Vulnerability Types And How to Use Them.

Slides:



Advertisements
Similar presentations
WHEN A VULNERABILITY ASSESSMENT > PENTEST THE ANOMALY.
Advertisements

3D Tool Examples Dave Breslin Tenable Discussions Forum)
Standardized Threat Indicators Tenable Formatted Indicator Export Adversary Analysis (Pivoting) Private and Community Incident Correlation ThreatConnect.
Leveraging Continuous View to Hunt Malware. Why hunt for malware? Scanned services Unauthorized systems Patches Config Unauthorized software Malware Malware.
Navigating the New SAQs (Helping the 99% validate PCI compliance)
Using PI to Aggregate & Correlate Security Events to Detect Cyber Attacks Dale Peterson Digital Bond, Inc.
Department of Energy PI for Security and Securing PI Dale Peterson Digital Bond, Inc. © 2008 Digital Bond, Inc.
By Hiranmayi Pai Neeraj Jain
Breaking Kill Chains A “How To” Guide for SecurityCenter.
Slide 1 of 10 Job Event Basics A Job Event is the name for the collection of components that comprise a scheduled job. On the iSeries a the available Job.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
SecurityCenter Reporting Nessus Scan Report. SecurityCenter Reports For customers who use Nessus for vulnerability scanning and then move to SecurityCenter,
MessageOps Monitor. Communication apps are mission critical But how do you ensure high service levels when they run in the cloud?
Vulnerability Assessments with Nessus 3 Columbia Area LUG January
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
Nessus – A Vulnerability Scanning Tool SUNY Technology Conference June 2003.
Controls for Information Security
User Responsibility A “How To” Guide for SecurityCenter.
SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.
Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard 12/5/2010Greg Williams CS591.
End of Year Report SecurityCenter. End of Year Report Topics Covered o How to install the End of Year report template o How to modify the report template.
SecurityCenter & Palo Alto Configuration Guide. About this Guide This guide provides an overview of how to get the most from Palo Alto firewalls when.
Finding Exploitable Admin Systems A “How To” Guide for SecurityCenter.
Designed By: Technical Training Department
Security Guidelines and Management
Virtualization and PCI
Using Iterators in Reports
Port Scanning.
Correlations, Alarms and Policies
Malware Hunter How To Guide for SecurityCenter Continuous View™
Intrusion Prevention System. Module Objectives By the end of this module, participants will be able to: Use the FortiGate Intrusion Prevention System.
1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.
MIS Week 6 Site:
Secure Cloud Solutions Open Government Forum Abu Dhabi April 2014 Karl Chambers CISSP PMP President/CEO Diligent eSecurity International.
Standardized Threat Indicators Indicator Export Adversary Analysis (Pivoting) Private and Community Incident Correlation ThreatConnect Intelligence Research.
Using Assets with Dashboards A Guide. About this Guide This guide shows how to create, export, and load a dashboard that requires an asset This guide.
Vulnerability Scan Assessment CS/IT 463 Bryan Dean Jonathan Ammons.
Auditing IT Vulnerabilities IT vulnerabilities are weaknesses or exposures in IT assets or processes that may lead to a business risk or security risk.
The Real Deal With SIM/SEM The Promise of Security Information / Event Management Scott Sidel Sr. Security Manager Computer Sciences Corp.
MIS Week 6 Site:
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.
Definition s a set of actions taken to prevent or minimize adverse consequences to assets an entity of importance a weakness in the security system to.
Retina Network Security Scanner
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
SecurityCenter & Palo Alto Configuration Guide. About this Guide This guide provides an overview of how to get the most from Palo Alto firewalls when.
Software for Cyber Hygiene © 2014 Project Lead The Way, Inc.Computer Science and Software Engineering.
1 eCoRepair New Release Slide Expanded view of Circuit Details Change to Circuit Looping text4 View of closed faults up to 30 days old5 - 7 Minor.
Using Find / Update in SecurityCenter Reports A “How To” Guide for SecurityCenter.
© CounterSnipe – April 2015 TM CounterSnipe – Network Security Welcome Amar Rathore.
Role Of Network IDS in Network Perimeter Defense.
How to Mitigate Stay Safe. Patching Patches Software ‘fixes’ for vulnerabilities in operating systems and applications Why Patch Keep your system secure.
NESSUS. Nessus Vulnerability Scanner Features: Ease of use Deep Vulnerability Analysis Discover network based and local vulnerabilities Perform configuration.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Gaspar Modelo-Howard NEEScomm Cybersecurity Software Engineer Saurabh Bagchi NEEScomm Cybersecurity Officer.
Palindrome Technologies all rights reserved © 2016 – PG: Palindrome Technologies all rights reserved © 2016 – PG: 1 Peter Thermos President & CTO Tel:
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
September 20, 2016 How to Defend Your Organization from a Cyber Breach LTC Tim Bloechl (U.S. Army, Ret.) Director, Cyber Security Business.
OIT Security Operations
C IBM Security QRadar SIEM V7.2.6 Associate Analyst
Critical Security Controls
Automating Security Frameworks
CITA 352 Chapter 5 Port Scanning.
Nessus Vulnerability Scan
Intro to Ethical Hacking
Shifting from “Incident” to “Continuous” Response
Tracking Circuit Boards
Using a Nessus Scanner on a
Presentation transcript:

