where to invest in order to reduce risk to an acceptable amount. Tenable.io is the first Cyber Exposure solution that provides the key risk metrics that organizations need to measure risk exposure.

Components:

WEB SERVER VULNERABILITIES BY PLUGIN FAMILY

Assets can sometimes have multiple web facing services, which can in turn be affected by multiple vulnerabilities. This component maps out the vulnerabilities found in assets by their plugin families. This allows analysts to see which vulnerabilities need to be addressed first and which services those vulnerabilities affect.

WEB SERVICES VULNERABILITIES BY PORT

From web pages to VPNs, vulnerabilities can appear across all assets. This component maps out the different web service ports that have vulnerabilities present and correlates that data based on the type of service that listens on that port. This data allows analysts to understand which services contain the largest threat relative to the organization's attack surface.

SSL PLUGINS INDICATOR

SSL vulnerabilities concern nearly every modern asset. This component highlights the common and high profile SSL issues that organizations face today. This allows analysts to understand which SSL vulnerabilities affect them and which of those vulnerabilities poses the greatest threat.

WEB SERVICES INDICATOR

The number of assets that host different kinds of web services is ever growing. Some assets may have web services built into their default listening services. This component identifies the most common services so that analysts can correlate  which assets correspond with different services on their network.

Category: 
Analyze
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,190.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security