Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

How Exploitable Are You?

As part of the vulnerability management team I am often asked, “Just how exposed are we to the vulnerabilities in this report?” Thinking about the question, I like to first understand the relationship between vulnerability and exploitability. Next, I want to understand the likelihood a vulnerability can be exploited. From these two steps, I can begin to communicate the exploitability of our assets to management and data owners. Tenable.io helps you better understand the question “How Exploitable are You” by the data presented in the Exploitable by Malware dashboard.

Exploitable by Malware Dashboard

Vulnerabilities

In computer security, a vulnerability is a weakness that enables a malicious or unsuspecting user to gain access to privileged or unauthorized information. In the simplest form, a misconfiguration of file level permissions can grant unauthorized users access to a file, folder, application, or service that is unauthorized. In a more complex example, chunks of uninitialized memory may be mixed with valid data as discovered in Cloudflare services. Regardless of how simple or complex the vulnerability, the question quickly becomes can the vulnerability be exploited?

Exploits

An exploit is a piece of software, string of data, or series of commands that can be used to cause some unintended or unanticipated behavior of a computer system. The development of code used to exploit systems can be very difficult to develop in some cases and in others very simple.

Frameworks

Several well known security researchers decided that to truly test and understand the nature of exploiting a vulnerability, a framework was needed. A framework is an abstraction in which the foundation of the software provides the generic functionality, and users can write code modules to perform specific tasks. In this case, the developers of Metasploit, Core Impact and several others created a framework to leverage common attack techniques and delivery methods, while the users of the framework create the actual exploits. These frameworks can be used by inexperienced attackers to create an attack that may look much more sophisticated, because most of the hard work has been created by the framework. Once you understand how to leverage the framework to exploit a buffer overflow, replicating the attack can seem trivial. As the frameworks become more popular, the industry is seeing a rise in malware code that may have been developed using different frameworks.

The Tenable.io solution

Tenable.io can easily identify systems that are more exploitable than other systems Tenable.io™ can easily identify systems that are more exploitable than other systems. There are several exploitability-related search fields, along with several fields that are related to common exploit frameworks. When using the Workbench, you can select the Advanced link and then add filters :

Filter for exploitability

Now that you are able to identify the assets that are the most exploitable, you can determine if the systems are exploitable by known malware or by exploit frameworks. The field called Exploitable by Malware means that the exploit is known to exist in the wild. When performing the threat analysis, I like to include this as a key factor in assessing the risk to the asset. When identifying the assets that are exploitable by malware, I try to understand why the asset has not been patched. All too often, systems are not getting patched due to inconsistent patch cycles, inadequate patch management solutions, and overall lack of understanding about how the applications process data. Gaining an understanding of an application’s business function and criticality to overall business needs will lead to a more successful vulnerability management program.

Recently, in a discussion session with a university customer, we identified over 50 servers that have been running for over 4 years with no notable user activity. We reviewed the vulnerability state of these systems, and they were not only exploitable by malware, but also by many of the exploit frameworks. As we discussed how these systems could be either patched or removed, we began to see a bigger problem in the network. Many of the servers that were running, were either underutilized or not used at all. We then discussed the mitigation strategies with IT operations and received a lot of pushback based on the fact that none of the current admins knew why the systems were online and who owned the systems. The customer ultimately choose to implement a lengthy review process with all department heads in an attempt to establish ownership.

Regardless of your approach to mitigating risks identified by Tenable.io﹘by applying patches, configuring mitigation controls, or operating system hardening﹘the first step is to clearly qualify the risks into actionable tasks and deliverables. Tenable.io provides information security professionals with the tools and resources needed to perform a detailed qualitative analysis of the risk that threatens business assets. The Exploitable by Malware dashboard provides insight into your current risk exposure to exploitable vulnerabilities for both malware and exploit frameworks.

The Exploitable by Malware dashboard provides insight into your current risk exposure to exploitable vulnerabilities for both malware and exploit frameworks

Try Tenable.io

Tenable.io provides accurate information on how well your organization is addressing security risks, and helps track improvements over time. Get a free trial of Tenable.io Vulnerability Management for 60 days.

 

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training