Vulnerability scanning and reporting are essential steps in evaluating and improving the security of a network. This report presents extensive data about detected vulnerabilities, their origin, and mitigation solutions required to remove them. Tenable.io can use this data to help security teams coordinate their risk mitigation efforts more effectively. By providing live discovery and continuous visibility of assets, Tenable.io helps teams accurately represent and communicate cyber risk to the business.
The information in this report is first summarized by host and severity to give a condensed snapshot of an organization’s attack surface. This glance at the current state of assets provides a solid overview for mitigation planning. Knowing which assets pose the greatest risk enables the establishment of vulnerability mitigation efforts to efficiently reduce that risk.
Understanding vulnerabilities in exact detail is important for both knowing how to mitigate risk and understanding how assets can be exploited. The detailed list presented in this report gives exact detail on vulnerabilities including how they were discovered, what about them is publicly known, and how to mitigate them. Each asset can be assessed and addressed using this detailed vulnerability information when planning risk mitigation.
Cyber Exposure helps analysts drive a new level of dialogue with the business. By knowing which areas of the business are secure or exposed, analysts can effectively measure the organization's cyber risk. Analysts can use the metrics provided by Tenable.io to determine how much and where to invest in order to reduce risk to an acceptable amount. Tenable.io is the first Cyber Exposure solution that provides key risk metrics that organizations need to measure risk exposure.
Executive Summary - This chapter offers a look at the assets that pose the greatest risk, and a look at the number of assets with severe vulnerabilities. This information can be used as a starting point when identifying areas of risk by displaying the assets that require the most attention. Assets presented at the top of this summary have the greatest impact on risk reduction.
Vulnerabilities by Host - This chapter provides a detailed by-asset list that contains all of the information for every vulnerability on those assets. This data explains how a vulnerability was discovered during a scan, how that vulnerability can be used to attack an asset, and what solution is required to mitigate the risk. Administrators can refer to all of this information when performing their mitigation steps and consequently easily reduce environmental risk.