Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Prioritize Assets Report

by Cody Dumont
October 11, 2017

Prioritize Assets Report

Organizations that embrace Cyber Exposure are learning a new discipline on how to manage and measure their cyber risk across traditional assets and non-traditional assets such as container security, cloud services and web applications. As the organization learns about Cyber Exposure they are better empowered to accurately understand, represent and ultimately reduce their cyber risk against the rapidly changing modern attack surface. The CISO often asks the operations team and security administrators these common questions:

  • What systems need attention now? 
  • What systems can be safely ignored for the time being? 

CISO’s have the responsibility to translate a mountain of security data to understand the risk exposure of the organization. This report helps by providing four tables that provide the top 10 most vulnerable systems as determined by different metrics. Each table displays the vulnerability summary for each asset and is sorted using total vulnerabilities. The tables take samples of the currently accessed assets by first examining the exploitable hosts, followed by web services and lastly with two tables focusing on vulnerabilities common desktops.  This overall view provides risk managers and system administrators with a list of systems that require an immediate focus, and provides leadership with easy to understand and evaluate Top 10 lists. 

While assisting the CISO, the report also is beneficial to the security team and system administrators to help them understand possible gaps in patch cycles and coverage in mitigation strategies. The security team can add target groups to the report template and report to different asset managers on the risk to their specific areas of concern. System administrators can take the same reports as actionable items to help set the priority of corrective actions and mitigation strategies. Overall, this report is beneficial to several groups within the organization to better reduce cyber risk. 

Cyber Exposure will help the CISO drive a new level of dialogue with the business. By knowing which areas of the business are secure or exposed, the CISO can effectively measure the organization's Cyber Risk. The CISCO can use the metrics provided by Tenable.io to determine how much and where to invest to reduce risk to an acceptable amount and help drive strategic business decisions. Tenable.io is the first Cyber Exposure solution and provides key risk metrics that organizations need to measure risk exposure. 

Tables

The Top Assets with Exploitable Vulnerabilities table presents an overview of the top assets with exploitable vulnerabilities. Information is gathered from Tenable.io, and is sorted by total vulnerabilities so that the most vulnerable asset is presented at the top. For each asset, the IP address, DNS name, total count, and a vulnerability bar are displayed. 

The Top Assets Running Vulnerable Web Servers table includes a summary of the top assets running vulnerable web servers. Vulnerabilities are detected both actively and passively. Data is filtered using the Web Servers plugin family, and is sorted so that most vulnerable web server is at the top. For each asset, the IP address, DNS name, total count, and a vulnerability bar are displayed.

The Top Assets with Java Vulnerabilities table presents an overview of the top assets that have actively or passively detected Java vulnerabilities. Data is filtered using the keyword “java” to find plugins that detect Java vulnerabilities. Information is sorted so that most vulnerable asset is at the top, and includes IP address, DNS name, total count, and a vulnerability bar for each asset.

The Top Assets with Adobe Vulnerabilities table displays the top assets on the network that have detected Adobe vulnerabilities. The list is sorted so that the host with the worst Adobe vulnerabilities is at the top. A count of vulnerabilities and a bar graph indicating the severity of the vulnerabilities are given for each asset. Use this table to determine the assets with the most Adobe vulnerabilities on the network. In the component filter, the Plugin Name is set to the 'adobe' keyword to find plugins that detect Adobe vulnerabilities. 

Category

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training