Presentation is loading. Please wait.

Presentation is loading. Please wait.

Vulnerability Types And How to Use Them.

Published byNeil Price Modified over 8 years ago

Similar presentations

Presentation on theme: "Vulnerability Types And How to Use Them."— Presentation transcript:

1 Vulnerability Types And How to Use Them

2 Vulnerabilities and SecurityCenter
Networks have vulnerabilities! SecurityCenter can display network vulnerability information gathered from multiple sources Nessus scans Passive Vulnerability Scanner (PVS) detections Log Correlation Engine (LCE) detections Compliance checks

3 Active Vulnerabilities
Nessus actively scans the network for vulnerabilities Nessus uses plugins to gather this vulnerability information Plugin type “Active Vulnerabilities” Plugin IDs from to

4 Active Vulnerabilities
Creating an Active Vulnerabilities table…

5 Active Vulnerabilities – Example
Using in a report or dashboard component This component uses additional filters to discover vulnerability to a specific exploit framework…

6 Active Vulnerabilities – Example
Using in an asset Vulnerability types cannot be directly used in assets; instead, use the appropriate range for the plugin ID

7 Active Vulnerabilities
In general, SecurityCenter shows all vulns that have not been mitigated (Cumulative) For Active Vulnerabilites only, SecurityCenter can display those vulns that have been found to be mitigated (Mitigated)

8 Active Vulnerabilities – Examples
Using the Mitigated source Number of patched vulnerabilities that took 30 days to patch (“Patch Rate”) Number of patches that occurred within the past 30 days (“Patch Date”)

9 Passive Vulnerabilities
The Passive Vulnerability Scanner (PVS) passively detects vulnerabilities based on the traffic seen on the network PVS uses plugins to gather this vulnerability information Plugins type “Passive Vulnerabilities” Plugin IDs from 1 to 10000

10 Passive Vulnerabilities
Creating a Passive Vulnerabilities table…

11 Passive Vulnerabilities – Example
Using in a report or dashboard component This component uses additional filters to discover critical vulnerabilities within the last 7 days…

12 Passive Vulnerabilities – Example
Using in an asset Vulnerability types cannot be directly used in assets; instead, use the appropriate range for the plugin ID

13 Event Vulnerabilities
The Log Correlation Engine (LCE) detects vulnerabilities based on log events gathered from devices and applications on the network LCE uses plugins to gather this vulnerability information Plugin type “Event Vulnerabilities” Plugin IDs from to

14 Event Vulnerabilities
Creating an Event Vulnerabilities table…

15 Event Vulnerabilities – Example
Using in a report or dashboard component This component uses additional filters to discover malware… Note that the Plugin Name text will match anywhere in a plugin’s name and is not case sensitive

16 Event Vulnerabilities – Example
Using in an asset Vulnerability types cannot be directly used in assets; instead, use the appropriate range for the plugin ID

17 Compliance Checks Nessus can be used to run audit scans on the network to measure compliance Failed compliance checks may indicate vulnerabilities High severity = Failed check Informational = Passed check Medium severity = Check must be performed manually, or an advisory SecurityCenter uses plugins to gather this compliance information Plugin type “Compliance” Plugin IDs from and up

18 Creating a Compliance Checks table…

19 Compliance Checks – Example
Using in a report or dashboard component This component uses additional filters to discover specific audit references…

20 Compliance Checks – Example
Using in an asset Vulnerability types cannot be directly used in assets; instead, use the appropriate range for the plugin ID

21 Plugins Screen Plugin type

22 Vulnerabilities and SecurityCenter
Networks have vulnerabilities! SecurityCenter can display network vulnerability information gathered from multiple sources All = Vulnerabilities from all sources Active Vulnerabilities = From Nessus scans Passive Vulnerabilities = From PVS detections Event Vulnerabilities = From LCE detections Compliance = Compliance checks

23 Tenable Customer Support Portal
For Questions Contact Tenable Customer Support Portal

Download ppt "Vulnerability Types And How to Use Them."

Similar presentations

WHEN A VULNERABILITY ASSESSMENT > PENTEST THE ANOMALY.

WHEN A VULNERABILITY ASSESSMENT > PENTEST THE ANOMALY.
3D Tool Examples Dave Breslin (@ Tenable Discussions Forum)

3D Tool Examples Dave Breslin Tenable Discussions Forum)
Standardized Threat Indicators Tenable Formatted Indicator Export Adversary Analysis (Pivoting) Private and Community Incident Correlation ThreatConnect.

Standardized Threat Indicators Tenable Formatted Indicator Export Adversary Analysis (Pivoting) Private and Community Incident Correlation ThreatConnect.
Leveraging Continuous View to Hunt Malware. Why hunt for malware? Scanned services Unauthorized systems Patches Config Unauthorized software Malware Malware.

Leveraging Continuous View to Hunt Malware. Why hunt for malware? Scanned services Unauthorized systems Patches Config Unauthorized software Malware Malware.
Navigating the New SAQs (Helping the 99% validate PCI compliance)

Navigating the New SAQs (Helping the 99% validate PCI compliance)
Using PI to Aggregate & Correlate Security Events to Detect Cyber Attacks Dale Peterson Digital Bond, Inc.

Using PI to Aggregate & Correlate Security Events to Detect Cyber Attacks Dale Peterson Digital Bond, Inc.
Department of Energy PI for Security and Securing PI Dale Peterson Digital Bond, Inc. © 2008 Digital Bond, Inc.

Department of Energy PI for Security and Securing PI Dale Peterson Digital Bond, Inc. © 2008 Digital Bond, Inc.
By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
Breaking Kill Chains A “How To” Guide for SecurityCenter.

Breaking Kill Chains A “How To” Guide for SecurityCenter.
Slide 1 of 10 Job Event Basics A Job Event is the name for the collection of components that comprise a scheduled job. On the iSeries a the available Job.

Slide 1 of 10 Job Event Basics A Job Event is the name for the collection of components that comprise a scheduled job. On the iSeries a the available Job.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
SecurityCenter Reporting Nessus Scan Report. SecurityCenter Reports For customers who use Nessus for vulnerability scanning and then move to SecurityCenter,

SecurityCenter Reporting Nessus Scan Report. SecurityCenter Reports For customers who use Nessus for vulnerability scanning and then move to SecurityCenter,
MessageOps Monitor. Communication apps are mission critical But how do you ensure high service levels when they run in the cloud?

MessageOps Monitor. Communication apps are mission critical But how do you ensure high service levels when they run in the cloud?
Vulnerability Assessments with Nessus 3 Columbia Area LUG January 10 2007.

Vulnerability Assessments with Nessus 3 Columbia Area LUG January
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.

Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.
Controls for Information Security

Controls for Information Security
User Responsibility A “How To” Guide for SecurityCenter.

User Responsibility A “How To” Guide for SecurityCenter.
SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.

SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.

Similar presentations

Ads by Google