Vulnerability Types And How to Use Them

Vulnerabilities and SecurityCenter Networks have vulnerabilities! SecurityCenter can display network vulnerability information gathered from multiple sources Nessus scans Passive Vulnerability Scanner (PVS) detections Log Correlation Engine (LCE) detections Compliance checks

Active Vulnerabilities Nessus actively scans the network for vulnerabilities Nessus uses plugins to gather this vulnerability information Plugin type “Active Vulnerabilities” Plugin IDs from 10001 to 799999

Active Vulnerabilities Creating an Active Vulnerabilities table…

Active Vulnerabilities – Example Using in a report or dashboard component This component uses additional filters to discover vulnerability to a specific exploit framework…

Active Vulnerabilities – Example Using in an asset Vulnerability types cannot be directly used in assets; instead, use the appropriate range for the plugin ID

Active Vulnerabilities In general, SecurityCenter shows all vulns that have not been mitigated (Cumulative) For Active Vulnerabilites only, SecurityCenter can display those vulns that have been found to be mitigated (Mitigated)

Active Vulnerabilities – Examples Using the Mitigated source Number of patched vulnerabilities that took 30 days to patch (“Patch Rate”) Number of patches that occurred within the past 30 days (“Patch Date”)

Passive Vulnerabilities The Passive Vulnerability Scanner (PVS) passively detects vulnerabilities based on the traffic seen on the network PVS uses plugins to gather this vulnerability information Plugins type “Passive Vulnerabilities” Plugin IDs from 1 to 10000

Passive Vulnerabilities Creating a Passive Vulnerabilities table…

Passive Vulnerabilities – Example Using in a report or dashboard component This component uses additional filters to discover critical vulnerabilities within the last 7 days…

Passive Vulnerabilities – Example Using in an asset Vulnerability types cannot be directly used in assets; instead, use the appropriate range for the plugin ID

Event Vulnerabilities The Log Correlation Engine (LCE) detects vulnerabilities based on log events gathered from devices and applications on the network LCE uses plugins to gather this vulnerability information Plugin type “Event Vulnerabilities” Plugin IDs from 800000 to 899999

Event Vulnerabilities Creating an Event Vulnerabilities table…

Event Vulnerabilities – Example Using in a report or dashboard component This component uses additional filters to discover malware… Note that the Plugin Name text will match anywhere in a plugin’s name and is not case sensitive

Event Vulnerabilities – Example Using in an asset Vulnerability types cannot be directly used in assets; instead, use the appropriate range for the plugin ID

Compliance Checks Nessus can be used to run audit scans on the network to measure compliance Failed compliance checks may indicate vulnerabilities High severity = Failed check Informational = Passed check Medium severity = Check must be performed manually, or an advisory SecurityCenter uses plugins to gather this compliance information Plugin type “Compliance” Plugin IDs from 1000001 and up

Creating a Compliance Checks table…

Compliance Checks – Example Using in a report or dashboard component This component uses additional filters to discover specific audit references…

Compliance Checks – Example Using in an asset Vulnerability types cannot be directly used in assets; instead, use the appropriate range for the plugin ID

Plugins Screen Plugin type

Vulnerabilities and SecurityCenter Networks have vulnerabilities! SecurityCenter can display network vulnerability information gathered from multiple sources All = Vulnerabilities from all sources Active Vulnerabilities = From Nessus scans Passive Vulnerabilities = From PVS detections Event Vulnerabilities = From LCE detections Compliance = Compliance checks

Tenable Customer Support Portal For Questions Contact Tenable Customer Support Portal

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.