by Cesar Navas
January 5, 2016
Monitoring risk is a key responsibility of any security team. By understanding the level of risk a network faces, security teams can tailor mitigation and hardening strategies to be more effective. Nessus provides vulnerability scan information while the Nessus Network Monitor (NNM) continuously monitors network traffic for potential vulnerabilities. Tenable.sc Continuous View (CV) has the ability to monitor vulnerability information detected by Nessus and NNM.
The Tracking Risk dashboard monitors vulnerability trends on an organization’s network in order to help security teams adjust their mitigation efforts to address specific areas of risk. Increased visibility into the vulnerability status of the network can assist security teams implement effective mitigation strategies. The trend data informs security teams where to focus their efforts in order to better defend their network. By monitoring the change in detected vulnerabilities, security teams can adjust their efforts as needed in order to mitigate the greatest vulnerabilities.
The components in the Tracking Risk dashboard present trend data about detected vulnerabilities on the network. This includes information such as 90-day trends of vulnerabilities by severity, exploitability, CVSS score, and external network connections. Each trend chart calculates their data points every 24 hours to provide the most accurate data possible. Information about vulnerabilities by time range, severity, and exploitability, as well as a trend of unsupported software detections is also included. This dashboard can help an organization understand the vulnerability status of their network and provide insight into areas that may require additional attention.
This dashboard is available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards and assets. This dashboard can be easily located in the Tenable.sc Feed under the category Threat Detection & Vulnerability Assessments. The dashboard requirements are:
- Tenable.sc 4.8.2
- NNM 5.9.1
- Nessus 8.5.1
- This dashboard requires “Full Text Search” to be enabled for each analyzed repository.
Tenable.sc Continuous View (CV) provides continuous network monitoring, vulnerability identification, risk reduction, and compliance monitoring. Nessus is continuously updated with information about advanced threats and zero-day vulnerabilities, and new types of regulatory compliance configuration audits. The Nessus Network Monitor (NNM) performs deep packet inspection to enable discovery and assessment of operating systems, network devices, hypervisors, databases, tablets, phones, web servers, cloud applications, and critical infrastructure. By integrating with Nessus, and NNM, Tenable.sc CV’s continuous network monitoring is able to detect systems and vulnerabilities across the enterprise.
Listed below are the included components:
- Vulnerability Trend – Severity Matrix: This component displays counts of vulnerabilities observed in the past 24 hours, 7 days, and 30 days by severity level and exploitability.
- Tracking Risk – Vulnerabilities by Severity: This line chart displays the trend of vulnerabilities over the past 90 days by severity.
- Tracking Risk – Exploitable Vulnerabilities: This line chart displays the trend of exploitable vulnerabilities over the past 90 days by host type.
- Tracking Risk – Vulnerabilities by CVSS Score: This line chart illustrates the trend of vulnerabilities by CVSS score over the past 90 days.
- Tracking Risk – Unsupported Client Software: This line chart displays the trend of vulnerabilities related to unsupported software over the past 90 days.
- Vulnerability Trend – Internet-Facing Vulnerabilities: This area chart depicts newly detected vulnerabilities on devices that have external network connections.