Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Vulnerability Prioritization with Nessus Cloud

Note:  Nessus Cloud is now a part of Tenable.io Vulnerability Management. To learn more about this application and its latest capabilities, visit the Tenable.io Vulnerability Management web page.


If you’re a security professional, vulnerability prioritization is likely something you deal with frequently. Few, if any organizations ever address 100% of discovered vulnerabilities, as new vulnerabilities come out every day and old vulnerabilities can hide out on unknown and shadow assets or simply never make it to the top of the patching priority list.

Vulnerabilities that don’t get addressed cause problems. In last year’s Data Breach Investigations Report (DBIR), Verizon noted that 99.9% of the exploited vulnerabilities were compromised more than a year after the CVE was published.

Addressing 100% of vulnerabilities 100% of the time is not an achievable goal for most organizations. But being able to prioritize those that pose the highest risk is something that most organizations should be able to accomplish using a solution like Nessus® Cloud. Here are a few tips for using Nessus Cloud to prioritize your vulnerabilities list.

Scoring vulnerabilities with CVSS

The industry standard for communicating the severity of vulnerabilities is the Common Vulnerability Scoring System, or CVSS. The CVSS uses an algorithm based on metrics in three different areas that approximate the ease and impact of exploiting a vulnerability. Our EMEA technical director, Gavin Millard gives a good explanation of the three CVSS scoring areas (base, temporal, environmental) in this on-demand webcast if you’d like to learn more about CVSS.

Addressing 100% of vulnerabilities 100% of the time is not an achievable goal for most organizations

As an industry standard, Nessus Cloud uses CVSS in multiple ways. First, when Nessus Cloud identifies a vulnerability as Critical, High, Medium, Low or Informational, it uses CVSS scores to assign those categories:

Risk information

You can also use the Nessus Cloud Advanced Search capability to identify vulnerabilities with specific CVSS characteristics. For example, many organizations rely on CVSS Base Scores, the metrics that measure how easy it is to access a vulnerability. In Advanced Search, it’s easy to identify vulnerabilities cataloged on your network that have a CVSS Base Score of 7.5 or higher. This search would list all of the High severity vulnerabilities:

Advanced Search by CVSS

Additional search filters

CVSS provides a number you can associate with each vulnerability; but by using Advanced Search, there are a few other search filters that provide additional context from the mountain of vulnerabilities.

Tenable announced several of these advanced search filters for Nessus Cloud last year. One of my favorites is the In the News filter. Your CISO may have just read about a big new vulnerability, such as Heartbleed, Shellshock, or Ghost, that has caught the attention of the media. The In the News filter can identify these high profile vulnerabilities and therefore help your security team mitigate the newsworthy questions so that when asked, you can confidently state that you have taken care of the big vulnerability that’s making headlines.

Advanced Search for vulnerabilities in the news

Identifying vulnerabilities on specific assets - or not

Earlier this year, Asset Lists and Exclusions were introduced in Nessus Cloud. Asset Lists are a way to organize hosts into groups. For example, hosts that fall under the same compliance area could be placed into a list, such as all hosts that fall under PCI DSS. Asset Lists have several benefits. You can scan similar assets using the most appropriate scan policies and frequencies. Asset lists also make it easier to share vulnerability information with the appropriate business group, which can simplify the remediation process.

Assets Lists can also be useful if and when you need to scan specific assets at a specific time. For example, you might want to scan all your PCI assets immediately before an annual PCI audit.

On the other hand, Exclusions enable you to restrict the scanning of specific hosts based on a given schedule. If there is a situation where one or many hosts do not need to be included in a scan, you can omit them and simplify your vulnerability results.

Dashboards

While CVSS, Advanced Search Filters, Asset Lists, and Exclusions are all useful ways to prioritize vulnerabilities, sometimes you just need to see the big picture. To accomplish this, Nessus Cloud offers dashboards that provide a graphical representation of vulnerability trending data over time.

You can use the dashboards to quickly get an overall view of vulnerabilities in your environment as well as to identify if you are meeting goals and policies set forth by your organization. Let’s say your organization has a policy that it will not tolerate more than 25 critical vulnerabilities open at any time. In the example below, even though there are 19 critical vulnerabilities open, you know you’re within policy; so maybe you could mix some vulnerability remediation work with another important project instead of just focusing on remediation efforts.

Dashboard overview of vulnerabilities in your system

This same dashboard helps you track how long vulnerabilities have been open. As I noted earlier, last year’s Verizon DBIR highlighted how often old vulnerabilities end up being the path attackers take to gain access to networks. The dashboard could help you identify critical vulnerabilities that could lead to actual breaches.

Starting with the dashboard, you can access an interactive list of all vulnerabilities that are more than 30 days old and easily drill down to details for a specific host exhibiting an old security hole.

Dashboard - how long vulnerabilities have been open

Try Nessus Cloud

Nessus Cloud provides insight into the vulnerabilities on your network that should be given your immediate attention

If you aren’t already using Nessus Cloud and would like to try any of these vulnerability prioritization techniques, you can request a free Nessus Cloud evaluation. Try out the ideas from this article and see even more ways that Nessus Cloud provides insight into the vulnerabilities on your network that should be given your immediate attention.

Continue the vulnerability prioritization conversation on Tenable’s Discussion Forums at https://community.tenable.com/welcome, or on Twitter @TenableSecurity.

Thanks to Diane Garey for assisting with this blog.

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training